Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
pc esta lento, demorando a ligar
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:27, on 20/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Hijack\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.megaware.com.br
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=101416&babsrc=HP_ss&mntrId=242e9e5b000000000000001cc0fe32ab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local;192.168..*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marcus\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{923CF0BB-AD2F-4A18-9EF7-3A1E438138FD}: NameServer = 200.175.5.139,200.175.182.139
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GbPluginCef - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehCef.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Unknown owner - C:\PCT-SAFE\Firebird\Bin\fbguard.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\PCT-SAFE\Firebird\Bin\fbserver.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14149 bytes
http://pjjoint.malekal.com/files.php?read=ZHPDiag_20120820_y10e15g13w10r11
*** [services] ***
*** [Files / Folders] ***
Folder Deleted : C:\Users\Marcus\AppData\Local\APN
Folder Deleted : C:\Users\Marcus\AppData\Local\Babylon
Folder Deleted : C:\Users\Marcus\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Marcus\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Marcus\AppData\Roaming\Babylon
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Deleted : C:\searchplugins\Askcom.xml
File Deleted : C:\user.js
*** [Registry] ***
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
*** [Registre - GUID] ***
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
*** [internet Browsers] ***
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?AF=101416&babsrc=HP_ss&mntrId=242e9e5b000000000000001cc0fe32ab --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Google Chrome v21.0.1180.79
File : C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted : "scriptable_host": [ "://.ask.com/", "://.bagsbuy.com/", "://*.childrenschorus.[...]
Deleted : "matches": [ "://.google.com/", "://.ask.com/", "://.bagsbuy.com/", "://[...]
Deleted : "update_url": "hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manifest.php[...]
Deleted : "explicit_host": [ "hxxp://.facemoods.com/" ],
Deleted : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Deleted : "name": "Facemoods",
Deleted : "permissions": [ "tabs", "cookies", "hxxp://*.facemoods.com/" ],
Deleted : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",
Deleted : "path": "C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.[...]
Deleted : "path": "C:\\Users\\Marcus\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",
*************************
AdwCleaner[s1].txt - [11829 octets] - [20/08/2012 13:53:18]
########## EOF - C:\AdwCleaner[s1].txt - [11958 octets] ##########
Boa Tarde! .matiello
|- Baixe: < ZHPFix.zip >
|- Descompacte-o para o desktop.
|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!
|- Para Windows Vista,desabilite a UAC.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_logo.jpg&key=36deb1b56d9a268ad62852103ef8ad3d00908949d89c903217f56b8157856234" alt="ZHPFix_logo.jpg" /> >> /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/Administrador_Exec.jpg&key=6383735763baddc27c0800e42b63f7bbbf0cb0264f60771d83de22295ca319e5" alt="Administrador_Exec.jpg" />
|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.
|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".
>
[MD5.00000000000000000000000000000000] [APT] [scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) => Toolbar.Ask[MD5.00000000000000000000000000000000] [APT] [{05D1631B-4897-4D37-A0BC-CAF169EDB167}] (...) -- C:\Users\Marcus\Downloads\IRPF2010win32v1.1.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{5B241A4A-7771-43E2-87E5-F3FD4CF2F84A}] (...) -- C:\MARCUS\Adiversos\3DHOME\3DHOME.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{633DF3EA-89BE-4DFE-B733-71AEB64ACFD4}] (...) -- C:\MARCUS\DBASE\DBSETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{68D59038-78BF-4D9F-8358-06EDFC20A1BA}] (...) -- C:\MARCUS\DBASE\DBASE.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{86CA8B94-3765-4DE7-B4C3-9B2B3CF781D5}] (...) -- C:\Users\Marcus\Downloads\jre-6u18-windows-i586-s.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{A3716CA1-6CD1-4A96-B47D-D97E20279C4D}] (...) -- C:\Users\Marcus\Downloads\winstbrz.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B9593D70-3363-47CD-9AEF-06D68B958EE8}] (...) -- C:\Users\Marcus\AppData\Local\Temp\Temp1_balabolka[1].zip\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{F1285689-4246-4112-B03F-325D45CD56C9}] (...) -- C:\MARCUS\Adiversos\.MAR\FRU\SCM.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{352747F2-1390-4438-BA6A-70CC94185FB0}] (...) -- D:\INSTALL.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{7E5501AE-873B-4ECC-82CD-1FD77F6E23D6}] (...) -- D:\Setup.exe (.not file.) => Existe aussi en malware DELF-CA.Troj
SS - | Demand 0 | (X6va005) . (...) - C:\Users\Marcus\AppData\Local\Temp\005D7F9.tmp
SS - | Demand 0 | (X6va006) . (...) - C:\Users\Marcus\AppData\Local\Temp\006AA44.tmp
SS - | Demand 0 | (X6va007) . (...) - C:\Users\Marcus\AppData\Local\Temp\007EC46.tmp
O4 - Global Startup: C:\Users\Marcus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC MEGA RAPIDO PRO.lnk . (...) -- C:\Program Files (x86)\PC MEGA RAPIDO PRO 2.1\pcmega_registro.exe (.not file.)
O43 - CFD: 11/03/2010 - 17:24:24 - [0] ----D C:\Users\Marcus\AppData\Local\Dados de aplicativos
O43 - CFD: 11/03/2010 - 17:24:24 - [0] ----D C:\Users\Marcus\AppData\Local\Histórico
O43 - CFD: 14/06/2011 - 19:11:06 - [0] ----D C:\Users\Marcus\AppData\Local\VHS to DVD
O43 - CFD: 11/07/2012 - 14:21:46 - [0] ----D C:\Users\Marcus\AppData\Local\{0026BD67-8373-4E12-B12C-B0E4737883C7}
O43 - CFD: 28/01/2012 - 18:01:13 - [0] ----D C:\Users\Marcus\AppData\Local\{021A4F13-319F-40C7-A95F-01CE3B5AAF74}
O43 - CFD: 30/01/2012 - 12:13:23 - [0] ----D C:\Users\Marcus\AppData\Local\{023D510A-AE3F-4996-901A-F40A485A2FDE}
O43 - CFD: 10/07/2012 - 12:32:25 - [0] ----D C:\Users\Marcus\AppData\Local\{08347AA0-DDCB-4B5E-8B8D-86987EEE75F9}
O43 - CFD: 14/07/2012 - 12:54:53 - [0] ----D C:\Users\Marcus\AppData\Local\{0A1CE580-32E0-478A-96DD-C60415CEEDD0}
O43 - CFD: 16/06/2011 - 06:38:47 - [0] ----D C:\Users\Marcus\AppData\Local\{0B0CB94A-ADFA-47DA-9D1B-94FED784D076}
O43 - CFD: 13/07/2012 - 09:53:52 - [0] ----D C:\Users\Marcus\AppData\Local\{1E5DEC61-DCE7-41D0-A782-524E67B36260}
O43 - CFD: 05/07/2012 - 10:06:14 - [0] ----D C:\Users\Marcus\AppData\Local\{213D09A8-13A6-453E-9DAC-C6D7152BE7C3}
O43 - CFD: 10/07/2012 - 12:32:14 - [0] ----D C:\Users\Marcus\AppData\Local\{23293C9A-4B58-48BD-B2A7-BD753A046992}
O43 - CFD: 31/07/2012 - 13:28:13 - [0] ----D C:\Users\Marcus\AppData\Local\{2F99C863-D2A1-41F0-B6C1-A89A0C56BCC9}
O43 - CFD: 06/07/2012 - 11:02:27 - [0] ----D C:\Users\Marcus\AppData\Local\{3199EC0A-ADA4-4906-80EF-8599CA22F444}
O43 - CFD: 11/07/2012 - 14:21:57 - [0] ----D C:\Users\Marcus\AppData\Local\{3213BEB9-5331-4895-BC5B-B8EA8A9D6CED}
O43 - CFD: 13/08/2012 - 12:43:33 - [0] ----D C:\Users\Marcus\AppData\Local\{331C2C5B-FBF4-4462-B55A-FF4A98895518}
O43 - CFD: 02/07/2012 - 10:47:47 - [0] ----D C:\Users\Marcus\AppData\Local\{345C314A-ABA8-4924-993B-BD6A4B0C54D0}
O43 - CFD: 12/07/2012 - 12:39:28 - [0] ----D C:\Users\Marcus\AppData\Local\{3A53689F-57BF-4FE0-8EEA-BD8A5A05C218}
O43 - CFD: 02/07/2012 - 10:47:36 - [0] ----D C:\Users\Marcus\AppData\Local\{3BB9653B-844E-4C7F-877C-5679B5E8007A}
O43 - CFD: 16/07/2012 - 18:46:24 - [0] ----D C:\Users\Marcus\AppData\Local\{40BF85FF-30D4-4106-A8C5-86799FB4A841}
O43 - CFD: 15/07/2012 - 16:26:42 - [0] ----D C:\Users\Marcus\AppData\Local\{45AA46D2-AF12-4260-A975-5533A15B9580}
O43 - CFD: 16/07/2012 - 18:46:13 - [0] ----D C:\Users\Marcus\AppData\Local\{4C54CEC4-D369-46F3-87B9-F9D103935D98}
O43 - CFD: 30/07/2012 - 15:37:12 - [0] ----D C:\Users\Marcus\AppData\Local\{4D9796BD-03AE-42E4-95FD-C804896CFA43}
O43 - CFD: 01/08/2012 - 11:36:29 - [0] ----D C:\Users\Marcus\AppData\Local\{4F879DE9-21D8-47FE-BEF4-EB6A075CB566}
O43 - CFD: 30/07/2012 - 15:37:24 - [0] ----D C:\Users\Marcus\AppData\Local\{5194A5E3-C62F-4745-BFD6-BDE655310C3A}
O43 - CFD: 28/01/2012 - 18:00:38 - [0] ----D C:\Users\Marcus\AppData\Local\{5259D497-C550-465A-8E8F-2B37C6E391A3}
O43 - CFD: 25/06/2012 - 19:34:28 - [0] ----D C:\Users\Marcus\AppData\Local\{55B89179-5605-43CB-BDB6-BC3C5AA11CD8}
O43 - CFD: 03/07/2012 - 11:43:23 - [0] ----D C:\Users\Marcus\AppData\Local\{5E5C3B05-37CF-428C-B49C-8217DA3FF0AD}
O43 - CFD: 28/01/2012 - 17:59:54 - [0] ----D C:\Users\Marcus\AppData\Local\{656439C9-0199-44BD-8A08-4AF0CBC9B171}
O43 - CFD: 03/08/2012 - 11:15:48 - [0] ----D C:\Users\Marcus\AppData\Local\{65974CE8-A673-4094-8FC1-EC5753F5DCF5}
O43 - CFD: 05/07/2012 - 10:06:01 - [0] ----D C:\Users\Marcus\AppData\Local\{6AA3D605-2FFA-442F-9623-7F721987C79A}
O43 - CFD: 10/08/2012 - 09:14:45 - [0] ----D C:\Users\Marcus\AppData\Local\{6F3275FB-F034-4217-AFA6-295BFEA4741C}
O43 - CFD: 25/06/2012 - 19:33:58 - [0] ----D C:\Users\Marcus\AppData\Local\{70A3DAAF-1E45-48C3-ABEF-450E06A35AF6}
O43 - CFD: 16/06/2011 - 06:38:59 - [0] ----D C:\Users\Marcus\AppData\Local\{776B1128-FA61-4EE9-AE72-12913C53D79E}
O43 - CFD: 17/07/2012 - 11:05:05 - [0] ----D C:\Users\Marcus\AppData\Local\{7C58520F-6E53-488D-A793-325FB23D5B6F}
O43 - CFD: 06/07/2012 - 11:02:16 - [0] ----D C:\Users\Marcus\AppData\Local\{7C7724E9-85C6-434E-B035-C3696D6CCD6E}
O43 - CFD: 12/07/2012 - 12:39:42 - [0] ----D C:\Users\Marcus\AppData\Local\{87F43280-A27F-49AF-85F0-391AF9828A96}
O43 - CFD: 15/07/2012 - 16:26:31 - [0] ----D C:\Users\Marcus\AppData\Local\{94C79A23-FEFB-4C2A-8687-4F50171AF96B}
O43 - CFD: 14/08/2012 - 14:02:42 - [0] ----D C:\Users\Marcus\AppData\Local\{952F431E-90EA-46FB-8922-F759D3A49854}
O43 - CFD: 29/01/2012 - 19:31:12 - [0] ----D C:\Users\Marcus\AppData\Local\{98C8E5E0-BF2A-474E-A4C6-51253D539ADA}
O43 - CFD: 27/06/2012 - 20:07:10 - [0] ----D C:\Users\Marcus\AppData\Local\{9E46B083-8C09-496F-8759-9936DE4BFF73}
O43 - CFD: 14/08/2012 - 14:02:54 - [0] ----D C:\Users\Marcus\AppData\Local\{A56CB0D6-7375-4D24-A23F-E7973CD10442}
