[Resolvido!]Maquinas lentas

Armando Leitão · Setembro 18, 2007

Desculpe, mais resolvi abrir um novo topico, pois está com 10 dias que não tive resposta de um que abrir..

vamos lá estou com problemas de lentidão em duas maquinas, aí em baixo estáo os dois log´s para voces olharem...

Maquinas lentas, talvez seja sinal de virus, vou postar dois log´s...

Maquina 1

Logfile of HijackThis v1.99.1

Scan saved at 11:34:58, on 8/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jucheck.exe

C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{B157CC24-7327-4E78-9BA5-A227131F662C}: NameServer = 192.168.0.4

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Arquivos de programas\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

ComboFix 07-09-08.7 - "Administrador" 2007-09-08 11:18:10.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.193 [GMT -3:00]

* Created a new restore point

.

((((((((((((((((((((((( Ficheiros criados de 2007-08-08 to 2007-09-08 ))))))))))))))))))))))))))))))))

.

2007-09-08 11:16 <DIR> d-------- C:\LinhaDefensiva

2007-09-08 11:10 <DIR> d-------- C:\!KillBox

2007-09-06 12:11 <DIR> d-------- C:\Arquivos de programas\Windows Media Connect 2

2007-09-06 12:10 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

2007-08-31 18:06 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-08-22 16:27 <DIR> d-------- C:\Arquivos de programas\Psychic Doom 97D High Exp

2007-08-22 14:55 218,112 --a------ C:\HijackThis.exe

2007-08-21 08:57 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

2007-08-21 08:57 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll

2007-08-19 21:37 23,040 --------- C:\WINDOWS\system32\dllcache\fltmc.exe

2007-08-19 21:37 16,896 --------- C:\WINDOWS\system32\dllcache\fltlib.dll

2007-08-19 21:37 128,896 --------- C:\WINDOWS\system32\dllcache\fltmgr.sys

2007-08-19 21:35 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0

2007-08-19 21:34 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe

2007-08-19 17:10 2,450,944 --------- C:\WINDOWS\system32\dllcache\wmvcore.dll

2007-08-19 16:54 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2007-08-17 08:16 <DIR> d---s---- C:\DOCUME~1\ADMINI~1\UserData

2007-08-16 20:34 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2007-08-16 10:02 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Image Zone Express

2007-08-15 15:38 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Lavasoft

2007-08-15 14:54 57,407 --a------ C:\WINDOWS\system32\ANICtl.dll

2007-08-15 14:54 49,152 --a------ C:\WINDOWS\system32\AQCKGen.dll

2007-08-15 14:54 368,640 --a------ C:\WINDOWS\system32\ANIWZCS2.dll

2007-08-15 14:54 221,184 --a------ C:\WINDOWS\system32\wlanapi.dll

2007-08-15 14:54 212,992 --a------ C:\WINDOWS\system32\aIPH.dll

2007-08-15 14:54 143,360 --a------ C:\WINDOWS\system32\WlanApp.dll

2007-08-15 14:54 1,323,095 --a------ C:\WINDOWS\system32\odSupp_M.dll

2007-08-15 14:53 36,864 --a------ C:\WINDOWS\system32\ANIOApi.dll

2007-08-15 14:53 28,205 --a------ C:\WINDOWS\system32\ANIO.sys

2007-08-15 14:53 11,904 --a------ C:\WINDOWS\system32\anio4.sys

2007-08-15 14:53 <DIR> d-------- C:\Arquivos de programas\D-Link

2007-08-15 14:53 <DIR> d-------- C:\Arquivos de programas\ANI

2007-08-14 16:31 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\HP

2007-08-13 21:09 <DIR> d---s---- C:\DOCUME~1\LOCALS~1\UserData

2007-08-13 21:05 <DIR> d-------- C:\DOCUME~1\LOCALS~1\DADOSD~1\HP

2007-08-13 21:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\HP

2007-08-13 21:02 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\HP

2007-08-13 21:00 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

2007-08-13 20:59 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

2007-08-13 20:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2007-08-13 20:57 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll

2007-08-13 20:57 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe

2007-08-13 20:57 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe

2007-08-13 20:57 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll

2007-08-13 20:57 306,688 --a------ C:\WINDOWS\IsUninst.exe

2007-08-13 20:57 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll

2007-08-13 20:57 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll

2007-08-13 20:57 <DIR> d-------- C:\Arquivos de programas\HP

2007-08-13 20:55 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll

2007-08-13 20:55 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys

2007-08-13 20:55 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll

2007-08-13 20:55 282,624 -ra------ C:\WINDOWS\system32\HPZc3212.dll

2007-08-13 20:55 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys

2007-08-13 20:55 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys

2007-08-13 20:55 119,027 --a------ C:\WINDOWS\hpoins11.dat

2007-08-13 20:54 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2007-08-13 20:49 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys

2007-08-10 14:14 304,182 --a------ C:\StiImg.dat

2007-08-10 14:12 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys

2007-08-10 14:12 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys

2007-08-10 14:12 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS

2007-08-10 14:12 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys

2007-08-10 14:12 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys

2007-08-10 14:12 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys

2007-08-10 14:12 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys

2007-08-10 14:11 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll

2007-08-10 14:02 <DIR> d-------- C:\WINDOWS\PAC207

2007-08-10 14:02 <DIR> d-------- C:\Arquivos de programas\PC Camera

2007-08-10 14:02 <DIR> d-------- C:\Arquivos de programas\Common Files

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-08-16 13:19 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Real

2007-08-15 14:54 --------- d--h----- C:\Arquivos de programas\InstallShield Installation Information

2007-08-07 08:58 --------- d-------- C:\Arquivos de programas\CyberLink DVD Solution

2007-08-02 16:26 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Help

2007-08-02 10:56 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\CyberLink

2007-07-31 20:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\CyberLink

2007-07-30 21:44 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Media Player Classic

2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll

2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll

2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe

2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll

2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll

2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll

2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll

2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll

2007-07-30 18:49 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy

2007-07-30 18:48 --------- d-------- C:\Arquivos de programas\Lavasoft

2007-07-30 18:48 --------- d-------- C:\Arquivos de programas\CCleaner

2007-07-30 17:43 --------- d-------- C:\Arquivos de programas\Arquivos comuns\InstallShield

2007-07-30 13:32 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Corel

2007-07-30 13:29 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Corel

2007-07-30 13:27 --------- d-------- C:\Arquivos de programas\Corel

2007-07-29 22:27 --------- d-------- C:\Arquivos de programas\Innovative Solutions

2007-07-29 22:25 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Nero

2007-07-29 22:22 --------- d-------- C:\Arquivos de programas\Ahead

2007-07-29 22:21 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Ahead

2007-07-29 22:18 --------- d-------- C:\Arquivos de programas\Microsoft.NET

2007-07-29 22:09 --------- d-------- C:\DOCUME~1\DEFAUL~1\DADOSD~1\Real

2007-07-29 22:09 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Real

2007-07-29 22:09 --------- d-------- C:\Arquivos de programas\K-Lite Codec Pack

2007-07-29 22:08 --------- d-------- C:\Arquivos de programas\MSN Messenger

2007-07-29 22:05 --------- d-------- C:\Arquivos de programas\Arquivos comuns\MSSoap