O43 - CFD: 04/08/2012 - 19:20:52 - [0] ----D C:\Users\Marcus\AppData\Local\{AC3175DF-63DB-44FD-9668-1F380C43F253}
O43 - CFD: 31/07/2012 - 13:28:24 - [0] ----D C:\Users\Marcus\AppData\Local\{AD8B0AD6-7BB0-40D7-A4DF-72CF52D1E691}
O43 - CFD: 07/08/2012 - 16:31:52 - [0] ----D C:\Users\Marcus\AppData\Local\{B894A4C2-33B5-468A-AD1F-BD3BB17986FF}
O43 - CFD: 04/08/2012 - 19:21:04 - [0] ----D C:\Users\Marcus\AppData\Local\{BB085EB6-A01E-4034-B7E5-C83915EB2F40}
O43 - CFD: 17/07/2012 - 11:05:17 - [0] ----D C:\Users\Marcus\AppData\Local\{BEE3CBF2-49BB-4719-A268-F7344F943552}
O43 - CFD: 09/07/2012 - 14:13:26 - [0] ----D C:\Users\Marcus\AppData\Local\{C1E761A8-783C-4128-8061-23E0D9D92B61}
O43 - CFD: 10/08/2012 - 09:14:56 - [0] ----D C:\Users\Marcus\AppData\Local\{C683B403-B628-46DD-BFCF-2F126C8931AF}
O43 - CFD: 13/08/2012 - 12:43:22 - [0] ----D C:\Users\Marcus\AppData\Local\{C843573C-2EBC-4DE3-AFE6-96D8299C97DE}
O43 - CFD: 13/07/2012 - 09:53:40 - [0] ----D C:\Users\Marcus\AppData\Local\{CAABF6D5-5C4D-47A2-903E-B09FECD39C9E}
O43 - CFD: 30/01/2012 - 12:13:34 - [0] ----D C:\Users\Marcus\AppData\Local\{CE3B5252-BBB5-4114-B135-5C1619CD47F5}
O43 - CFD: 09/07/2012 - 14:13:15 - [0] ----D C:\Users\Marcus\AppData\Local\{D669F607-931F-44AD-B608-71950C30C958}
O43 - CFD: 14/07/2012 - 12:55:07 - [0] ----D C:\Users\Marcus\AppData\Local\{D9B01E83-7505-467B-A8D9-2012C36A8F66}
O43 - CFD: 01/08/2012 - 11:36:18 - [0] ----D C:\Users\Marcus\AppData\Local\{DBA6BCCE-B8CD-4791-9CB0-C63745C0E167}
O43 - CFD: 03/08/2012 - 11:15:37 - [0] ----D C:\Users\Marcus\AppData\Local\{DE4DAB4B-454D-4343-B16B-074093EECFD1}
O43 - CFD: 03/07/2012 - 11:43:12 - [0] ----D C:\Users\Marcus\AppData\Local\{DF9EDAE3-21BA-463B-BD5E-09A347AFAAA4}
O43 - CFD: 29/01/2012 - 19:30:59 - [0] ----D C:\Users\Marcus\AppData\Local\{ED6DB499-8B96-47D1-A0D8-7A0895025499}
O43 - CFD: 27/06/2012 - 20:06:59 - [0] ----D C:\Users\Marcus\AppData\Local\{F6EEC108-BC5A-41AA-A715-73C35C15CEA7}
O43 - CFD: 07/08/2012 - 16:32:03 - [0] ----D C:\Users\Marcus\AppData\Local\{FE760D43-21E7-4527-BD54-7C307753955F}
O51 - MPSK:{3fe5d0b4-defe-11e0-a8c9-001cc0fe32ab}\AutoRun\command. (...) -- I:\steambackup2.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\facemoods [Key] . (...) -- C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (.not file.) => facemoods.com facemoods Toolbar
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Toolbar.Askemptytemp
emptyflash
proxyfix
firewallraz
sysrestore
|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />
|- Clique no menu,"Paste ClipBoard".
|- Clique em "GO" -> Oui.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />
|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
Abraços!
Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012
Fichier d'export Registre :
Run by Marcus at 20/08/2012 14:50:22
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Registry Key ==========
DELETED Key*: Service: X6va005
DELETED Key*: Service: X6va006
DELETED Key*: Service: X6va007
DELETED CLSID MPSK: {3fe5d0b4-defe-11e0-a8c9-001cc0fe32ab}
DELETED Key: StartupReg: facemoods
========== Registry Value ==========
ProxyFix : Proxy killed successfully
DELETED ProxyServer Value
DELETED ProxyEnable Value
DELETED EnableHttp1_1 Value
DELETED ProxyHttp1.1 Value
DELETED ProxyOverride Value
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
DELETED FirewallRaz (None) : {CF113EE3-CBDE-46AE-8910-B749737656F1}
========== Repertory ==========
NOT FOUND C:\Users\Marcus\AppData\Local\Dados de aplicativos
NOT FOUND C:\Users\Marcus\AppData\Local\Histórico
DELETED Folder: C:\Users\Marcus\AppData\Local\VHS to DVD
DELETED Folder: C:\Users\Marcus\AppData\Local\{0026BD67-8373-4E12-B12C-B0E4737883C7}
DELETED Folder: C:\Users\Marcus\AppData\Local\{021A4F13-319F-40C7-A95F-01CE3B5AAF74}
DELETED Folder: C:\Users\Marcus\AppData\Local\{023D510A-AE3F-4996-901A-F40A485A2FDE}
DELETED Folder: C:\Users\Marcus\AppData\Local\{08347AA0-DDCB-4B5E-8B8D-86987EEE75F9}
DELETED Folder: C:\Users\Marcus\AppData\Local\{0A1CE580-32E0-478A-96DD-C60415CEEDD0}
DELETED Folder: C:\Users\Marcus\AppData\Local\{0B0CB94A-ADFA-47DA-9D1B-94FED784D076}
DELETED Folder: C:\Users\Marcus\AppData\Local\{1E5DEC61-DCE7-41D0-A782-524E67B36260}
DELETED Folder: C:\Users\Marcus\AppData\Local\{213D09A8-13A6-453E-9DAC-C6D7152BE7C3}
DELETED Folder: C:\Users\Marcus\AppData\Local\{23293C9A-4B58-48BD-B2A7-BD753A046992}
DELETED Folder: C:\Users\Marcus\AppData\Local\{2F99C863-D2A1-41F0-B6C1-A89A0C56BCC9}
DELETED Folder: C:\Users\Marcus\AppData\Local\{3199EC0A-ADA4-4906-80EF-8599CA22F444}
DELETED Folder: C:\Users\Marcus\AppData\Local\{3213BEB9-5331-4895-BC5B-B8EA8A9D6CED}
DELETED Folder: C:\Users\Marcus\AppData\Local\{331C2C5B-FBF4-4462-B55A-FF4A98895518}
DELETED Folder: C:\Users\Marcus\AppData\Local\{345C314A-ABA8-4924-993B-BD6A4B0C54D0}
DELETED Folder: C:\Users\Marcus\AppData\Local\{3A53689F-57BF-4FE0-8EEA-BD8A5A05C218}
DELETED Folder: C:\Users\Marcus\AppData\Local\{3BB9653B-844E-4C7F-877C-5679B5E8007A}
DELETED Folder: C:\Users\Marcus\AppData\Local\{40BF85FF-30D4-4106-A8C5-86799FB4A841}
DELETED Folder: C:\Users\Marcus\AppData\Local\{45AA46D2-AF12-4260-A975-5533A15B9580}
DELETED Folder: C:\Users\Marcus\AppData\Local\{4C54CEC4-D369-46F3-87B9-F9D103935D98}
DELETED Folder: C:\Users\Marcus\AppData\Local\{4D9796BD-03AE-42E4-95FD-C804896CFA43}
DELETED Folder: C:\Users\Marcus\AppData\Local\{4F879DE9-21D8-47FE-BEF4-EB6A075CB566}
DELETED Folder: C:\Users\Marcus\AppData\Local\{5194A5E3-C62F-4745-BFD6-BDE655310C3A}
DELETED Folder: C:\Users\Marcus\AppData\Local\{5259D497-C550-465A-8E8F-2B37C6E391A3}
DELETED Folder: C:\Users\Marcus\AppData\Local\{55B89179-5605-43CB-BDB6-BC3C5AA11CD8}
DELETED Folder: C:\Users\Marcus\AppData\Local\{5E5C3B05-37CF-428C-B49C-8217DA3FF0AD}
DELETED Folder: C:\Users\Marcus\AppData\Local\{656439C9-0199-44BD-8A08-4AF0CBC9B171}
DELETED Folder: C:\Users\Marcus\AppData\Local\{65974CE8-A673-4094-8FC1-EC5753F5DCF5}
DELETED Folder: C:\Users\Marcus\AppData\Local\{6AA3D605-2FFA-442F-9623-7F721987C79A}
DELETED Folder: C:\Users\Marcus\AppData\Local\{6F3275FB-F034-4217-AFA6-295BFEA4741C}
DELETED Folder: C:\Users\Marcus\AppData\Local\{70A3DAAF-1E45-48C3-ABEF-450E06A35AF6}
DELETED Folder: C:\Users\Marcus\AppData\Local\{776B1128-FA61-4EE9-AE72-12913C53D79E}
DELETED Folder: C:\Users\Marcus\AppData\Local\{7C58520F-6E53-488D-A793-325FB23D5B6F}
DELETED Folder: C:\Users\Marcus\AppData\Local\{7C7724E9-85C6-434E-B035-C3696D6CCD6E}
DELETED Folder: C:\Users\Marcus\AppData\Local\{87F43280-A27F-49AF-85F0-391AF9828A96}
DELETED Folder: C:\Users\Marcus\AppData\Local\{94C79A23-FEFB-4C2A-8687-4F50171AF96B}
DELETED Folder: C:\Users\Marcus\AppData\Local\{952F431E-90EA-46FB-8922-F759D3A49854}
DELETED Folder: C:\Users\Marcus\AppData\Local\{98C8E5E0-BF2A-474E-A4C6-51253D539ADA}
DELETED Folder: C:\Users\Marcus\AppData\Local\{9E46B083-8C09-496F-8759-9936DE4BFF73}
DELETED Folder: C:\Users\Marcus\AppData\Local\{A56CB0D6-7375-4D24-A23F-E7973CD10442}
DELETED Folder: C:\Users\Marcus\AppData\Local\{AC3175DF-63DB-44FD-9668-1F380C43F253}
DELETED Folder: C:\Users\Marcus\AppData\Local\{AD8B0AD6-7BB0-40D7-A4DF-72CF52D1E691}
DELETED Folder: C:\Users\Marcus\AppData\Local\{B894A4C2-33B5-468A-AD1F-BD3BB17986FF}
DELETED Folder: C:\Users\Marcus\AppData\Local\{BB085EB6-A01E-4034-B7E5-C83915EB2F40}
DELETED Folder: C:\Users\Marcus\AppData\Local\{BEE3CBF2-49BB-4719-A268-F7344F943552}
DELETED Folder: C:\Users\Marcus\AppData\Local\{C1E761A8-783C-4128-8061-23E0D9D92B61}
DELETED Folder: C:\Users\Marcus\AppData\Local\{C683B403-B628-46DD-BFCF-2F126C8931AF}
DELETED Folder: C:\Users\Marcus\AppData\Local\{C843573C-2EBC-4DE3-AFE6-96D8299C97DE}
DELETED Folder: C:\Users\Marcus\AppData\Local\{CAABF6D5-5C4D-47A2-903E-B09FECD39C9E}
DELETED Folder: C:\Users\Marcus\AppData\Local\{CE3B5252-BBB5-4114-B135-5C1619CD47F5}
DELETED Folder: C:\Users\Marcus\AppData\Local\{D669F607-931F-44AD-B608-71950C30C958}
DELETED Folder: C:\Users\Marcus\AppData\Local\{D9B01E83-7505-467B-A8D9-2012C36A8F66}
DELETED Folder: C:\Users\Marcus\AppData\Local\{DBA6BCCE-B8CD-4791-9CB0-C63745C0E167}
DELETED Folder: C:\Users\Marcus\AppData\Local\{DE4DAB4B-454D-4343-B16B-074093EECFD1}
DELETED Folder: C:\Users\Marcus\AppData\Local\{DF9EDAE3-21BA-463B-BD5E-09A347AFAAA4}
DELETED Folder: C:\Users\Marcus\AppData\Local\{ED6DB499-8B96-47D1-A0D8-7A0895025499}
DELETED Folder: C:\Users\Marcus\AppData\Local\{F6EEC108-BC5A-41AA-A715-73C35C15CEA7}
DELETED Folder: C:\Users\Marcus\AppData\Local\{FE760D43-21E7-4527-BD54-7C307753955F}
DELETED Window Temporary:
DELETED Flash Cookies:
========== File ==========
NOT FOUND Folder/File: c:\users\marcus\appdata\local\temp\temp1_balabolka
NOT FOUND File: c:\users\marcus\appdata\local\temp\005d7f9.tmp
NOT FOUND File: c:\users\marcus\appdata\local\temp\006aa44.tmp
NOT FOUND File: c:\users\marcus\appdata\local\temp\007ec46.tmp
DELETED File: c:\users\marcus\appdata\roaming\microsoft\internet explorer\quick launch\pc mega rapido pro.lnk
NOT FOUND File: c:\program files (x86)\pc mega rapido pro 2.1\pcmega_registro.exe
NOT FOUND Folder/File: c:\windows\system32\tasks\scheduled update for ask toolbar
DELETED Window Temporary:
DELETED Flash Cookies:
========== Task ==========
DELETED Task: Scheduled Update for Ask Toolbar
DELETED Task: {05D1631B-4897-4D37-A0BC-CAF169EDB167}
DELETED Task: {5B241A4A-7771-43E2-87E5-F3FD4CF2F84A}
DELETED Task: {633DF3EA-89BE-4DFE-B733-71AEB64ACFD4}
DELETED Task: {68D59038-78BF-4D9F-8358-06EDFC20A1BA}
DELETED Task: {86CA8B94-3765-4DE7-B4C3-9B2B3CF781D5}
DELETED Task: {A3716CA1-6CD1-4A96-B47D-D97E20279C4D}
DELETED Task: {B9593D70-3363-47CD-9AEF-06D68B958EE8}
DELETED Task: {F1285689-4246-4112-B03F-325D45CD56C9}
DELETED Task: {352747F2-1390-4438-BA6A-70CC94185FB0}
DELETED Task: {7E5501AE-873B-4ECC-82CD-1FD77F6E23D6}
========== Restoration ==========
Restore System Point created succefully
========== Summary ==========
5 : Registry Key
9 : Registry Value
62 : Repertory
9 : File
11 : Task
1 : Restoration
End of clean in 00mn 23s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 20/08/2012 14:50:22 [7627]
Boa Noite! .matiello
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> > ( ... by OldTimer Tools )
|- Clique em Salvar!
|- Salve-o no desktop!
|- Duplo clique em OTL.exe >> Executar.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/OTL_Configuracao.jpg&key=7e76108b70bd59b556c6498d72f98bc50a1507c1101b089d8b9941f652fb86f9" alt="OTL_Configuracao.jpg" /> >> /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/OTL_Padrao.jpg&key=527dbad2b87905959f3ae5549fa6261b5208534cea6c54c3fa3ff991665188f4" alt="OTL_Padrao.jpg" />
|- Configure "Verificação de Arquivos",segundo a screenshot!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/OTL_SemExt2.jpg&key=05f9220c5424b04df13bdcb38bad393cbf3e2b0c3d3705a4baff62e1096dadd8" alt="OTL_SemExt2.jpg" />
|- Ps: Faça o mesmo para estes!
|- Assinale,também,a inclusão da verificação para 64bits.
|- Em "Exame Extra do Registro",assinale "Nenhum".
>
crack /s keygen /s
serial /s
AutoKMS /s
loader /s
%APPDATA%\Local\*.
%APPDATA%\*.exe /s
%APPDATA%\*.
%USERPROFILE%\AppData\Local\.
%USERPROFILE%\AppData\Roaming\.
%systemroot%\assembly\tmp\. /S /MD5
%systemroot%\assembly\temp\. /S /MD5
%systemroot%\assembly\GAC\. /S /MD5
%systemroot%\assembly\GAC_32\. /S /MD5
%systemroot%\assembly\GAC_64\. /S /MD5
%systemroot%\system32\config\systemprofile\AppData\Local\.
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\.
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
regedit /e c:\registrybackup.reg /c
type c:\boot.ini >> test.txt /c
%systemroot%\system32\tasks\. /s /64
%systemroot%\system32\Tasks\. /s
%windir%\tasks\. /s
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/6659d256325569c6e621117dc332966313a07d11cb5fb0ea4d9176217c7aefa76g.jpg&key=2f5fa92bb006b1b2ac6be24e167f552dde9bcc59e9fb935192d1c347c1a94cbf" alt="6659d256325569c6e621117dc332966313a07d11cb5fb0ea4d9176217c7aefa76g.jpg" />
|- Cole estas informações,que estão em verde,para o campo "Exames Personalizados/Correções".
|- Clique em Verificar: /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/OTL_Verificar.jpg&key=d6c8d91e28b9f545fcc454786ff682a3989a5e65e39fecb6192e17ff28bc52d0" alt="OTL_Verificar.jpg" />
|- Concluindo,poste o relatório: OTL.txt
|- Para grandes relatórios,acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> >
|- Maiores informações: < |Link| >
Abraços!
OTL logfile created on: 20/08/2012 21:09:31 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Marcus\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,99 Gb Total Physical Memory | 3,02 Gb Available Physical Memory | 75,59% Memory free
7,98 Gb Paging File | 6,38 Gb Available in Paging File | 79,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 279,69 Gb Free Space | 60,05% Space Free | Partition Type: NTFS
Computer Name: MARCUS-PC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/20 21:07:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
PRC - [2012/07/31 12:19:49 | 008,886,256 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/07 15:17:52 | 027,473,760 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2012/02/03 15:28:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/02/03 15:28:49 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012/02/03 15:28:47 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/02/03 15:28:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/10/04 21:20:11 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/10 16:35:20 | 000,227,184 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/08/08 19:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/04/18 15:13:40 | 000,056,776 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2011/04/14 10:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011/03/21 10:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011/03/01 11:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
PRC - [2009/07/14 21:25:32 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
PRC - [2009/07/10 10:54:14 | 000,136,496 | ---- | M] (Scopus Tecnologia Ltda) -- C:\Program Files (x86)\Scpad\scpVista.exe
PRC - [2007/12/19 10:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2006/09/28 06:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/04/10 14:24:20 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/31 12:19:48 | 000,426,480 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2012/07/31 12:19:48 | 000,235,504 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2012/07/31 12:19:48 | 000,230,384 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2012/07/31 12:19:48 | 000,159,216 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
MOD - [2011/08/08 19:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/04/14 10:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
MOD - [2011/03/21 10:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2011/03/18 12:51:44 | 007,859,200 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll
MOD - [2011/03/18 12:51:44 | 002,210,816 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll
MOD - [2011/03/18 12:51:44 | 000,814,080 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll
MOD - [2011/03/18 12:51:44 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll
MOD - [2011/03/18 12:51:44 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll
MOD - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
MOD - [2009/07/14 21:25:32 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
MOD - [2009/07/14 21:24:16 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPtb.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/08/20 12:42:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/15 21:55:27 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/15 13:44:42 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/02/03 15:28:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/02/03 15:28:49 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/02/03 15:28:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/04 21:20:11 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/28 17:12:00 | 004,621,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/08/10 16:35:20 | 000,227,184 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/04/18 15:13:40 | 000,056,776 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/03/01 11:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/10 10:54:14 | 000,136,496 | ---- | M] (Scopus Tecnologia Ltda) [Auto | Running] -- C:\Program Files (x86)\Scpad\scpVista.exe -- (scpVista)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/09/28 06:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/08/20 13:56:07 | 000,013,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/03 15:29:11 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/02/03 15:29:11 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/02/03 15:29:11 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/09/14 15:29:51 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/30 23:16:34 | 000,013,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/06/07 16:02:24 | 001,917,576 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkCMini.sys -- (StkCMini)
DRV:64bit: - [2010/03/23 15:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/22 08:05:58 | 000,273,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/11/04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (NCPro)
DRV - [2011/04/18 15:14:16 | 000,046,664 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/10/21 07:25:32 | 000,013,396 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\MTictwl.sys -- (NCPro)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.megaware.com.br
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GFRE_pt-BR
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\SearchScopes\{6C40590E-0C07-4D68-A111-50555F5DD19A}: "URL" = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marcus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marcus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marcus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/08 15:17:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Marcus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [uVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000..\Run: [Grid] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..Trusted Domains: caixa.gov.br ([internetbanking] https in Trusted sites)
O15 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:**64bit:** - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab) (Java Plug-in 1.6.0_18)
O16:**64bit:** - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab) (Java Plug-in 1.6.0_18)
O16:**64bit:** - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab) (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab) (Java Plug-in 1.6.0_31)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{923CF0BB-AD2F-4A18-9EF7-3A1E438138FD}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{923CF0BB-AD2F-4A18-9EF7-3A1E438138FD}: NameServer = 200.175.5.139,200.175.182.139
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehCef.dll) - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehCef.dll (Caixa Economica Federal)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Program Files (x86)\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/11 20:02:51 | 000,000,002 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/08/20 21:07:34 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012/08/20 15:33:57 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Local\{15CC6928-8F7A-4391-98F2-84A2D6EC200C}
[2012/08/20 14:06:38 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/08/20 14:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/08/16 02:05:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/16 02:05:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/16 02:05:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/16 02:05:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/16 02:05:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/16 02:05:47 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/16 02:05:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/16 02:05:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/16 02:05:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/16 02:05:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/16 02:05:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/16 02:05:46 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/16 02:05:46 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/15 11:44:58 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/15 11:44:52 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/15 11:44:52 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/15 11:44:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/15 11:44:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/15 11:44:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/15 11:44:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/15 11:44:46 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/07/26 20:42:50 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Local\Chromium
[2012/07/26 20:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[2012/07/26 20:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2012/07/26 20:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios
[1 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ]
[1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/20 21:07:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012/08/20 20:53:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 20:42:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 20:34:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000UA.job
[2012/08/20 17:53:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 17:28:04 | 000,009,118 | ---- | M] () -- C:\Users\Marcus\Desktop\174617_116524375509_3927547_n.jpg
[2012/08/20 14:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 14:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 14:07:33 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2012/08/20 14:06:37 | 000,001,002 | ---- | M] () -- C:\Users\Marcus\Desktop\ZHPDiag.lnk
[2012/08/20 14:06:37 | 000,001,002 | ---- | M] () -- C:\Users\Marcus\Desktop\MBRCheck.lnk
[2012/08/20 14:06:37 | 000,000,990 | ---- | M] () -- C:\Users\Marcus\Desktop\ZHPFix.lnk
[2012/08/20 13:56:20 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/08/20 13:56:07 | 000,013,920 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/08/20 13:55:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/20 13:55:06 | 3213,594,624 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/20 13:52:34 | 000,618,227 | ---- | M] () -- C:\Users\Marcus\Desktop\adwcleaner.exe
[2012/08/19 23:51:46 | 000,000,219 | ---- | M] () -- C:\Users\Marcus\Desktop\Counter-Strike Global Offensive Beta.url
[2012/08/16 12:06:02 | 000,442,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 11:38:02 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012/08/14 21:35:11 | 000,002,459 | ---- | M] () -- C:\Users\Marcus\Desktop\Google Chrome.lnk
[2012/08/13 17:24:37 | 000,116,370 | ---- | M] () -- C:\Users\Marcus\Desktop\vale-boquete-testosterona.jpg
[2012/08/10 10:34:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000Core.job
[2012/07/26 20:17:21 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012/07/26 20:17:21 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk
[2012/07/25 22:38:36 | 000,012,369 | ---- | M] () -- C:\Users\Marcus\Desktop\juninho_pernambucano.jpg
[2012/07/23 18:36:04 | 000,344,341 | ---- | M] () -- C:\Users\Marcus\Desktop\iKeroXeQuix(LoL).jpg
[1 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ]
[1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ]
========== Files Created - No Company Name ==========
[2012/08/20 17:28:07 | 000,009,118 | ---- | C] () -- C:\Users\Marcus\Desktop\174617_116524375509_3927547_n.jpg
[2012/08/20 14:07:33 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2012/08/20 14:06:37 | 000,344,187 | ---- | C] () -- C:\Users\Marcus\Desktop\ZHP_uninstall.exe
[2012/08/20 14:06:37 | 000,001,002 | ---- | C] () -- C:\Users\Marcus\Desktop\ZHPDiag.lnk
[2012/08/20 14:06:37 | 000,001,002 | ---- | C] () -- C:\Users\Marcus\Desktop\MBRCheck.lnk
[2012/08/20 14:06:37 | 000,000,990 | ---- | C] () -- C:\Users\Marcus\Desktop\ZHPFix.lnk
[2012/08/20 13:52:10 | 000,618,227 | ---- | C] () -- C:\Users\Marcus\Desktop\adwcleaner.exe
[2012/08/20 11:49:29 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/19 23:51:46 | 000,000,219 | ---- | C] () -- C:\Users\Marcus\Desktop\Counter-Strike Global Offensive Beta.url
[2012/08/15 11:38:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012/08/13 17:24:48 | 000,116,370 | ---- | C] () -- C:\Users\Marcus\Desktop\vale-boquete-testosterona.jpg