2007-07-29 22:01 4128 --a------ C:\WINDOWS\system32\drivers\INFCACHE.1

2007-07-29 18:56 --------- d-------- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2007-07-29 18:56 --------- d-------- C:\Arquivos de programas\Arquivos comuns\ODBC

2007-06-26 11:09 660992 --------- C:\WINDOWS\system32\dllcache\wininet.dll

2007-06-26 10:57 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll

2007-06-26 03:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll

2007-06-26 03:10 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll

2007-06-19 10:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll

2007-06-19 10:31 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll

2007-06-14 15:09 96768 --------- C:\WINDOWS\system32\dllcache\inseng.dll

2007-06-14 15:09 616448 --------- C:\WINDOWS\system32\dllcache\urlmon.dll

2007-06-14 15:09 55808 --------- C:\WINDOWS\system32\dllcache\extmgr.dll

2007-06-14 15:09 532480 --------- C:\WINDOWS\system32\dllcache\mstime.dll

2007-06-14 15:09 474112 --------- C:\WINDOWS\system32\dllcache\shlwapi.dll

2007-06-14 15:09 449024 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll

2007-06-14 15:09 39424 --------- C:\WINDOWS\system32\dllcache\pngfilt.dll

2007-06-14 15:09 357888 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll

2007-06-14 15:09 3079680 --------- C:\WINDOWS\system32\dllcache\mshtml.dll

2007-06-14 15:09 251392 --------- C:\WINDOWS\system32\dllcache\iepeers.dll

2007-06-14 15:09 205312 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll

2007-06-14 15:09 16384 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll

2007-06-14 15:09 151552 --------- C:\WINDOWS\system32\dllcache\cdfview.dll

2007-06-14 15:09 1494528 --------- C:\WINDOWS\system32\dllcache\shdocvw.dll

2007-06-14 15:09 146432 --------- C:\WINDOWS\system32\dllcache\msrating.dll

2007-06-14 15:09 1055744 --------- C:\WINDOWS\system32\dllcache\danim.dll

2007-06-14 15:09 1024000 --------- C:\WINDOWS\system32\dllcache\browseui.dll

2007-06-14 11:07 18432 --------- C:\WINDOWS\system32\dllcache\iedw.exe

2007-06-13 10:21 1035264 --a------ C:\WINDOWS\explorer.exe

2007-06-13 10:21 1035264 --------- C:\WINDOWS\system32\dllcache\explorer.exe

2004-10-01 15:00 40960 --a------ C:\Arquivos de programas\Uninstall_CDS.exe

--------- C:\Arquivos de programas\Serviços on-line

--------- C:\Arquivos de programas\Arquivos comuns\Serviços

.

((((((((((((((((((((((((((((( snapshot_2007-08-31_181112.95 )))))))))))))))))))))))))))))))))))))))))

.

-c----w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe

-c----w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll

-c----w 414,208 2006-10-19 00:47:16 C:\WINDOWS\$NtUninstallKB929399$\msscp.dll

-c----w 213,216 2005-06-28 13:23:26 C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll

-c----w 10,834,432 2006-10-19 00:47:20 C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll

-c----w 215,264 2005-06-28 13:23:32 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll

-c----w 316,928 2006-11-03 02:29:46 C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe

-c----w 215,264 2005-06-28 13:23:32 C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll

-c----w 221,488 2006-09-25 20:58:48 C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe

-c----w 379,184 2006-09-25 20:58:48 C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll

-c----w 485,888 2005-01-28 19:12:16 C:\WINDOWS\$NtUninstallWMFDist11$\audiodev.dll

-c----w 294,912 2005-09-19 20:12:29 C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll

-c----w 164,864 2005-09-19 20:12:29 C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll

-c----w 502,272 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll

-c----w 6,656 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll

-c----w 96,768 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe

-c----w 310,272 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll

-c----w 384,512 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll

-c----w 240,640 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll

-c----w 142,336 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll

-c----w 25,088 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll

-c----w 173,568 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll

-c----w 364,784 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll

-c----w 316,416 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll

-c----w 221,184 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll

-c----w 47,104 2005-01-28 04:36:04 C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe

-c----w 15,872 2005-01-28 04:35:58 C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll

-c----w 38,912 2005-01-28 04:36:00 C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe

-c----w 396,528 2005-09-19 20:12:33 C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll

-c----w 716,288 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll

-c----w 224,768 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll

-c----w 28,160 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll

-c----w 33,792 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll

-c----w 335,872 2005-01-28 11:53:50 C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll

-c----w 290,816 2005-01-28 11:53:54 C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll

-c----w 150,016 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll

-c----w 1,027,072 2005-09-19 20:12:35 C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll

-c----w 774,904 2005-09-19 20:12:47 C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll

-c----w 1,119,744 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll

-c----w 413,944 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll

-c----w 940,544 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll

-c----w 1,218,808 2005-01-28 16:32:56 C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll

-c----w 1,512,448 2005-01-28 11:53:20 C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll

-c----w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll

-c----w 895,736 2005-09-19 20:12:51 C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll

-c----w 1,003,008 2005-09-19 20:12:52 C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll

-c----w 61,952 2005-01-28 04:36:20 C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll

-c----w 114,176 2005-01-28 04:36:24 C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll

-c----w 66,560 2005-01-28 04:36:22 C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll

-c----w 331,264 2005-01-28 04:36:28 C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll

-c----w 18,944 2005-01-28 04:36:24 C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys

-c----w 38,912 2005-01-28 04:36:28 C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll

-c----w 213,216 2006-05-16 21:11:54 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe

-c----w 371,424 2006-05-16 21:11:54 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll

-c----w 13,312 2006-11-02 14:46:52 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll

-c----w 221,488 2006-09-16 04:05:22 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe

-c----w 379,184 2006-09-16 04:05:22 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll

-c----w 58,368 2006-09-28 22:01:52 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll

------w 39,424 2006-10-04 14:05:26 C:\WINDOWS\AppPatch\acadproc.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spmsg.dll

----a-w 215,264 2005-06-28 13:23:32 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spuninst.exe

----a-w 22,752 2005-06-28 13:21:34 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spupdsvc.exe

----a-w 10,834,944 2007-06-12 02:51:12 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\wmp.dll

----a-w 721,120 2005-06-28 13:25:00 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\update\updspapi.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\spmsg.dll

----a-w 215,264 2005-06-28 13:23:32 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\spuninst.exe

----a-w 318,464 2007-06-27 19:02:52 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\unregmp2.exe

----a-w 721,120 2005-06-28 13:25:00 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\update\updspapi.dll

----a-w 414,720 2006-12-04 19:21:50 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\msscp.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spmsg.dll