[2012/07/26 20:17:21 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012/07/26 20:17:21 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk
[2012/07/25 22:38:45 | 000,012,369 | ---- | C] () -- C:\Users\Marcus\Desktop\juninho_pernambucano.jpg
[2012/07/23 18:33:07 | 000,344,341 | ---- | C] () -- C:\Users\Marcus\Desktop\iKeroXeQuix(LoL).jpg
[2012/03/25 18:44:27 | 000,045,056 | ---- | C] () -- C:\Users\Marcus\AppData\Local\usb.exe
[2011/11/29 13:43:33 | 000,001,479 | ---- | C] () -- C:\Users\Marcus\.recently-used.xbel
[2011/11/05 09:12:03 | 000,001,320 | ---- | C] () -- C:\Windows\cm108.ini
[2011/10/04 21:20:12 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/04 21:20:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/19 21:31:05 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32.exe
[2011/09/19 21:31:05 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\Inetwh16.dll
[2011/09/19 21:31:05 | 000,004,528 | ---- | C] () -- C:\Windows\SysWow64\Setbrows.exe
[2011/09/19 21:31:02 | 000,000,032 | ---- | C] () -- C:\Windows\WIPO_up.ini
[2011/09/15 16:23:37 | 012,212,864 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2011/09/15 16:23:37 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp2std.exe
[2011/09/15 16:23:37 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2011/09/15 16:23:37 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011/09/15 16:23:37 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2011/09/15 16:23:36 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll
[2011/08/26 14:19:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/08/26 14:19:38 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/08/26 14:19:38 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/08/26 14:19:38 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/06/14 19:19:44 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe
[2011/05/24 00:14:21 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/17 18:45:17 | 000,000,000 | ---- | C] () -- C:\Windows\pgdDmed.ini
[2010/11/20 06:33:10 | 001,508,738 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/13 08:05:09 | 000,007,614 | ---- | C] () -- C:\Users\Marcus\AppData\Local\resmon.resmoncfg
========== LOP Check ==========
[2011/09/03 18:38:56 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\AVG9
[2012/02/02 21:07:37 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\BANDISOFT
[2011/09/03 15:06:05 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\BitCometLite
[2012/04/08 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DAEMON Tools Lite
[2010/05/29 18:11:39 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DiskAid
[2011/12/18 12:38:59 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\GetRightToGo
[2011/09/15 20:52:02 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\gtk-2.0
[2012/06/17 14:35:25 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\LolClient
[2012/06/03 12:57:48 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\LolClient2
[2012/04/08 15:17:39 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Razer
[2010/10/18 19:07:40 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Software4u
[2011/12/19 21:08:24 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\TeamViewer
[2012/07/29 16:25:47 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\TS3Client
[2011/12/22 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Ubisoft
[2011/06/14 19:27:31 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Ulead Systems
[2012/05/28 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Unity
[2012/08/15 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\uTorrent
[2012/06/09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\WGB_Panther_PB
[2012/07/30 12:03:14 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/08/20 13:56:20 | 000,000,412 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job
========== Purity Check ==========
========== Custom Scans ==========
< crack /s >
[2010/08/11 16:22:20 | 006,373,387 | ---- | M] () -- \ongame\Pointblank\Pack\Crackdown.i3Pack
[2010/08/11 16:22:22 | 001,023,295 | ---- | M] () -- \ongame\Pointblank\Pack\Crackdown_Col.i3Pack
[2010/08/24 15:50:58 | 000,158,143 | ---- | M] () -- \ongame\Pointblank\Pack\Crackdown_Col_Hero.i3Pack
[2010/08/11 16:22:20 | 000,111,364 | ---- | M] () -- \ongame\Pointblank\Pack\Crackdown_Scene.i3Pack
[2010/08/11 16:22:22 | 002,035,641 | ---- | M] () -- \ongame\Pointblank\Pack\Crackdown_SubData.i3Pack
[2010/10/04 22:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< keygen /s >
< serial /s >
[2012/02/20 17:21:34 | 000,024,576 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Autoreporter.XmlSerializers.dll
[2012/03/29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012/05/11 00:39:04 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2010/11/04 22:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/04 22:53:16 | 000,094,208 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR\System.RunTime.Serialization.Resources.dll
[2011/09/18 12:53:56 | 000,723,648 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\matielloo\team fortress 2\bin\dmserializers.dll
[2010/11/04 22:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/04 22:55:19 | 000,094,208 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR\System.RunTime.Serialization.Resources.dll
[2010/05/08 07:59:13 | 000,000,560 | ---- | M] () -- \Users\Marcus\Downloads\Seriales_Office_2007__Enterprise.txt
[2009/07/14 14:55:06 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 14:55:16 | 000,094,208 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/04 22:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/05/11 09:50:39 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/11 11:04:46 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012/05/11 12:28:44 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
[2012/05/11 09:52:45 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/11 11:06:36 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/11 11:06:32 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012/05/11 12:28:06 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2012/05/11 12:32:57 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/11 12:32:50 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
[2012/05/11 14:38:58 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
[2012/06/14 00:32:07 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/06/14 00:32:06 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/06/14 00:32:08 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/04 22:53:12 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 22:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 17:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/04 22:55:09 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\pt-BR\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 22:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/13 22:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[1 \Windows\System32\.tmp files -> \Windows\System32\.tmp -> ]
[2009/07/13 21:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 17:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 14:55:08 | 000,005,120 | ---- | M] () -- \Windows\System32\pt-BR\serialui.dll.mui
[2009/07/13 22:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[1 \Windows\SysWOW64\.tmp files -> \Windows\SysWOW64\.tmp -> ]
[2009/07/14 14:55:08 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\pt-BR\serialui.dll.mui
[2009/07/14 14:55:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_6113de7b18b573c2\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 22:55:09 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_6344f24315a3f75c\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/07/14 14:55:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_ef525519510a2520\serialui.dll.mui
[2009/07/13 22:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 14:55:16 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_fe5b8618bfde39ff\System.RunTime.Serialization.Resources.dll
[2010/11/04 22:55:19 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_008c99e0bcccbd99\System.RunTime.Serialization.Resources.dll
[2009/07/14 14:55:12 | 000,011,264 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_659d960db99bc4c9\serial.sys.mui
[2009/07/13 21:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 17:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 17:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 17:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/04 22:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009/06/10 17:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/04 22:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011/08/14 15:11:39 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/08/14 15:11:39 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/07/14 14:55:29 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_ef525519510a2520_serialui.dll.mui_7d29d2a3
[2009/07/13 23:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/07/14 14:55:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_9333b99598acb3ea_serialui.dll.mui_7d29d2a3
[2009/07/13 23:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/13 23:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 10:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 10:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 14:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 10:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/13 23:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/13 23:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009/07/13 23:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009/07/13 22:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009/07/14 14:54:41 | 000,001,635 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_pt-br_8319a97708bbf95b.manifest
[2009/07/13 22:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/13 22:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 14:55:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_pt-br_2487a3575ea111ef\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 18:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/04 22:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009/07/14 14:55:16 | 000,094,208 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_pt-br_8319a97708bbf95b\System.RunTime.Serialization.Resources.dll
[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/04 22:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/14 14:55:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_6b6888cd4d1635bd\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 22:53:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_6d999c954a04b957\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/14 14:55:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_9333b99598acb3ea\serialui.dll.mui
[2009/07/13 22:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 14:55:16 | 000,094,208 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_a23cea950780c8c9\System.RunTime.Serialization.Resources.dll
[2010/11/04 22:53:16 | 000,094,208 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_a46dfe5d046f4c63\System.RunTime.Serialization.Resources.dll
[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/04 22:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< AutoKMS /s >
< loader /s >
[2011/06/15 14:22:16 | 000,110,592 | ---- | M] () -- \Level Up! Games\Combat Arms\Uploader.exe
[2010/06/08 13:32:26 | 000,119,808 | ---- | M] () -- \ongame\Pointblank\PhysXLoader.2.8.1.dll
[2012/02/03 15:28:49 | 000,047,568 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2012/02/03 15:28:49 | 000,234,448 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2012/02/03 15:28:50 | 001,715,152 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010/02/07 22:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009/12/15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009/12/15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009/12/15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009/12/15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009/12/15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009/12/15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009/12/15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009/12/15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009/12/15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009/12/15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009/12/15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009/12/15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009/12/15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009/12/15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009/12/15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009/05/01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011/06/27 14:06:26 | 000,064,280 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2008/06/20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011/10/24 15:52:21 | 000,047,616 | ---- | M] () -- \Program Files (x86)\Yuna Software\Messenger Plus!\MsgPlus-WLMLoader.dll
[2011/06/16 06:23:45 | 000,001,192 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities\Uploader Software.lnk
[2011/10/27 13:08:42 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011/10/27 13:08:42 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/05/15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/05/15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/02/15 15:39:14 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.152\deploy\assets\storeImages\layout\small_loader.gif
[2012/02/15 15:39:14 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.157\deploy\assets\storeImages\layout\small_loader.gif
[2012/02/15 15:39:14 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.190\deploy\assets\storeImages\layout\small_loader.gif
[2011/06/16 06:23:45 | 000,001,192 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Utilities\Uploader Software.lnk
[2011/10/27 13:08:42 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011/10/27 13:08:42 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/05/15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/05/15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/08/18 01:47:51 | 000,005,505 | ---- | M] () -- \Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB3YKD9I\queryLoader[1].js