----a-w 213,216 2005-06-28 13:23:26 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spuninst.exe

----a-w 22,752 2005-06-28 13:21:34 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spupdsvc.exe

----a-w 716,000 2005-06-28 13:24:52 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\updspapi.dll

----a-w 276,992 2006-10-19 00:47:08 C:\WINDOWS\system32\audiodev.dll

----a-w 542,720 2006-10-19 00:47:10 C:\WINDOWS\system32\blackbox.dll

----a-w 229,376 2006-10-19 00:47:10 C:\WINDOWS\system32\cewmdm.dll

------w 249,856 2006-10-18 23:00:46 C:\WINDOWS\system32\drmupgds.exe

----a-w 991,744 2006-10-19 00:47:10 C:\WINDOWS\system32\drmv2clt.dll

----a-w 11,264 2006-10-19 00:47:14 C:\WINDOWS\system32\LAPRXY.dll

----a-w 100,864 2006-10-18 23:03:58 C:\WINDOWS\system32\logagent.exe

------w 212,992 2006-10-19 00:47:14 C:\WINDOWS\system32\MFPLAT.dll

------w 259,072 2006-10-19 00:47:14 C:\WINDOWS\system32\MP43DECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MP43DMOD.dll

------w 317,440 2006-10-19 00:47:14 C:\WINDOWS\system32\MP4SDECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MP4SDMOD.dll

------w 259,072 2006-10-19 00:47:14 C:\WINDOWS\system32\MPG4DECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MPG4DMOD.dll

------w 312,128 2006-10-02 18:28:42 C:\WINDOWS\system32\msdelta.dll

----a-w 179,712 2006-10-19 00:47:16 C:\WINDOWS\system32\msnetobj.dll

----a-w 27,136 2006-10-19 00:47:16 C:\WINDOWS\system32\mspmsnsv.dll

----a-w 175,616 2006-10-19 00:47:16 C:\WINDOWS\system32\mspmsp.dll

----a-w 414,720 2006-12-04 19:21:50 C:\WINDOWS\system32\msscp.dll

----a-w 321,536 2006-10-19 00:47:16 C:\WINDOWS\system32\mswmdm.dll

------w 284,160 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceApi.dll

------w 101,888 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceClassExtension.dll

------w 166,912 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceTypes.dll

------w 132,096 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

------w 199,168 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceWMDRM.dll

----a-w 211,456 2006-10-19 00:47:18 C:\WINDOWS\system32\qasf.dll

------w 14,640 2006-09-25 20:58:48 C:\WINDOWS\system32\spmsg.dll

----a-w 8,704 2006-10-19 00:58:00 C:\WINDOWS\system32\uwdf.exe

----a-w 4,096 2006-10-19 00:47:18 C:\WINDOWS\system32\wdfapi.dll

----a-w 8,704 2006-10-19 00:58:00 C:\WINDOWS\system32\wdfmgr.exe

----a-w 757,248 2006-10-19 00:47:18 C:\WINDOWS\system32\WMADMOD.dll

----a-w 1,117,696 2006-10-19 00:47:18 C:\WINDOWS\system32\WMADMOE.dll

----a-w 222,208 2006-10-19 00:47:18 C:\WINDOWS\system32\WMASF.dll

----a-w 33,792 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdmlog.dll

----a-w 37,376 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdmps.dll

----a-w 429,056 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdrmdev.dll

----a-w 348,672 2006-10-19 00:47:20 C:\WINDOWS\system32\wmdrmnet.dll

------w 535,040 2006-10-19 00:47:20 C:\WINDOWS\system32\wmdrmsdk.dll

----a-w 157,184 2006-10-19 00:47:20 C:\WINDOWS\system32\wmidx.dll

----a-w 937,984 2006-10-19 00:47:20 C:\WINDOWS\system32\WMNetMgr.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmsdmod.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmsdmoe2.dll

----a-w 603,648 2006-10-19 00:47:22 C:\WINDOWS\system32\WMSPDMOD.dll

----a-w 1,329,152 2006-10-19 00:47:22 C:\WINDOWS\system32\WMSPDMOE.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVADVD.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVADVE.DLL

----a-w 2,450,944 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvcore.dll

------w 1,543,680 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVDECOD.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvdmod.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvdmoe2.dll

------w 1,574,912 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVENCOD.dll

------w 1,382,912 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVSDECD.dll

------w 767,488 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVSENCD.dll

------w 656,896 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVXENCD.dll

----a-w 35,840 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdconns.dll

----a-w 154,624 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdmtp.dll

----a-w 63,488 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdmtpus.dll

------w 2,603,008 2006-10-19 00:47:22 C:\WINDOWS\system32\WpdShext.dll

------w 17,408 2006-10-18 23:00:14 C:\WINDOWS\system32\wpdshextautoplay.exe

------w 41,984 2006-11-02 14:52:56 C:\WINDOWS\system32\wpdshextres.dll

------w 133,632 2006-10-19 00:47:22 C:\WINDOWS\system32\WPDShServiceObj.dll

----a-w 356,352 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdsp.dll

----a-w 629,760 2006-10-19 00:47:22 C:\WINDOWS\system32\wpd_ci.dll

------w 95,344 2006-09-28 23:13:26 C:\WINDOWS\system32\WUDFCoinstaller.dll

------w 146,432 2006-09-28 21:56:38 C:\WINDOWS\system32\WudfHost.exe

------w 165,376 2006-09-28 21:56:16 C:\WINDOWS\system32\WudfPlatform.dll

------w 55,808 2006-09-28 21:56:14 C:\WINDOWS\system32\WudfSvc.dll

------w 316,416 2006-09-28 21:56:38 C:\WINDOWS\system32\WUDFx.dll

----a-w 821,600 2007-09-04 12:22:55 C:\WINDOWS\system32\drivers\avg7core.sys

----a-w 38,528 2006-10-18 23:00:00 C:\WINDOWS\system32\drivers\wpdusb.sys

------w 77,568 2006-09-28 21:55:50 C:\WINDOWS\system32\drivers\WudfPf.sys

------w 82,944 2006-09-28 22:00:34 C:\WINDOWS\system32\drivers\WudfRd.sys

------w 671,232 2006-10-19 00:47:22 C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

----a-w 11,776 2005-09-19 19:42:56 C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIKJRES.DLL

----a-w 8,704 2005-09-19 19:43:32 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTY.DLL

----a-w 39,936 2005-09-19 19:43:38 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYRES.DLL

----a-w 16,384 2005-09-19 19:43:32 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYUI.DLL

.