[2012/08/18 01:47:52 | 000,000,353 | ---- | M] () -- \Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W5ZERCG1\queryLoader[1].css
[2012/05/28 20:24:07 | 000,001,057 | ---- | M] () -- \Users\Marcus\AppData\Roaming\Unity\WebPlayerPrefs\files_2edeadfrontier_2ecom\prefdeadfrontier-df3d-deadfrontierloader_2eunity3d.upp
[2011/10/01 20:27:45 | 001,881,640 | ---- | M] () -- \Users\Marcus\Downloads\CombatArms_BR_2.1109.02_Downloader.exe
[2012/08/12 21:08:44 | 004,110,768 | ---- | M] () -- \Users\Marcus\Downloads\The.Lion.King.1994.704p.x264.BRRip.GokU61.mp4_downloader_98828.exe
[2011/09/09 09:47:16 | 000,002,001 | ---- | M] () -- \Users\Marcus\Lol\LOLPBE\RADS\projects\lol_air_client\releases\0.0.0.133\deploy\assets\images\SpinLoader.png
[2011/09/09 10:27:38 | 000,000,404 | ---- | M] () -- \Users\Marcus\Lol\LOLPBE\RADS\projects\lol_air_client\releases\0.0.0.133\deploy\assets\storeImages\layout\small_loader.gif
[2011/09/09 09:47:16 | 000,002,001 | ---- | M] () -- \Users\Marcus\Lol\LOLPBE\RADS\projects\lol_air_client\releases\0.0.0.9\deploy\assets\images\SpinLoader.png
[2011/09/09 10:27:38 | 000,000,404 | ---- | M] () -- \Users\Marcus\Lol\LOLPBE\RADS\projects\lol_air_client\releases\0.0.0.9\deploy\assets\storeImages\layout\small_loader.gif
[2011/06/16 06:23:45 | 000,001,192 | ---- | M] () -- \Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Utilities\Uploader Software.lnk
[2011/10/27 13:08:42 | 000,007,715 | ---- | M] () -- \Users\Todos os Usuários\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011/10/27 13:08:42 | 000,000,319 | ---- | M] () -- \Users\Todos os Usuários\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/05/15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\Todos os Usuários\Skype\Apps\login\images\loader.gif
[2012/05/15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\Todos os Usuários\Skype\Apps\login\images\loader.png
[2010/03/11 19:22:58 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009/07/15 12:33:35 | 000,263,680 | R--- | M] () -- \Windows\ConfigSetRoot\SOURCES\UPGLOADER.DLL
[2009/07/15 12:33:35 | 000,024,576 | R--- | M] () -- \Windows\ConfigSetRoot\SOURCES\PT-BR\UPGLOADER.DLL.MUI
[2012/08/20 15:40:13 | 000,030,120 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2011/07/16 01:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/13 22:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\.tmp files -> \Windows\System32\.tmp -> ]
[2012/04/26 09:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/04/29 20:16:44 | 000,004,421 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\moodsLoader[1].js
[2011/07/16 01:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/13 22:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\.tmp files -> \Windows\SysWOW64\.tmp -> ]
[2012/04/26 09:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/04/29 20:16:44 | 000,004,421 | ---- | M] () -- \Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\moodsLoader[1].js
[2009/07/13 22:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/13 22:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 04:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 03:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 02:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 03:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 02:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 04:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 03:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 02:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 04:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 03:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 02:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 14:55:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9.manifest
[2009/07/14 14:55:28 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9_winload.efi.mui_35ee487d
[2009/07/14 14:55:28 | 000,035,392 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9_winload.exe.mui_3bc5b827
[2009/07/14 14:55:28 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9_winresume.efi.mui_f412814e
[2009/07/14 14:55:28 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9_winresume.exe.mui_ff8b5358
[2011/08/14 15:11:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/08/14 15:11:59 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/08/14 15:11:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/08/14 15:11:59 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/08/14 15:11:59 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/13 23:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/13 23:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 14:54:25 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_d429e2316a68dab9.manifest
[2009/07/13 23:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 10:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 10:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 14:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 10:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/13 23:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/13 22:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/13 22:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 03:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 02:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 02:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 03:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 02:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 04:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 03:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< %APPDATA%\Local\*. >
< %APPDATA%\*.exe /s >
[2010/03/13 11:25:24 | 000,010,134 | R--- | M] () -- C:\Users\Marcus\AppData\Roaming\Microsoft\Installer\{C12A2A3D-0D08-8262-E189-E831A8AC3D37}\ARPPRODUCTICON.exe
[2011/01/11 18:44:36 | 000,514,216 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Marcus\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011/01/04 14:14:48 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Marcus\AppData\Roaming\Real\Update\setup3.13\ui_data\vista.exe
[2012/05/19 16:02:13 | 000,316,536 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Marcus\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
[2012/08/12 21:16:31 | 028,111,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Marcus\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_data\RealPlayer_br.exe
[2012/05/19 19:02:27 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Marcus\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_exe\RealPlayer_br.exe< %APPDATA%\*. >
[2010/03/13 07:40:31 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Adobe
[2011/08/11 20:36:28 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Apple Computer
[2010/03/11 18:16:41 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\ATI
[2011/09/03 18:38:56 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\AVG9
[2012/07/14 23:30:17 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Avira
[2012/02/02 21:07:37 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\BANDISOFT
[2011/09/03 15:06:05 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\BitCometLite
[2012/04/08 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DAEMON Tools Lite
[2010/05/29 18:11:39 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DiskAid
[2011/12/18 12:38:59 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\GetRightToGo
[2010/03/13 06:23:57 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Google
[2011/09/15 20:52:02 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\gtk-2.0
[2010/03/11 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Identities
[2011/06/14 19:07:21 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\InstallShield
[2012/06/17 14:35:25 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\LolClient
[2012/06/03 12:57:48 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\LolClient2
[2010/03/11 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Macromedia
[2012/04/02 20:40:53 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Malwarebytes
[2009/07/14 15:11:46 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Media Center Programs
[2012/08/16 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Media Player Classic
[2011/08/23 20:50:03 | 000,000,000 | --SD | M] -- C:\Users\Marcus\AppData\Roaming\Microsoft
[2011/06/16 06:23:39 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\NCH Software
[2012/04/08 15:17:39 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Razer
[2011/01/17 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Real
[2012/08/20 13:58:54 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Skype
[2010/10/18 19:07:40 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Software4u
[2011/12/19 21:08:24 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\TeamViewer
[2012/07/29 16:25:47 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\TS3Client
[2011/12/22 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Ubisoft
[2011/06/14 19:27:31 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Ulead Systems
[2012/05/28 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Unity
[2012/08/15 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\uTorrent
[2012/06/09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\WGB_Panther_PB
[2010/03/16 19:42:06 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\WinRAR
[2010/03/11 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Yahoo!
< %USERPROFILE%\AppData\Local\. >
[2012/04/13 17:34:10 | 000,121,000 | ---- | M] () -- C:\Users\Marcus\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/08/20 13:54:16 | 009,351,905 | -H-- | M] () -- C:\Users\Marcus\AppData\Local\IconCache.db
[2011/04/14 21:05:44 | 000,007,614 | ---- | M] () -- C:\Users\Marcus\AppData\Local\resmon.resmoncfg
[2008/02/05 14:28:20 | 000,000,051 | ---- | M] () -- C:\Users\Marcus\AppData\Local\setup.txt
[2012/03/25 18:44:27 | 000,045,056 | ---- | M] () -- C:\Users\Marcus\AppData\Local\usb.exe
< %USERPROFILE%\AppData\Roaming\. >
< %systemroot%\assembly\tmp\. /S /MD5 >
< %systemroot%\assembly\temp\. /S /MD5 >
< %systemroot%\assembly\GAC\. /S /MD5 >
[2010/03/11 19:22:59 | 000,110,592 | ---- | M] () MD5=7ECB661F50F34A941A44DAC7241F7D08 -- C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
[2010/03/11 19:23:44 | 000,000,196 | ---- | M] () MD5=44300D5320DA9FE1A79F85D3CC8369AB -- C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2010/03/13 11:26:50 | 000,135,168 | ---- | M] () MD5=0B9B541D535D967743DDC5E7AD543878 -- C:\Windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
[2010/03/13 11:26:50 | 000,000,308 | ---- | M] () MD5=4C237A8BED2C6CDACEC02D10A616C08C -- C:\Windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/13 11:26:50 | 000,212,992 | ---- | M] () MD5=B2D776ABCD8A02022D0793D522AC90D9 -- C:\Windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
[2010/03/13 11:26:50 | 000,000,300 | ---- | M] () MD5=F93B9CAC505D83D82BCAD9B909F2B2C7 -- C:\Windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/11 19:22:58 | 000,065,536 | ---- | M] () MD5=BA073EDDE13179DA2DEFF264C2A272AB -- C:\Windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
[2010/03/11 19:23:44 | 000,000,195 | ---- | M] () MD5=19B3B194049ED86FA5D9F6EB31556E80 -- C:\Windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2010/03/11 19:23:00 | 000,004,608 | ---- | M] () MD5=74C8987F1B2549E1DF3EB3874B68ECAC -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
[2010/03/11 19:23:44 | 000,000,204 | ---- | M] () MD5=B020031BAAF51236A37136B9198E0ECC -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2010/03/11 19:22:58 | 001,215,328 | ---- | M] () MD5=11CD947E77F4B91E61EFDCF7DD1A8766 -- C:\Windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
[2010/03/11 19:23:58 | 000,000,197 | ---- | M] () MD5=518608D6F97FAB45E5D610E3793EF228 -- C:\Windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2010/03/11 19:22:58 | 000,082,784 | ---- | M] () MD5=523E4CC118AD2751A6A6C0EA3CC08F70 -- C:\Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010/03/11 19:23:58 | 000,000,199 | ---- | M] () MD5=3689B8AC7230590BB996DD400FA24139 -- C:\Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2010/03/13 11:26:48 | 000,143,360 | ---- | M] () MD5=2CCCADAA3052CEB5B112554F041BCD22 -- C:\Windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
[2010/03/13 11:26:48 | 000,000,321 | ---- | M] () MD5=FE076117EC2468D8FA2B53C4E5FF444E -- C:\Windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\__AssemblyInfo__.ini
[2010/03/13 11:26:51 | 000,225,280 | ---- | M] () MD5=3EA79E7CD3B2BBCCCBC1AA9E7032A3C9 -- C:\Windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
[2010/03/13 11:26:51 | 000,000,304 | ---- | M] () MD5=06183CB4B5FCCBC4D3D30D2851C89EDC -- C:\Windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/13 11:26:51 | 000,360,448 | ---- | M] () MD5=2E05B3124B43288B6F256CA7864BE2DF -- C:\Windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
[2010/03/13 11:26:51 | 000,000,296 | ---- | M] () MD5=B0B33EF64D1647E473E629EF779D2686 -- C:\Windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/13 11:26:51 | 000,049,152 | ---- | M] () MD5=E3A801C4C1450EB03A753EFA80843F5A -- C:\Windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
[2010/03/13 11:26:51 | 000,000,324 | ---- | M] () MD5=CAEBAB539B4A69DDA797332F8B503515 -- C:\Windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/13 11:26:48 | 000,013,312 | ---- | M] () MD5=1BF1820B86F4921D42D74C922044AC18 -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
[2010/03/13 11:26:48 | 000,000,306 | ---- | M] () MD5=6D74831C5B706C6FF99EC3DD5C82A570 -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\__AssemblyInfo__.ini
[2010/03/11 19:22:53 | 000,031,560 | ---- | M] () MD5=038334CD1EFE7B2CB5684B09AF39F666 -- C:\Windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
[2010/03/11 19:23:58 | 000,000,197 | ---- | M] () MD5=D4A0EA981874B9885745A2F6E62C273A -- C:\Windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,053,248 | ---- | M] () MD5=75933586AFD94EA24C5ACD3DBC89A272 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
[2012/08/20 01:14:37 | 000,000,327 | ---- | M] () MD5=28058DE969A620A154CAE3170CE96528 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,012,800 | ---- | M] () MD5=C0843F0F45EDEEF233B1E581AE75E3BB -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
[2012/08/20 01:14:37 | 000,000,313 | ---- | M] () MD5=A0A3C07721E7DF24DD69F1B525A96DD1 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,473,600 | ---- | M] () MD5=7AD4D9FABD109432EED91B359CEAE430 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