----a-w 485,888 2005-01-28 19:12:16 C:\WINDOWS\system32\audiodev.dll

----a-w 294,912 2005-09-19 20:12:29 C:\WINDOWS\system32\blackbox.dll

----a-w 164,864 2005-09-19 20:12:29 C:\WINDOWS\system32\cewmdm.dll

----a-w 502,272 2005-09-19 20:12:30 C:\WINDOWS\system32\drmv2clt.dll

----a-w 6,656 2005-09-19 20:12:30 C:\WINDOWS\system32\laprxy.dll

----a-w 96,768 2005-09-19 20:12:30 C:\WINDOWS\system32\logagent.exe

----a-w 310,272 2004-08-04 03:45:24 C:\WINDOWS\system32\mp43dmod.dll

----a-w 384,512 2004-08-04 03:45:24 C:\WINDOWS\system32\mp4sdmod.dll

----a-w 240,640 2004-08-04 03:45:24 C:\WINDOWS\system32\mpg4dmod.dll

----a-w 142,336 2005-09-19 20:12:31 C:\WINDOWS\system32\msnetobj.dll

----a-w 25,088 2005-09-19 20:12:31 C:\WINDOWS\system32\mspmsnsv.dll

----a-w 173,568 2005-09-19 20:12:31 C:\WINDOWS\system32\mspmsp.dll

----a-w 364,784 2005-09-19 20:12:32 C:\WINDOWS\system32\msscp.dll

----a-w 316,416 2005-09-19 20:12:32 C:\WINDOWS\system32\mswmdm.dll

----a-w 221,184 2005-09-19 20:12:32 C:\WINDOWS\system32\qasf.dll

------w 15,072 2007-03-06 01:00:55 C:\WINDOWS\system32\spmsg.dll

----a-w 47,104 2005-01-28 04:36:04 C:\WINDOWS\system32\uWDF.exe

----a-w 15,872 2005-01-28 04:35:58 C:\WINDOWS\system32\WdfApi.dll

----a-w 38,912 2005-01-28 04:36:00 C:\WINDOWS\system32\WdfMgr.exe

----a-w 396,528 2005-09-19 20:12:33 C:\WINDOWS\system32\wmadmod.dll

----a-w 716,288 2005-09-19 20:12:34 C:\WINDOWS\system32\wmadmoe.dll

----a-w 224,768 2005-09-19 20:12:34 C:\WINDOWS\system32\wmasf.dll

----a-w 28,160 2005-09-19 20:12:34 C:\WINDOWS\system32\wmdmlog.dll

----a-w 33,792 2005-09-19 20:12:34 C:\WINDOWS\system32\wmdmps.dll

----a-w 335,872 2005-01-28 11:53:50 C:\WINDOWS\system32\wmdrmdev.dll

----a-w 290,816 2005-01-28 11:53:54 C:\WINDOWS\system32\wmdrmnet.dll

----a-w 150,016 2005-09-19 20:12:34 C:\WINDOWS\system32\wmidx.dll

----a-w 1,027,072 2005-09-19 20:12:35 C:\WINDOWS\system32\wmnetmgr.dll

----a-w 774,904 2005-09-19 20:12:47 C:\WINDOWS\system32\wmsdmod.dll

----a-w 1,119,744 2005-09-19 20:12:48 C:\WINDOWS\system32\wmsdmoe2.dll

----a-w 413,944 2005-09-19 20:12:48 C:\WINDOWS\system32\wmspdmod.dll

----a-w 940,544 2005-09-19 20:12:48 C:\WINDOWS\system32\wmspdmoe.dll

----a-w 1,218,808 2005-01-28 16:32:56 C:\WINDOWS\system32\WMVADVD.DLL

----a-w 1,512,448 2005-01-28 11:53:20 C:\WINDOWS\system32\WMVADVE.DLL

----a-w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\system32\wmvcore.dll

----a-w 895,736 2005-09-19 20:12:51 C:\WINDOWS\system32\wmvdmod.dll

----a-w 1,003,008 2005-09-19 20:12:52 C:\WINDOWS\system32\wmvdmoe2.dll

----a-w 61,952 2005-01-28 04:36:20 C:\WINDOWS\system32\wpdconns.dll

----a-w 114,176 2005-01-28 04:36:24 C:\WINDOWS\system32\wpdmtp.dll

----a-w 66,560 2005-01-28 04:36:22 C:\WINDOWS\system32\wpdmtpus.dll

----a-w 331,264 2005-01-28 04:36:28 C:\WINDOWS\system32\WPDSp.dll

----a-w 38,912 2005-01-28 04:36:28 C:\WINDOWS\system32\wpd_ci.dll

----a-w 821,536 2007-08-20 21:02:23 C:\WINDOWS\system32\drivers\avg7core.sys

----a-w 18,944 2005-01-28 04:36:24 C:\WINDOWS\system32\drivers\wpdusb.sys

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 18:14]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

"RemoteControl"="C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]

"D-Link AirPlus G"="C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe" [2005-03-29 11:41]

"ANIWZCS2Service"="C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 17:49]

"AVG7_CC"="C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe" [2007-08-20 18:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45]

"msnmsgr"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" [2005-08-13 22:34]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"

"tscuninstall"=%systemroot%\system32\tscupgrd.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

C:\DOCUME~1\ALLUSE~1\MENUIN~1\PROGRA~1\INICIA~1\

Adobe Gamma Loader.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-30 13:18:34]

Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 nwprovau

R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F9E9A340-D1F1-11D0-821E-POISONIVY2007}]

C:\WINDOWS\system32\dllcache\poisonivy.exe s

.

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-09-08 11:19:52

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2007-09-08 11:20:51

C:\ComboFix-quarantined-files.txt ... 2007-09-08 11:20

C:\ComboFix2.txt ... 2007-08-31 18:11

.

--- E O F ---

Maquina 2

Logfile of HijackThis v1.99.1

Scan saved at 11:40:55, on 8/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE

C:\WINDOWS\Mixer.exe

C:\WINDOWS\wdfmgr.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe

C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww.google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus CX4100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE /P26 "EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [wdfmgr.exe] C:\WINDOWS\wdfmgr.exe

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{97F29EDD-7E83-45DC-AE39-EB392CE53F5B}: NameServer = 192.168.0.1

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

jgarcia · Setembro 26, 2007

Opa Armando Leitão,

Para máquina 01.

Favor criar um tópico próprio.

Para máquina 02.

1. Baixe o BankerFix.

2. Desative o seu anti-vírus temporariamente.

3. Dê um duplo-clique sobre o bankerfix.exe. Uma mensagem aparecerá avisando que o mesmo será baixado via internet. Clique em Ok -> Ok. Aperte Enter e aguarde o término do scan.

4. Terminado o scan, leia a mensagem na tela e aperte Enter novamente.

5. Habilite o seu anti-vírus.

6. Retorne com um novo log do HijackThis, juntamente com o relatorio.txt do BankerFix (ele estará em C:\LinhaDefensiva\).

7. Depois de postar a sua resposta você poderá deletar a pasta LinhaDefensiva contida no C.

Abraços.

Armando Leitão · Outubro 23, 2007

Máquina 02 formatada, por outros motivos....

Por favor analise esse log da maquina 3...

Maquina 3

Logfile of HijackThis v1.99.1

Scan saved at 21:17:41, on 22/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Java\jre1.6.0_01\bin\jucheck.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{4AC77C68-B443-4978-B460-3ECFC34D071D}: NameServer = 192.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{4AC77C68-B443-4978-B460-3ECFC34D071D}: NameServer = 192.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{4AC77C68-B443-4978-B460-3ECFC34D071D}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Analise a Maquina 1 por favor também..

Logfile of HijackThis v1.99.1

Scan saved at 22:28:36, on 22/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jucheck.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Mario Forever Toolbar Helper - {8036D4D7-AAD3-4793-AB49-329E437155A8} - C:\Arquivos de programas\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Mario Forever Toolbar - {463DF6D5-BEC1-4d67-B217-59DB692DFC53} - C:\Arquivos de programas\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [PowerDVD] C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PowerDVD.exe /autostart

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?8f6c5bb4c6714bbab24c8be5a89db07d

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?8f6c5bb4c6714bbab24c8be5a89db07d

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{B157CC24-7327-4E78-9BA5-A227131F662C}: NameServer = 192.168.0.4

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Arquivos de programas\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

ComboFix 07-10-23.2 - Administrador 2007-10-22 22:12:27.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.182 [GMT -3:00]

Executando de: C:\Documents and Settings\Administrador\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

.

((((((((((((((((((((((( Ficheiros criados de 2007-09-23 to 2007-10-23 ))))))))))))))))))))))))))))))))

.

2007-10-21 18:33 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\DirectX

2007-10-21 10:45 <DIR> d-------- C:\Arquivos de programas\Mario Forever Toolbar

2007-10-21 10:45 325,346 --a------ C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_5406.exe

2007-10-21 10:44 <DIR> d-------- C:\Arquivos de programas\Mario Forever

2007-10-21 10:43 27,171,490 --a------ C:\Mario_Forever_Setup_111405.exe

2007-10-16 21:31 <DIR> d-------- C:\SIMS

2007-10-16 21:30 <DIR> d-------- C:\Documents and Settings\Administrador\WINDOWS

2007-10-16 20:47 <DIR> d-------- C:\Documents and Settings\Administrador\Dados de aplicativos\Skype

2007-10-16 20:45 <DIR> d-------- C:\Arquivos de programas\Google

2007-10-16 20:43 <DIR> d-------- C:\Arquivos de programas\Skype

2007-10-16 20:43 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Skype

2007-10-10 06:52 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll

2007-09-26 13:46 <DIR> d-------- C:\Arquivos de programas\PC Camera

2007-09-26 13:46 <DIR> d-------- C:\Arquivos de programas\Common Files

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-10-23 01:15 434,976 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat

2007-10-23 01:15 23,711,776 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat

2007-10-22 14:03 40,988 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx

2007-10-22 14:03 314,456 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx

2007-10-21 19:04 57,654 ----a-w C:\StiImg.dat

2007-10-19 17:45 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Image Zone Express

2007-09-26 16:47 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2007-09-13 09:37 --------- d-----w C:\Arquivos de programas\MSN Messenger

2007-09-13 01:24 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Lavasoft

2007-09-13 00:16 --------- d-----w C:\Arquivos de programas\Windows Live Toolbar

2007-09-13 00:16 --------- d-----w C:\Arquivos de programas\Windows Live Favorites

2007-09-11 11:36 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\HP

2007-09-09 17:55 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\AdobeUM

2007-09-08 16:46 82,061 ----a-w C:\WINDOWS\system32\drivers\klick.dat

2007-09-08 16:46 81,549 ----a-w C:\WINDOWS\system32\drivers\klin.dat

2007-09-08 16:33 --------- d-----w C:\Arquivos de programas\Kaspersky Lab

2007-09-08 15:29 --------- d-----w C:\Arquivos de programas\RealVNC

2007-09-08 14:02 --------- d-----w C:\Arquivos de programas\Psychic Doom 97D High Exp

2007-09-06 15:11 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2

2007-08-22 13:13 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll

2007-08-22 13:13 660,992 ------w C:\WINDOWS\system32\dllcache\wininet.dll

2007-08-22 13:13 616,448 ------w C:\WINDOWS\system32\dllcache\urlmon.dll

2007-08-22 13:13 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll

2007-08-22 13:13 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll

2007-08-22 13:13 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll

2007-08-22 13:13 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll

2007-08-22 13:13 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll

2007-08-22 13:13 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll

2007-08-22 13:13 3,079,168 ------w C:\WINDOWS\system32\dllcache\mshtml.dll

2007-08-22 13:13 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll

2007-08-22 13:13 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll

2007-08-22 13:13 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll

2007-08-22 13:13 151,552 ------w C:\WINDOWS\system32\dllcache\cdfview.dll

2007-08-22 13:13 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll

2007-08-22 13:13 1,494,528 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll

2007-08-22 13:13 1,055,744 ------w C:\WINDOWS\system32\dllcache\danim.dll

2007-08-22 13:13 1,023,488 ------w C:\WINDOWS\system32\dllcache\browseui.dll

2007-08-21 11:38 2,184,576 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2007-08-21 10:30 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe

2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2007-08-21 06:17 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll

2007-07-30 22:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll

2007-07-30 22:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll

2007-07-30 22:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe

2007-07-30 22:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll

2007-07-30 22:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll

2007-07-30 22:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll

2007-07-30 22:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll

2007-07-30 22:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll

2007-07-30 22:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll

2007-07-30 22:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll

2004-10-01 18:00 40,960 ----a-w C:\Arquivos de programas\Uninstall_CDS.exe

.

((((((((((((((((((((((((((((( snapshot_2007-08-31_181112.95 )))))))))))))))))))))))))))))))))))))))))

.

+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe

+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll

+ 2006-10-19 00:47:16 414,208 -c----w C:\WINDOWS\$NtUninstallKB929399$\msscp.dll

+ 2005-06-28 13:23:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe

+ 2005-06-28 13:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll

+ 2005-06-28 13:23:32 215,264 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe

+ 2005-06-28 13:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll

+ 2006-10-19 00:47:20 10,834,432 -c----w C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll

+ 2005-06-28 13:23:32 215,264 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe

+ 2005-06-28 13:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll

+ 2006-11-03 02:29:46 316,928 -c----w C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe

+ 2006-09-25 20:58:48 221,488 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe

+ 2006-09-25 20:58:48 379,184 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll

+ 2005-01-28 19:12:16 485,888 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\audiodev.dll

+ 2005-09-19 20:12:29 294,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll

+ 2005-09-19 20:12:29 164,864 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll

+ 2005-09-19 20:12:30 502,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll

+ 2005-09-19 20:12:30 6,656 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll

+ 2005-09-19 20:12:30 96,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe

+ 2004-08-04 03:45:24 310,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll

+ 2004-08-04 03:45:24 384,512 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll

+ 2004-08-04 03:45:24 240,640 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll

+ 2005-09-19 20:12:31 142,336 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll

+ 2005-09-19 20:12:31 25,088 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll

+ 2005-09-19 20:12:31 173,568 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll

+ 2005-09-19 20:12:32 364,784 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll

+ 2005-09-19 20:12:32 316,416 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll

+ 2005-09-19 20:12:32 221,184 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll

+ 2006-05-16 21:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe

+ 2006-05-16 21:11:54 371,424 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll

+ 2006-11-02 14:46:52 13,312 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll

+ 2005-01-28 04:36:04 47,104 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe

+ 2005-01-28 04:35:58 15,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll

+ 2005-01-28 04:36:00 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe

+ 2005-09-19 20:12:33 396,528 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll

+ 2005-09-19 20:12:34 716,288 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll

+ 2005-09-19 20:12:34 224,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll

+ 2005-09-19 20:12:34 28,160 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll

+ 2005-09-19 20:12:34 33,792 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll

+ 2005-01-28 11:53:50 335,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll

+ 2005-01-28 11:53:54 290,816 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll

+ 2005-09-19 20:12:34 150,016 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll

+ 2005-09-19 20:12:35 1,027,072 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll

+ 2005-09-19 20:12:47 774,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll

+ 2005-09-19 20:12:48 1,119,744 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll

+ 2005-09-19 20:12:48 413,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll

+ 2005-09-19 20:12:48 940,544 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll

+ 2005-01-28 16:32:56 1,218,808 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll

+ 2005-01-28 11:53:20 1,512,448 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll

+ 2006-12-07 05:29:34 2,374,472 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll

+ 2005-09-19 20:12:51 895,736 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll

+ 2005-09-19 20:12:52 1,003,008 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll

+ 2005-01-28 04:36:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll

+ 2005-01-28 04:36:20 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll

+ 2005-01-28 04:36:24 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll

+ 2005-01-28 04:36:22 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll

+ 2005-01-28 04:36:28 331,264 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll

+ 2005-01-28 04:36:24 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys

+ 2006-09-16 04:05:22 221,488 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe

+ 2006-09-16 04:05:22 379,184 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll

+ 2006-09-28 22:01:52 58,368 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll

+ 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll

- 2007-07-20 03:47:22 109,056 ----a-w C:\WINDOWS\catchme.exe

+ 2007-10-20 09:03:30 136,192 ----a-w C:\WINDOWS\catchme.exe

+ 2003-07-15 14:13:58 166,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL

+ 2003-07-15 06:14:28 350,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL

+ 2003-07-15 14:18:12 47,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE

+ 2003-08-13 13:34:38 10,073,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE

+ 2003-08-03 21:56:16 1,146,184 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FM20.DLL

+ 2003-07-24 10:01:40 1,949,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL

+ 2003-07-15 10:36:14 186,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL

+ 2003-07-26 06:00:16 1,157,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL

+ 2003-07-26 06:14:50 799,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL

+ 2003-07-15 10:11:42 2,139,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE

+ 2003-07-15 01:57:44 87,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL

+ 2003-07-15 09:53:50 161,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\IETAG.DLL

+ 2003-05-29 02:42:48 514,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\INTLNAME.DLL

+ 2003-06-19 04:31:44 758,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL

+ 2003-06-19 04:31:48 17,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL

+ 2003-06-19 04:31:48 18,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL

+ 2003-06-19 04:31:46 35,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL

+ 2003-06-19 04:31:34 443,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL

+ 2003-05-29 02:42:50 342,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\METCONV.DLL

+ 2003-08-15 11:54:08 6,627,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE

+ 2003-07-15 14:13:58 130,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL

+ 2003-07-15 01:58:04 230,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL

+ 2003-07-15 09:51:50 116,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL

+ 2002-12-18 06:08:50 359,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSDMENG.DLL

+ 2002-12-18 06:08:54 1,383,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL

+ 2003-07-15 14:14:00 139,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL

+ 2002-04-10 07:14:36 187,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSMDUN80.DLL

+ 2003-08-08 11:23:16 12,172,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSO.DLL

+ 2003-07-15 06:14:18 106,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL

+ 2003-07-24 01:35:26 127,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL

+ 2003-07-15 09:44:06 25,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL

+ 2002-12-18 06:09:24 2,071,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL

+ 2003-06-19 04:31:24 1,033,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL

+ 2003-07-28 23:24:40 5,677,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSPUB.EXE

+ 2003-07-15 10:02:14 627,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE

+ 2003-07-15 09:56:24 124,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE

+ 2003-07-24 09:40:00 482,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL

+ 2003-07-15 14:14:26 283,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\OIS.EXE

+ 2003-07-15 14:14:26 828,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL

+ 2003-07-15 14:14:26 27,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL

+ 2003-08-05 00:19:34 7,330,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\OWC10.DLL

+ 2003-08-02 02:09:04 8,086,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\OWC11.DLL

+ 2003-07-30 23:40:40 6,133,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE

+ 2003-07-15 14:18:54 430,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL

+ 2003-08-01 02:21:08 1,782,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE

+ 2003-07-15 09:40:26 130,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\PRTF9.DLL

+ 2003-07-15 09:51:12 604,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\PTXT9.DLL

+ 2003-07-15 09:50:26 551,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\PUBCONV.DLL

+ 2003-08-07 00:26:18 445,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\SOA.DLL

+ 2003-08-03 21:52:32 2,808,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL

+ 2003-07-04 02:19:36 2,502,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\VBE6.DLL

+ 2003-08-07 00:24:20 12,037,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE

+ 2005-05-27 04:06:54 10,095,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\EXCEL.EXE

+ 2005-07-22 20:47:14 12,242,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\MSO.DLL

+ 2005-07-05 15:08:18 5,685,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\MSPUB.EXE

+ 2005-06-28 22:15:24 6,146,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\POWERPNT.EXE

+ 2005-03-17 17:01:56 130,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\PRTF9.DLL

+ 2005-03-17 17:02:04 605,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\PTXT9.DLL

+ 2005-03-17 17:41:56 2,812,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\STSLIST.DLL

+ 2005-07-22 20:21:40 12,061,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.7969\WINWORD.EXE

- 2007-08-10 17:08:54 10,134 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\ARPPRODUCTICON.exe

+ 2007-09-26 17:02:39 10,134 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\ARPPRODUCTICON.exe

- 2007-08-10 17:08:54 40,960 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut1_56E721DA0A134E46A4B3EC5584F58066.exe

+ 2007-09-26 17:02:39 40,960 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut1_56E721DA0A134E46A4B3EC5584F58066.exe

- 2007-08-10 17:08:54 40,960 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut3_56E721DA0A134E46A4B3EC5584F58066.exe

+ 2007-09-26 17:02:39 40,960 ----a-r C:\WINDOWS\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut3_56E721DA0A134E46A4B3EC5584F58066.exe

+ 2007-09-12 23:43:59 29,926 ----a-r C:\WINDOWS\Installer\{37FD253D-5064-4034-8CEC-CC3995F823A4}\MsblIco.Exe

- 2007-07-30 01:18:56 593,920 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2007-10-11 01:13:45 593,920 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe

- 2007-07-30 01:18:56 12,288 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2007-10-11 01:13:45 12,288 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2007-07-30 01:18:56 86,016 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2007-10-11 01:13:45 86,016 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2007-07-30 01:18:56 135,168 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2007-10-11 01:13:45 135,168 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2007-07-30 01:18:56 11,264 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2007-10-11 01:13:45 11,264 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2007-07-30 01:18:56 27,136 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2007-10-11 01:13:46 27,136 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2007-07-30 01:18:56 4,096 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2007-10-11 01:13:46 4,096 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2007-07-30 01:18:57 794,624 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2007-10-11 01:13:46 794,624 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2007-07-30 01:18:56 249,856 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2007-10-11 01:13:45 249,856 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2007-07-30 01:18:56 61,440 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2007-10-11 01:13:45 61,440 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2007-07-30 01:18:57 23,040 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2007-10-11 01:13:46 23,040 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2007-07-30 01:18:56 286,720 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2007-10-11 01:13:45 286,720 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2007-07-30 01:18:56 409,600 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2007-10-11 01:13:45 409,600 ----a-r C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2005-01-28 19:12:16 485,888 ----a-w C:\WINDOWS\system32\audiodev.dll

+ 2006-10-19 00:47:08 276,992 ----a-w C:\WINDOWS\system32\audiodev.dll

- 2005-09-19 20:12:29 294,912 ----a-w C:\WINDOWS\system32\blackbox.dll

+ 2006-10-19 00:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll

- 2007-06-14 18:09:18 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll

+ 2007-08-22 13:13:26 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll

- 2007-06-14 18:09:19 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll

+ 2007-08-22 13:13:26 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll

- 2005-09-19 20:12:29 164,864 ----a-w C:\WINDOWS\system32\cewmdm.dll

+ 2006-10-19 00:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll

- 2007-07-29 21:49:39 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

+ 2007-09-08 16:46:00 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

- 2007-07-30 01:11:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat

+ 2007-09-08 16:46:00 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat

- 2007-07-29 21:49:39 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat

+ 2007-09-08 16:46:00 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat

- 2007-06-14 18:09:19 1,055,744 ----a-w C:\WINDOWS\system32\danim.dll

+ 2007-08-22 13:13:27 1,055,744 ----a-w C:\WINDOWS\system32\danim.dll

- 2006-12-07 05:29:34 2,374,472 ------w C:\WINDOWS\system32\dllcache\wmvcore.dll

+ 2006-10-19 00:47:22 2,450,944 ------w C:\WINDOWS\system32\dllcache\wmvcore.dll

+ 2007-03-04 00:39:06 110,360 ----a-w C:\WINDOWS\system32\drivers\kl1.sys

+ 2007-09-08 16:45:29 179,472 ----a-w C:\WINDOWS\system32\drivers\klif.sys

+ 2007-03-09 23:58:06 25,734 ----a-w C:\WINDOWS\system32\drivers\klop.dat

+ 2006-10-19 00:47:22 671,232 ------w C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

- 2005-01-28 04:36:24 18,944 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-10-18 23:00:00 38,528 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-09-28 21:55:50 77,568 ------w C:\WINDOWS\system32\drivers\WudfPf.sys

+ 2006-09-28 22:00:34 82,944 ------w C:\WINDOWS\system32\drivers\WudfRd.sys

+ 2006-10-18 23:00:46 249,856 ------w C:\WINDOWS\system32\drmupgds.exe

- 2005-09-19 20:12:30 502,272 ----a-w C:\WINDOWS\system32\drmv2clt.dll

+ 2006-10-19 00:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll

- 2007-06-14 18:09:19 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll

+ 2007-08-22 13:13:27 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll

- 2007-06-14 18:09:19 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll

+ 2007-08-22 13:13:27 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll

- 2007-06-14 18:09:19 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll

+ 2007-08-22 13:13:27 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll

- 2003-08-03 21:56:16 1,146,184 ----a-w C:\WINDOWS\system32\FM20.DLL

+ 2005-03-17 17:39:58 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL

- 2007-08-20 09:56:53 211,288 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2007-09-14 15:42:11 211,288 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

- 2007-06-14 18:09:19 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll

+ 2007-08-22 13:13:28 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll

- 2007-06-14 18:09:19 96,768 ----a-w C:\WINDOWS\system32\inseng.dll

+ 2007-08-22 13:13:28 96,768 ----a-w C:\WINDOWS\system32\inseng.dll

- 2007-06-14 18:09:19 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll

+ 2007-08-22 13:13:28 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll

+ 2007-03-09 23:52:52 200,768 ----a-w C:\WINDOWS\system32\klogon.dll

- 2005-09-19 20:12:30 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll

+ 2006-10-19 00:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll

- 2005-09-19 20:12:30 96,768 ----a-w C:\WINDOWS\system32\logagent.exe

+ 2006-10-18 23:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe

- 2003-06-19 04:31:48 17,920 ----a-w C:\WINDOWS\system32\mdimon.dll

+ 2004-03-22 18:17:06 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll

+ 2006-10-19 00:47:14 212,992 ------w C:\WINDOWS\system32\MFPLAT.dll

+ 2006-10-19 00:47:14 259,072 ------w C:\WINDOWS\system32\MP43DECD.dll

- 2004-08-04 03:45:24 310,272 ----a-w C:\WINDOWS\system32\mp43dmod.dll

+ 2006-10-19 00:47:14 4,096 ----a-w C:\WINDOWS\system32\MP43DMOD.dll

+ 2006-10-19 00:47:14 317,440 ------w C:\WINDOWS\system32\MP4SDECD.dll

- 2004-08-04 03:45:24 384,512 ----a-w C:\WINDOWS\system32\mp4sdmod.dll

+ 2006-10-19 00:47:14 4,096 ----a-w C:\WINDOWS\system32\MP4SDMOD.dll

+ 2006-10-19 00:47:14 259,072 ------w C:\WINDOWS\system32\MPG4DECD.dll

- 2004-08-04 03:45:24 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll

+ 2006-10-19 00:47:14 4,096 ----a-w C:\WINDOWS\system32\MPG4DMOD.dll

- 2007-08-03 00:34:12 16,789,464 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2006-10-02 18:28:42 312,128 ------w C:\WINDOWS\system32\msdelta.dll