[2012/08/20 01:14:37 | 000,000,307 | ---- | M] () MD5=F39F95D1BFBD96019D80D5B5CF7D821C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:34 | 002,676,224 | ---- | M] () MD5=A73E7421449CCA62B0561BAD4C8EF23D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:34 | 000,000,309 | ---- | M] () MD5=D86E01FE35BA9DB8497A75C2730ED787 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:35 | 002,846,720 | ---- | M] () MD5=5E2B8B8A5ED016468716B9FF82A1806F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:35 | 000,000,309 | ---- | M] () MD5=50EDACC870955B07BC1AB67B2F555DD8 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:35 | 000,563,712 | ---- | M] () MD5=D3F1922325BE8E7E1C72BFD8179454CE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:35 | 000,000,309 | ---- | M] () MD5=03C7A7661D208418E9443DFA502A0CE3 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:35 | 000,567,296 | ---- | M] () MD5=FB3BC0754921873A65F5FBDCA845E6EE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:35 | 000,000,309 | ---- | M] () MD5=E23E7422B26D1636D84DB3ACACA191B5 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:36 | 000,576,000 | ---- | M] () MD5=AFCF5F50C632F3A5598ABC28F196D77C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:36 | 000,000,309 | ---- | M] () MD5=49A74783DECDD4F9CA150C7D2E364F3B -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:36 | 000,577,024 | ---- | M] () MD5=CCD53738DF4FA27849B6BB05DD67D10D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:36 | 000,000,309 | ---- | M] () MD5=D766FF47A4779D9234AB5EBFBBFE891F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:36 | 000,577,536 | ---- | M] () MD5=43C280C3B15CEB2472AB560D09629664 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:36 | 000,000,309 | ---- | M] () MD5=1475C1DF3547888329D510C569530BC9 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:36 | 000,577,536 | ---- | M] () MD5=490807C150B7D8BE44BDE871F4DF8C56 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:36 | 000,000,309 | ---- | M] () MD5=A5212A2290DC6B319C1652F132BA8795 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,578,560 | ---- | M] () MD5=933085360527DE1B4947289CA468184E -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:37 | 000,000,309 | ---- | M] () MD5=FAF1ECEBA3202D7A41528CBE74B1665C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,578,560 | ---- | M] () MD5=25C76C1E29D3E8E7398F0901F558A629 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/08/20 01:14:37 | 000,000,309 | ---- | M] () MD5=62FF7DDE61750ECB8300A382A074853C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,145,920 | ---- | M] () MD5=D9824A9DD107E598575112B4FF897292 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
[2012/08/20 01:14:37 | 000,000,311 | ---- | M] () MD5=397F3A1346A115CC94F1954B948BA889 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:38 | 000,159,232 | ---- | M] () MD5=CEBD995DDEAB2C525A5C4E95789BC961 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
[2012/08/20 01:14:38 | 000,000,313 | ---- | M] () MD5=1EAE0C52D2E46E06BCD3D8D487B65767 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:38 | 000,364,544 | ---- | M] () MD5=46F26E2BAFD44960E7F13B2EF80AA0BC -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
[2012/08/20 01:14:38 | 000,000,311 | ---- | M] () MD5=613FC11A2AB3C92B234B79726B085D44 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:38 | 000,178,176 | ---- | M] () MD5=D035348EC8968861AF585B7132FE4C7B -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
[2012/08/20 01:14:38 | 000,000,313 | ---- | M] () MD5=AC23720D7B404D4E9FC3C51C83E17C53 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/08/20 01:14:37 | 000,223,232 | ---- | M] () MD5=0C453970E89DB1C1EB9DE087E6EAB5BA -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
[2012/08/20 01:14:37 | 000,000,289 | ---- | M] () MD5=DE4A57640D697830DE7C90FDB7AB0616 -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009/07/14 01:55:04 | 000,356,352 | ---- | M] () MD5=DD2EB5E64619613C4C108CFB192F4950 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/14 01:55:04 | 000,000,325 | ---- | M] () MD5=3A74C27634435F509DC024FEEBE670E5 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009/07/14 01:55:04 | 000,516,096 | ---- | M] () MD5=A02EE61542CAAE25F8A44C9428D30247 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/14 01:55:04 | 000,000,328 | ---- | M] () MD5=FAF707724A740277714E33A65F4995BF -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini
[2010/03/11 19:22:59 | 008,007,680 | ---- | M] () MD5=5440EE9CD44616D60CDE57EBDB286E95 -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
[2010/03/11 19:23:44 | 000,000,207 | ---- | M] () MD5=1FF29DC2A2197D5984E5D418C904D3DF -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2010/03/11 19:22:54 | 000,016,712 | ---- | M] () MD5=8CB3CF3CDD7E41FAE6D0CBF94F00DEF5 -- C:\Windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
[2010/03/11 19:23:58 | 000,000,225 | ---- | M] () MD5=0C4DC2E9F3A0B42477BA5BFCA042ACF7 -- C:\Windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:39 | 000,080,696 | ---- | M] () MD5=54582B7054EAD1EFBF9F0A8218B61C4B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
[2010/03/11 19:23:58 | 000,000,224 | ---- | M] () MD5=553A1D17C8B2C73D599EC156ACA6CB7D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:45 | 001,612,592 | ---- | M] () MD5=F653D1F20A2EC194EAEC6E59435C5C7B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
[2010/03/11 19:23:44 | 000,000,220 | ---- | M] () MD5=BD77A7B56575BAF85941BF1AB5589890 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:20 | 001,279,864 | ---- | M] () MD5=A30331358FA33B3C7FDB972D802F57C4 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
[2012/02/29 01:22:45 | 000,000,219 | ---- | M] () MD5=1F7EE91CD8AE8A1CBF71624227DB3D63 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:16 | 000,149,368 | ---- | M] () MD5=3AF754C16AF954DB7367FB39C3739387 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
[2012/02/29 01:22:45 | 000,000,219 | ---- | M] () MD5=2E0B0F90BA89FA1EDCC289688BF58A7B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:55 | 000,404,296 | ---- | M] () MD5=604DE0F15138665E4108B986F0FDD94B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
[2010/03/11 19:23:58 | 000,000,232 | ---- | M] () MD5=0AFFE8E498124664ADDFAB6632A93927 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:46 | 000,088,896 | ---- | M] () MD5=B1CD282FBEF31E321F48E103E2840DD0 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
[2010/03/11 19:23:58 | 000,000,226 | ---- | M] () MD5=0A56011D14E56BA6037C48FAE6064F2B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:46 | 000,146,232 | ---- | M] () MD5=9A0E901BACEF14628977517AA002C765 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
[2010/03/11 19:23:58 | 000,000,222 | ---- | M] () MD5=CCC7961EC6B4CEF20C4A41E1BFF5CF78 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:52 | 000,017,208 | ---- | M] () MD5=5B8B3F76720166BF777A6AD38D12010F -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
[2010/03/11 19:23:58 | 000,000,221 | ---- | M] () MD5=7C1C66BFBB15C0B3C1B9AFEEE2986CF8 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:46 | 000,920,376 | ---- | M] () MD5=5CBE57423C5CAFAA11B50E5C25DAE19D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
[2010/03/11 19:23:58 | 000,000,221 | ---- | M] () MD5=6B6872FAF93931EA6EB4F2E1E30A37D4 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:20 | 000,034,696 | ---- | M] () MD5=7E181C30E192223908BBF509AB827B41 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
[2012/02/29 01:22:46 | 000,000,228 | ---- | M] () MD5=2C6E214F297382A5343D10D8D8ED62C6 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/12/15 01:29:13 | 000,350,080 | ---- | M] () MD5=5C62BA3A0FEE2D763BB79F858204D09D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
[2011/12/15 01:29:14 | 000,000,224 | ---- | M] () MD5=EF446200B015C1662F07955E95322DCE -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:46 | 000,232,248 | ---- | M] () MD5=0944C6C65C258A4BE89605D666DE5880 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
[2010/03/11 19:23:58 | 000,000,223 | ---- | M] () MD5=89274E3F135691355EBD73770EAFF34D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:56:54 | 000,019,320 | ---- | M] () MD5=3CC99DCCB5B9F51483AF7532A6D65F92 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
[2010/03/13 07:57:47 | 000,000,222 | ---- | M] () MD5=3C3CC20ADA56EB38EAF363E7A6BEEE93 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:20 | 000,870,256 | ---- | M] () MD5=54719FDC6A752DC78B364A3980DBC2E9 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
[2012/02/29 01:22:46 | 000,000,218 | ---- | M] () MD5=2A6411671028D5A543646989CB01DBD8 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:59 | 000,013,312 | ---- | M] () MD5=D80746B2F94A3A28E380735D4B8A9EA3 -- C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
[2010/03/11 19:23:44 | 000,000,210 | ---- | M] () MD5=A57C6028DAE8D855FFC2BBC2D6E57246 -- C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2010/03/11 19:22:46 | 000,371,496 | ---- | M] () MD5=BA4FB255E3887A039CB74A5870192220 -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
[2010/03/11 19:23:58 | 000,000,216 | ---- | M] () MD5=E9A3D4644D3B7C20C5EE60970BC5681C -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:17 | 000,063,336 | ---- | M] () MD5=B60C87E3CD3ACFA71DAD8145C66D6E9C -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
[2012/02/29 01:22:45 | 000,000,210 | ---- | M] () MD5=F4663120ABF3E8FF67D7AAF33BD68EDF -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:59 | 000,229,376 | ---- | M] () MD5=FDA48714F6A291E25A1A219E89D59D9B -- C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
[2010/03/11 19:23:58 | 000,000,200 | ---- | M] () MD5=481E504FBEA25FBF5408DB65F44FA5FA -- C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2010/03/11 19:22:59 | 000,004,096 | ---- | M] () MD5=AAA2E20588E154A10747BF1B31B55125 -- C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
[2010/03/11 19:23:44 | 000,000,200 | ---- | M] () MD5=C1F5FADD74964959FC4394832BBC3E59 -- C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2010/03/13 07:56:55 | 000,423,784 | ---- | M] () MD5=DF7CBCD2DB89880A8A92EA134611B038 -- C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
[2010/03/13 07:57:45 | 000,000,195 | ---- | M] () MD5=7C4A765B5AC30DBD8B53CD071B73840C -- C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:39 | 000,000,900 | ---- | M] () MD5=3D144BF3BA28D9E2BEDBA405FA672780 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.config
[2010/03/11 19:22:39 | 000,012,104 | ---- | M] () MD5=3BBBF705C91C7F399A073D96A4AE304A -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
[2010/03/11 19:23:44 | 000,000,232 | ---- | M] () MD5=F14297FB0C6A046E4FB77263CBE167AF -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:57:10 | 000,000,898 | ---- | M] () MD5=DCC5E6E13187570656FB60EBB51751A8 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.config
[2010/03/13 07:57:10 | 000,011,144 | ---- | M] () MD5=AA14986D717AF25CF6362C69BFA13359 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
[2010/03/13 07:57:48 | 000,000,231 | ---- | M] () MD5=4B9F522E4B403A5B090681600D9070C2 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:56:54 | 000,000,898 | ---- | M] () MD5=CC9313747F69E39B66D6B7EFE22FD328 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.config
[2010/03/13 07:56:54 | 000,011,128 | ---- | M] () MD5=CE0EDD4D644A7C624FA79E1B14B00323 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
[2010/03/13 07:57:46 | 000,000,231 | ---- | M] () MD5=69CD87BB9C6DA0537CE63A53E7092F32 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:55 | 000,000,912 | ---- | M] () MD5=8A8FAFB921AFF270260924C1D31CE163 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.config
[2010/03/11 19:22:55 | 000,012,616 | ---- | M] () MD5=EC7F771DBC984954E076D03F055E0DBF -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
[2010/03/11 19:23:58 | 000,000,238 | ---- | M] () MD5=8352AC255CC3F25FDF9AF1FECC8BD6F3 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:55 | 000,000,904 | ---- | M] () MD5=577D9B55DE8E70B51042ED8124D55C18 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.config
[2010/03/11 19:22:55 | 000,012,616 | ---- | M] () MD5=5B97D1FFA46C9CF752FA8164AB171C56 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
[2010/03/11 19:23:58 | 000,000,234 | ---- | M] () MD5=8F1C69873B1ADCE21B3005A52A6921BA -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:52 | 000,000,902 | ---- | M] () MD5=E2724C2DF4C312D34E4A7BCABBDD5AB6 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.config
[2010/03/11 19:22:52 | 000,012,104 | ---- | M] () MD5=2EE2F1AD6A3B6317D045D2C31F6FEF65 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
[2010/03/11 19:23:58 | 000,000,233 | ---- | M] () MD5=A1C0A9578F9D8E0FCA9A4440070F31B0 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:52 | 000,000,916 | ---- | M] () MD5=DA6AC9B205A7A7FF0AB028049FD3AEA1 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.config
[2010/03/11 19:22:52 | 000,012,632 | ---- | M] () MD5=DB1CC715650EC69FA2B20042B2DC6B5B -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
[2010/03/11 19:23:58 | 000,000,240 | ---- | M] () MD5=47440CFB37970DEFA6E164D85EE5491B -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:57:20 | 000,000,908 | ---- | M] () MD5=49E684EE5FF535D8FF08056769A9F9E6 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.config
[2010/03/13 07:57:20 | 000,011,152 | ---- | M] () MD5=445F0A07EAE252BE0464273767B22453 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
[2010/03/13 07:57:49 | 000,000,236 | ---- | M] () MD5=CC90EB2A26912AB4C5102CDEF753E91F -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:53 | 000,000,906 | ---- | M] () MD5=1B1C62C31CB95E0E1D20FF7F4EE99A34 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.config
[2010/03/11 19:22:53 | 000,012,104 | ---- | M] () MD5=554DA52E16EAB6C18D003C0157BE0DD3 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
[2010/03/11 19:23:58 | 000,000,235 | ---- | M] () MD5=B3B78A70350941D7D6992D5142275669 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:56:55 | 000,000,904 | ---- | M] () MD5=AC1B446DC4969CE1D3F605D9CE098DDB -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.config
[2010/03/13 07:56:55 | 000,011,136 | ---- | M] () MD5=C2F8D5E1D25BCAE6516E88AA0342FB6E -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
[2010/03/13 07:57:47 | 000,000,234 | ---- | M] () MD5=79D81B7149BDC2CD7CB5B48D05D75F37 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2012/02/29 01:22:20 | 000,000,896 | ---- | M] () MD5=33324BF6E22A322816FD4C1C58BB032C -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.config
[2012/02/29 01:22:20 | 000,011,144 | ---- | M] () MD5=2CE989B779144889EA1F30A046DF13CB -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
[2012/02/29 01:22:46 | 000,000,230 | ---- | M] () MD5=314847472C40A8C3574130C873856447 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:56:55 | 000,000,880 | ---- | M] () MD5=AEEFC22DA8D1EBBA43AC2E8B0599DFE3 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.config
[2010/03/13 07:56:55 | 000,011,112 | ---- | M] () MD5=FFD49049DE84727DE54922181E0AFBA5 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
[2010/03/13 07:57:46 | 000,000,222 | ---- | M] () MD5=122F7F6C517CFA276B874A7F20A796B4 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/13 07:56:55 | 000,000,850 | ---- | M] () MD5=5717939AB3C1CFFDF93DDC9A14856755 -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.office.config
[2010/03/13 07:56:55 | 000,010,576 | ---- | M] () MD5=B6C7C64CB13A418DF859A018EC93727B -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
[2010/03/13 07:57:46 | 000,000,207 | ---- | M] () MD5=E7E59ABBFF65ED4C142D4006A6197E0E -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2010/03/11 19:22:59 | 000,016,384 | ---- | M] () MD5=E1EEB7E26AB04075EECC7275239B20B3 -- C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
[2010/03/11 19:23:44 | 000,000,197 | ---- | M] () MD5=FC75E46DA5B9F9263B958C7B027ACBFC -- C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
< %systemroot%\assembly\GAC_32\. /S /MD5 >
[2010/11/20 09:32:20 | 000,238,080 | ---- | M] () MD5=D6D26A698BCCD17AB0761E6221C5F3C4 -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
[2010/11/04 22:57:39 | 000,069,120 | ---- | M] () MD5=C80DA476BFBAD97D874A0EFE037D7113 -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2009/07/13 22:22:13 | 000,139,264 | ---- | M] () MD5=3723B29BBFE648380ED9B70B164E33A2 -- C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe
[2009/07/13 18:04:37 | 000,002,274 | ---- | M] () MD5=C343B566A3B8DA7743C30796BE0A54D7 -- C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe.config
[2010/11/04 22:57:43 | 000,072,192 | ---- | M] () MD5=D58D4E4AA8D6146D838BE02500F50B27 -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2010/11/20 09:32:22 | 000,134,656 | ---- | M] () MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
[2009/07/13 22:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 22:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2012/07/12 01:12:12 | 000,117,160 | ---- | M] () MD5=569124F95660007F8C470D00A96CBD7D -- C:\Windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
[2010/11/04 22:52:36 | 000,163,840 | ---- | M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38 -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2010/03/11 19:23:00 | 000,367,400 | ---- | M] () MD5=6CAD87F2BE4A4BC31D3FD5C923741418 -- C:\Windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll
[2009/07/13 22:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
[2009/06/10 18:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
[2009/06/10 18:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
[2009/06/10 18:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2009/06/10 18:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2009/06/10 18:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2012/01/03 23:50:59 | 004,550,656 | ---- | M] () MD5=C850A6041F5AEDE21C53514BBE9AB09D -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2009/06/10 18:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2009/06/10 18:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2009/06/10 18:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2009/06/10 18:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2009/06/10 18:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2009/06/10 18:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2009/06/10 18:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2009/06/10 18:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2010/11/20 09:36:00 | 000,046,080 | ---- | M] () MD5=93C4029DABC19166076BE347283AB969 -- C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2010/11/20 09:36:00 | 000,107,008 | ---- | M] () MD5=E9CFC1884D1E579E82073103827FA62B -- C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
[2009/07/13 22:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
[2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2009/07/13 22:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2009/07/13 22:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
[2009/07/13 22:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
[2009/07/13 19:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
[2009/07/13 22:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
[2012/02/10 20:31:40 | 004,218,880 | ---- | M] () MD5=AEDDFD540E3E6BECDB14C30D1F12B78A -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2009/06/10 18:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2012/02/10 20:31:42 | 001,737,496 | ---- | M] () MD5=DDFBFD8959F32AC0CF3947F36BAC3081 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2010/11/04 22:58:05 | 000,486,400 | ---- | M] () MD5=ED40D020A6A82748394F1653CE324CE4 -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2010/11/04 22:58:05 | 002,927,616 | ---- | M] () MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4 -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2010/11/04 22:58:08 | 000,258,048 | ---- | M] () MD5=6DB969DF540BC71722848940D180AC08 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2010/11/20 01:12:59 | 000,113,664 | ---- | M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2012/02/10 20:31:41 | 000,372,736 | ---- | M] () MD5=A151947AD131A883870A6174CACF423B -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009/06/10 18:23:19 | 000,261,632 | ---- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2011/12/25 17:42:15 | 005,255,168 | ---- | M] () MD5=7D2B8E2CE3EF2DC633689F1E1F4A7504 -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
< %systemroot%\assembly\GAC_64\. /S /MD5 >
[2010/11/20 10:39:41 | 000,249,344 | ---- | M] () MD5=0EB9F2F8649FC0DE0DB55AFF18093E1C -- C:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
[2010/11/04 22:56:37 | 000,080,896 | ---- | M] () MD5=28D0AAEB2F5D05629B287E3534FCAFB3 -- C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2010/11/04 22:56:43 | 000,089,600 | ---- | M] () MD5=8658D501224F8EAA18BCF8104F07AA29 -- C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2010/11/20 10:44:11 | 000,139,264 | ---- | M] () MD5=D32088C67317F5B64C13352E6EB5FFB1 -- C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
[2010/11/20 10:44:11 | 000,198,656 | ---- | M] () MD5=073C37CEFEB4D5CD86646171C5D999F2 -- C:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe
[2010/11/20 10:44:11 | 000,133,120 | ---- | M] () MD5=948ECE6043513473FF26B6A43DCD67C8 -- C:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll
[2009/07/13 22:51:37 | 000,507,904 | ---- | M] () MD5=80BC35C4CA953CCACFECEE0EDBA14F5A -- C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 22:51:13 | 000,077,824 | ---- | M] () MD5=ADE7BDD9DFFFB5A965DF204114F36951 -- C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2011/08/17 02:28:23 | 000,315,392 | ---- | M] () MD5=063FDD306A93B988CBEC9C6987EB2960 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
[2010/11/20 10:44:11 | 000,147,968 | ---- | M] () MD5=9453A71711D51C31DD607EC19CA604B0 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll
[2010/11/20 10:44:11 | 000,056,320 | ---- | M] () MD5=6B365422C9E1417C9C99FD1234C42F48 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll
[2010/11/20 10:44:11 | 000,114,688 | ---- | M] () MD5=2920CBCE0700F34AC9E27423CBD87798 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll
[2010/11/20 10:44:12 | 000,327,168 | ---- | M] () MD5=2288CBDEBF5D78E0CB9158D251DE4016 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll
[2010/11/04 22:52:15 | 000,163,840 | ---- | M] () MD5=DAC8353CA6D1919C7FF87C00672FBF2E -- C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2009/07/13 22:49:27 | 000,008,192 | ---- | M] () MD5=6790FBD2C832CBB26A694E1046F7F2BA -- C:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
[2010/11/20 10:39:46 | 000,019,968 | ---- | M] () MD5=DBE659C5CE6689D009D9414CB27FD110 -- C:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
[2010/11/04 22:53:34 | 000,083,792 | ---- | M] () MD5=15885A86E87CC4291EF628E4F8A9BD6D -- C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
[2009/06/10 17:31:02 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
[2009/06/10 17:39:44 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2009/06/10 17:39:44 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2009/06/10 17:39:54 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2012/01/04 00:34:35 | 004,567,040 | ---- | M] () MD5=12E5EDB59F4FE680B7AD9ADC8E2C17D3 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2009/06/10 17:40:01 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2009/06/10 17:40:01 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2009/06/10 17:40:01 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2009/06/10 17:40:01 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2009/06/10 17:40:01 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2009/06/10 17:40:01 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2009/06/10 17:40:01 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2009/06/10 17:40:02 | 000,262,148 | ---- | M] () Unable to obtain MD5 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2009/06/10 17:40:02 | 000,020,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2009/06/10 17:40:10 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2010/11/20 10:44:12 | 000,050,176 | ---- | M] () MD5=E0773633E4193B183FB396192581BD86 -- C:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2010/11/20 10:44:13 | 000,133,632 | ---- | M] () MD5=A302DA1404664CEF1D416ED4DE49EA2B -- C:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2009/06/10 17:51:13 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2009/07/13 22:52:10 | 000,005,120 | ---- | M] () MD5=C3554C9F9650380CD6A292CD5E7F02C6 -- C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2009/06/10 17:51:13 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2009/07/13 22:50:32 | 000,005,120 | ---- | M] () MD5=265830B968EC5512E923C5482A5F5EEB -- C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2009/07/13 18:54:48 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
[2009/07/13 22:50:49 | 000,005,120 | ---- | M] () MD5=6162FCE93CE4C29318C179E457CFE656 -- C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
[2012/02/10 20:29:43 | 003,998,208 | ---- | M] () MD5=C264145F107437CBD3B30303733AEE4F -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2009/06/10 17:30:59 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2012/02/10 20:29:45 | 002,256,152 | ---- | M] () MD5=C8541AECCCA9260DE93C85F214110FA8 -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2010/11/04 22:56:58 | 000,502,272 | ---- | M] () MD5=2D8090F04B14059E23FE68F9FF3E318C -- C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2010/11/04 22:56:58 | 003,095,552 | ---- | M] () MD5=98D53BB2DB8E11762D30C3CF41FA140B -- C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2010/11/04 22:57:00 | 000,245,760 | ---- | M] () MD5=B395F8BE6E578FAB80A1D568911857D7 -- C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2010/11/04 22:57:02 | 000,133,120 | ---- | M] () MD5=D9C192B9CD25DC5C9C05DF98C945E3F1 -- C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2012/02/10 20:29:44 | 000,358,912 | ---- | M] () MD5=02DD476B37E663BBBB81C47F4AF45C78 -- C:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009/06/10 17:40:06 | 000,283,136 | ---- | M] () MD5=E4806AC8BE2D890193252D4BEE7EA95C -- C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2011/12/25 17:40:47 | 005,263,360 | ---- | M] () MD5=5566D4BABE2900CDB906F470F098188B -- C:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
< %systemroot%\system32\config\systemprofile\AppData\Local\. >
< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\. >
< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\. >
[2012/08/20 15:01:31 | 000,009,186 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes >
"DefaultScope" = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes >
"DefaultScope" = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
"DownloadRetries" = 0
"DownloadUpdates" = 1
"Version" = 3
"UpgradeTime" = 19 69 B3 21 99 19 CC 01 [binary data]
"KnownProvidersUpgradeTime" = 62 BE BD 20 99 19 CC 01 [binary data]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6C40590E-0C07-4D68-A111-50555F5DD19A}]
< regedit /e c:\registrybackup.reg /c >
< type c:\boot.ini >> test.txt /c >
< %systemroot%\system32\tasks\. /s /64 >
[2012/08/20 12:42:44 | 000,003,840 | ---- | M] () -- C:\Windows\SysNative\tasks\Adobe Flash Player Updater
[2012/07/15 17:48:32 | 000,003,812 | ---- | M] () -- C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore
[2012/07/15 17:48:33 | 000,004,064 | ---- | M] () -- C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA
[2012/07/14 10:29:33 | 000,003,658 | ---- | M] () -- C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000Core
[2012/07/14 10:29:33 | 000,004,054 | ---- | M] () -- C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000UA
[2011/08/14 15:04:07 | 000,003,040 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft_Hardware_Launch_IPoint_exe
[2011/08/14 14:31:35 | 000,003,050 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft_Hardware_Launch_IType_exe
[2011/05/23 19:33:18 | 000,002,978 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft_Hardware_Launch_rundll32_exe
[2011/09/24 18:15:11 | 000,003,232 | ---- | M] () -- C:\Windows\SysNative\tasks\MotoHelper Initial Update
[2011/09/24 18:15:09 | 000,003,412 | ---- | M] () -- C:\Windows\SysNative\tasks\MotoHelper MUM
[2011/09/24 18:15:08 | 000,003,406 | ---- | M] () -- C:\Windows\SysNative\tasks\MotoHelper Routing
[2011/09/24 18:15:10 | 000,003,424 | ---- | M] () -- C:\Windows\SysNative\tasks\MotoHelper Update
[2011/10/27 13:09:24 | 000,003,212 | ---- | M] () -- C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-1155938839-3185402113-654261445-1000
[2011/10/27 13:09:21 | 000,003,344 | ---- | M] () -- C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-1155938839-3185402113-654261445-1000
[2012/05/19 19:02:16 | 000,003,604 | ---- | M] () -- C:\Windows\SysNative\tasks\RNUpgradeHelperResumePrompt_Marcus
[2012/01/31 17:14:30 | 000,003,230 | ---- | M] () -- C:\Windows\SysNative\tasks\SidebarExecute
[2012/08/20 13:56:20 | 000,002,840 | ---- | M] () -- C:\Windows\SysNative\tasks\SlimDrivers Startup
[2010/03/16 06:00:43 | 000,002,970 | ---- | M] () -- C:\Windows\SysNative\tasks\{2A9239BC-D671-4603-AC92-9419606AEEC2}
[2010/03/16 06:02:28 | 000,003,120 | ---- | M] () -- C:\Windows\SysNative\tasks\{8984F7BA-413E-4909-98BD-EDF4D71265D2}
[2012/07/24 15:23:14 | 000,003,120 | ---- | M] () -- C:\Windows\SysNative\tasks\{B5C8897E-8953-4555-BCF3-5683FC154A11}
[2011/08/06 19:22:06 | 000,003,374 | ---- | M] () -- C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate
[2012/08/20 14:03:16 | 000,003,856 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows Defender\MP Scheduled Scan
[2012/06/25 19:31:36 | 000,004,158 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
[2009/07/14 01:53:29 | 000,004,472 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
[2009/07/14 01:53:29 | 000,003,854 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
[2009/07/14 01:54:39 | 000,002,900 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\AppID\PolicyConverter
[2009/07/14 01:54:39 | 000,003,790 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
[2009/07/14 01:54:05 | 000,003,458 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Application Experience\AitAgent
[2009/07/14 01:54:05 | 000,003,614 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
[2009/07/14 01:49:22 | 000,003,026 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Autochk\Proxy
[2009/07/14 01:57:09 | 000,001,862 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask
[2009/07/14 01:53:22 | 000,004,130 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
[2009/07/14 01:53:22 | 000,003,868 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\CertificateServicesClient\UserTask
[2009/07/14 02:09:01 | 000,003,134 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
[2009/07/14 01:57:09 | 000,002,934 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
[2009/07/14 01:53:33 | 000,003,946 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask
[2009/07/14 01:54:08 | 000,003,598 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
[2009/07/14 01:57:12 | 000,003,886 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Defrag\ScheduledDefrag
[2009/07/14 01:57:07 | 000,004,018 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Diagnosis\Scheduled
[2010/05/02 05:29:59 | 000,003,760 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
[2010/03/11 17:21:01 | 000,002,538 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
[2009/07/14 01:57:13 | 000,003,554 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Location\Notifications
[2010/03/14 09:32:29 | 000,004,036 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Maintenance\WinSAT
[2010/03/11 17:21:08 | 000,002,420 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
[2010/03/11 17:21:07 | 000,002,448 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
[2011/05/25 20:33:24 | 000,003,690 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
[2010/03/11 17:21:06 | 000,002,400 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\ehDRMInit
[2010/03/11 17:21:07 | 000,002,546 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\InstallPlayReady
[2010/03/11 17:21:10 | 000,002,790 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\mcupdate
[2010/03/11 17:21:11 | 000,002,954 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask
[2010/03/11 17:21:10 | 000,002,958 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
[2010/03/11 17:21:06 | 000,002,380 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\OCURActivate
[2010/03/11 17:21:05 | 000,002,400 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\OCURDiscovery
[2010/03/11 17:21:05 | 000,002,384 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PBDADiscovery
[2010/03/11 17:21:04 | 000,003,226 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
[2010/03/11 17:21:04 | 000,003,228 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
[2010/03/11 17:21:12 | 000,003,822 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
[2010/03/11 17:21:10 | 000,002,926 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
[2010/03/11 17:21:11 | 000,002,918 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\PvrScheduleTask
[2010/03/11 17:21:09 | 000,003,078 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\RecordingRestart
[2010/03/11 17:21:07 | 000,002,408 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\RegisterSearch
[2010/03/11 17:21:08 | 000,002,432 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot
[2010/03/11 17:21:11 | 000,002,942 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask
[2011/05/25 20:33:20 | 000,003,418 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\StartRecording
[2010/03/11 17:21:07 | 000,002,736 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Media Center\UpdateRecordPath
[2009/07/14 01:53:33 | 000,003,304 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
[2009/07/14 01:53:33 | 000,003,510 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
[2010/03/11 17:21:03 | 000,003,576 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\MobilePC\HotStart
[2009/07/14 01:54:22 | 000,003,168 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\MUI\LPRemove
[2009/07/14 01:57:07 | 000,002,602 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Multimedia\SystemSoundsService
[2009/07/14 01:54:39 | 000,002,044 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
[2009/07/14 01:55:03 | 000,002,832 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor
[2009/07/14 01:53:47 | 000,003,752 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
[2009/07/14 01:57:07 | 000,004,370 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\RAC\RacTask
[2009/07/14 01:49:35 | 000,003,052 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Ras\MobilityManager
[2009/07/14 01:54:36 | 000,003,956 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Registry\RegIdleBackup
[2009/07/14 01:57:09 | 000,004,596 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
[2009/07/14 01:57:07 | 000,003,616 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Shell\WindowsParentalControls
[2009/07/14 02:09:03 | 000,003,912 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
[2010/03/11 17:21:01 | 000,003,784 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SideShow\AutoWake
[2010/03/11 17:21:02 | 000,003,612 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SideShow\GadgetManager
[2010/03/11 17:24:42 | 000,003,698 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SideShow\SessionAgent
[2010/03/11 17:24:57 | 000,003,792 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SideShow\SystemDataProviders
[2009/07/14 01:49:17 | 000,003,942 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
[2009/07/14 02:01:13 | 000,003,506 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\SystemRestore\SR
[2009/07/14 01:53:50 | 000,002,614 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Task Manager\Interactive
[2009/07/14 01:53:21 | 000,003,950 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
[2009/07/14 01:53:21 | 000,004,066 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
[2009/07/14 01:53:46 | 000,002,978 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
[2009/07/14 01:49:48 | 000,003,388 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
[2009/07/14 01:49:26 | 000,001,730 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\UPnP\UPnPHostConfig
[2009/07/14 01:53:37 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
[2009/07/14 01:49:24 | 000,002,682 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\WDI\ResolutionHost
[2012/05/24 22:47:02 | 000,004,234 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask
[2012/05/24 22:47:02 | 000,004,232 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline
[2009/07/14 01:49:16 | 000,003,048 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
[2009/07/14 01:49:42 | 000,003,290 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange
[2009/07/14 01:57:13 | 000,003,304 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
[2010/03/11 17:29:52 | 000,004,340 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
[2010/05/18 20:31:47 | 000,003,530 | ---- | M] () -- C:\Windows\SysNative\tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011/08/21 13:36:25 | 000,004,480 | ---- | M] () -- C:\Windows\SysNative\tasks\WPD\SqmUpload_S-1-5-21-1155938839-3185402113-654261445-1000
< %systemroot%\system32\Tasks\. /s >
< %windir%\tasks\. /s >
[2012/08/20 20:42:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 17:53:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 20:53:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/10 10:34:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000Core.job
[2012/08/20 20:34:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000UA.job
[2012/08/20 13:55:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/07/30 12:03:14 | 000,032,608 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
[2012/08/20 13:56:20 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
========== Files - Unicode (All) ==========
2011/10/02 00:31:05 | 000,000,000 | ---D | M -- C:\A\Documents\넥슨 플러그
2011/10/02 00:31:05 | 000,000,000 | ---D | C -- C:\A\Documents\넥슨 플러그
========== Alternate Data Streams ==========
@Alternate Data Stream - 208 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Bom Dia! .matiello
|- Ps: você utiliza o Bonjour,para configurar alguma rede?
|- C:\Arquivos de Programas\Bonjour <<
-/-
|- Execute o OTL.exe.
|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )
>
:OTLIE - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1155938839-3185402113-654261445-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
1 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ]
[1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ]
[2012/08/20 20:53:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 20:42:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 20:34:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000UA.job
[2012/08/20 17:53:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 13:56:20 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"Gopher"="gopher://"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
:Commands
[CREATERESTOREPOINT]
[purity]
[emptytemp]
[Reboot]
|- Clique no botão Consertar -> Aguarde a conclusão!
|- O computador vai reiniciar! -> Clique em "Executar".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/OTL_RunFix.jpg&key=09e9249e416710368096f3071f572470adab328652ebc1420e14063af4dbfd77" alt="OTL_RunFix.jpg" />
|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.
|- Poste o relatório: C:\_OTL\MovedFiles\*.log
Abs!
Não que eu saiba, pode ser que tenha sido utilizado pelo meu irmão, já que o pc era dele e quando fiquei com ele acabei não formatando.
All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-1155938839-3185402113-654261445-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1155938839-3185402113-654261445-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar para o Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar para o Microsoft Excel\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1155938839-3185402113-654261445-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\SlimDrivers Startup.job moved successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marcus
->Temp folder emptied: 2486179 bytes
->Temporary Internet Files folder emptied: 25069736 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 391509252 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 859 bytes
User: Public
User: Todos os Usuários
User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1107908 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68073 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 1255763 bytes
Total Files Cleaned = 402,00 mb
OTL by OldTimer - Version 3.2.58.1 log created on 08212012_120044
Files\Folders moved on Reboot...
C:\Users\Marcus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Boa Tarde! .matiello
>
/applications/core/interface/imageproxy/imageproxy.php?img=http://forum.imasters.com.br/public/style_images/imasters-2011/snapback.png&key=6c4595d94bb1086600237aa9845db775ed272665f16a239c5c53fcdbbbb6a3c3" alt="snapback.png" /> .matiello, em 21 agosto 2012 - 13:08 , disse:Não que eu saiba, pode ser que tenha sido utilizado pelo meu irmão, já que o pc era dele e quando fiquei com ele acabei não formatando.
|- Nesse caso,não removeremos o Bonjour.
-/-
|- Caso esteja tudo Ok,apague seus Pontos de restauração.
>
:COMMANDS[CLEARALLRESTOREPOINTS]
[reboot]
|- Rode este script.
|- Cole as informações que estão no Código,para o campo "Exames Personalizados Correções".
|- Clique em Consertar.
|- Ps: Haverá reboot! <- Aguarde!
|- Abra,novamente,a ferramenta OTL -> Clique em Limpeza. <- Confirme!
|- O computador irá reiniciar!
|- Seus logs estão limpos!
Abs!
ok, removo os itens que instalei? adwcleaner, zhpfix, mbrcheck
>
ok, removo os itens que instalei? adwcleaner, zhpfix, mbrcheck
Olá!
|- Sim!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_4cones.jpg&key=1fa875282159446f710d915aa0f19515c10ea929b8487f1466b6ce34a529ae11" alt="ZHPDiag_4cones.jpg" />
|- Para desinstalar ZHPDiag,clique: ZHP_uninstall
|- Para remover AdwCleaner,faça a mesma coisa!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Uninstall2.jpg&key=a9e703e726fc1f13cd20ff066e475a995646652ce2e7d66ac03b110ebe5a8322" alt="AdwCleaner_Uninstall2.jpg" />
|- Abra a ferramenta AdwCleaner e clique em "Uninstall".
Abs!
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Tarde! .matiello
|- Baixe: < AdwCleaner > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".
|- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Suppression.jpg&key=ea7f314988c364d38f61f15aee7583e1c9e325cba8a0d859f1c7cd594582e777" alt="AdwCleaner_Suppression.jpg" />
|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Silent.jpg&key=b108c6f3da4b9ebe004c6fc63c6e29fc4f2043056612e16f58c8a6da9600eaea" alt="ZHPDiag_Silent.jpg" /> >
|- Salve-o no desktop!
|- Para Windows Vista ou 7,clique direito e execute o arquivo como administrador.
|- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde!
|- Poste e/ou cole aqui,o link que foi gerado!
Abraços!