- 2007-06-14 18:09:22 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll

+ 2007-08-22 13:13:29 3,079,168 ----a-w C:\WINDOWS\system32\mshtml.dll

- 2007-06-14 18:09:20 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll

+ 2007-08-22 13:13:29 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll

- 2005-09-19 20:12:31 142,336 ----a-w C:\WINDOWS\system32\msnetobj.dll

+ 2006-10-19 00:47:16 179,712 ----a-w C:\WINDOWS\system32\msnetobj.dll

- 2005-09-19 20:12:31 25,088 ----a-w C:\WINDOWS\system32\mspmsnsv.dll

+ 2006-10-19 00:47:16 27,136 ----a-w C:\WINDOWS\system32\mspmsnsv.dll

- 2005-09-19 20:12:31 173,568 ----a-w C:\WINDOWS\system32\mspmsp.dll

+ 2006-10-19 00:47:16 175,616 ----a-w C:\WINDOWS\system32\mspmsp.dll

- 2007-06-14 18:09:20 146,432 ----a-w C:\WINDOWS\system32\msrating.dll

+ 2007-08-22 13:13:29 146,432 ----a-w C:\WINDOWS\system32\msrating.dll

- 2005-09-19 20:12:32 364,784 ----a-w C:\WINDOWS\system32\msscp.dll

+ 2006-12-04 19:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll

- 2007-06-14 18:09:21 532,480 ----a-w C:\WINDOWS\system32\mstime.dll

+ 2007-08-22 13:13:30 532,480 ----a-w C:\WINDOWS\system32\mstime.dll

- 2005-09-19 20:12:32 316,416 ----a-w C:\WINDOWS\system32\mswmdm.dll

+ 2006-10-19 00:47:16 321,536 ----a-w C:\WINDOWS\system32\mswmdm.dll

- 2007-06-14 18:09:21 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll

+ 2007-08-22 13:13:30 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll

+ 2006-10-19 00:47:18 284,160 ------w C:\WINDOWS\system32\PortableDeviceApi.dll

+ 2006-10-19 00:47:18 101,888 ------w C:\WINDOWS\system32\PortableDeviceClassExtension.dll

+ 2006-10-19 00:47:18 166,912 ------w C:\WINDOWS\system32\PortableDeviceTypes.dll

+ 2006-10-19 00:47:18 132,096 ------w C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

+ 2006-10-19 00:47:18 199,168 ------w C:\WINDOWS\system32\PortableDeviceWMDRM.dll

- 2005-09-19 20:12:32 221,184 ----a-w C:\WINDOWS\system32\qasf.dll

+ 2006-10-19 00:47:18 211,456 ----a-w C:\WINDOWS\system32\qasf.dll

- 2004-08-04 03:45:26 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll

+ 2007-07-09 13:09:42 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll

- 2007-06-14 18:09:21 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll

+ 2007-08-22 13:13:31 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll

- 2007-06-14 18:09:21 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll

+ 2007-08-22 13:13:32 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll

- 2005-08-14 00:41:12 118,784 ----a-w C:\WINDOWS\system32\sirenacm.dll

+ 2007-01-19 15:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll

- 2007-03-06 01:00:55 15,072 ------w C:\WINDOWS\system32\spmsg.dll

+ 2006-09-25 20:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2005-09-19 19:42:38 38,400 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\EP9BRES.DLL

+ 2005-09-19 19:42:56 11,776 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIKJRES.DLL

- 2003-06-19 04:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll

+ 2004-03-22 18:17:04 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll

- 2003-06-19 04:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll

+ 2004-03-22 18:17:10 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll

+ 2005-09-19 19:43:32 8,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\TTY.DLL

+ 2005-09-19 19:43:38 39,936 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYRES.DLL

+ 2005-09-19 19:43:32 16,384 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYUI.DLL

- 2003-06-19 04:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll

+ 2004-03-22 18:17:04 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll

- 2003-06-19 04:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll

+ 2004-03-22 18:17:10 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll

- 2003-06-19 04:31:48 18,944 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

+ 2004-03-22 18:17:08 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

- 2005-06-28 12:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2006-09-25 20:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

- 2007-07-22 21:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe

+ 2007-04-02 17:21:27 139,776 ----a-w C:\WINDOWS\system32\swreg.exe

- 2007-06-14 18:09:21 616,448 ----a-w C:\WINDOWS\system32\urlmon.dll

+ 2007-08-22 13:13:32 616,448 ----a-w C:\WINDOWS\system32\urlmon.dll

- 2005-01-28 04:36:04 47,104 ----a-w C:\WINDOWS\system32\uWDF.exe

+ 2006-10-19 00:58:00 8,704 ----a-w C:\WINDOWS\system32\uwdf.exe

- 2005-01-28 04:35:58 15,872 ----a-w C:\WINDOWS\system32\WdfApi.dll

+ 2006-10-19 00:47:18 4,096 ----a-w C:\WINDOWS\system32\wdfapi.dll

- 2005-01-28 04:36:00 38,912 ----a-w C:\WINDOWS\system32\WdfMgr.exe

+ 2006-10-19 00:58:00 8,704 ----a-w C:\WINDOWS\system32\wdfmgr.exe

- 2007-06-26 14:09:18 660,992 ----a-w C:\WINDOWS\system32\wininet.dll

+ 2007-08-22 13:13:32 660,992 ----a-w C:\WINDOWS\system32\wininet.dll

- 2005-09-19 20:12:33 396,528 ----a-w C:\WINDOWS\system32\wmadmod.dll

+ 2006-10-19 00:47:18 757,248 ----a-w C:\WINDOWS\system32\WMADMOD.dll

- 2005-09-19 20:12:34 716,288 ----a-w C:\WINDOWS\system32\wmadmoe.dll

+ 2006-10-19 00:47:18 1,117,696 ----a-w C:\WINDOWS\system32\WMADMOE.dll

- 2005-09-19 20:12:34 224,768 ----a-w C:\WINDOWS\system32\wmasf.dll

+ 2006-10-19 00:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll

- 2005-09-19 20:12:34 28,160 ----a-w C:\WINDOWS\system32\wmdmlog.dll

+ 2006-10-19 00:47:18 33,792 ----a-w C:\WINDOWS\system32\wmdmlog.dll

- 2005-09-19 20:12:34 33,792 ----a-w C:\WINDOWS\system32\wmdmps.dll

+ 2006-10-19 00:47:18 37,376 ----a-w C:\WINDOWS\system32\wmdmps.dll

- 2005-01-28 11:53:50 335,872 ----a-w C:\WINDOWS\system32\wmdrmdev.dll

+ 2006-10-19 00:47:18 429,056 ----a-w C:\WINDOWS\system32\wmdrmdev.dll

- 2005-01-28 11:53:54 290,816 ----a-w C:\WINDOWS\system32\wmdrmnet.dll

+ 2006-10-19 00:47:20 348,672 ----a-w C:\WINDOWS\system32\wmdrmnet.dll

+ 2006-10-19 00:47:20 535,040 ------w C:\WINDOWS\system32\wmdrmsdk.dll

- 2005-09-19 20:12:34 150,016 ----a-w C:\WINDOWS\system32\wmidx.dll

+ 2006-10-19 00:47:20 157,184 ----a-w C:\WINDOWS\system32\wmidx.dll

- 2005-09-19 20:12:35 1,027,072 ----a-w C:\WINDOWS\system32\wmnetmgr.dll

+ 2006-10-19 00:47:20 937,984 ----a-w C:\WINDOWS\system32\WMNetMgr.dll

- 2005-09-19 20:12:47 774,904 ----a-w C:\WINDOWS\system32\wmsdmod.dll

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll

- 2005-09-19 20:12:48 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll

- 2005-09-19 20:12:48 413,944 ----a-w C:\WINDOWS\system32\wmspdmod.dll

+ 2006-10-19 00:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll

- 2005-09-19 20:12:48 940,544 ----a-w C:\WINDOWS\system32\wmspdmoe.dll

+ 2006-10-19 00:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll

- 2005-01-28 16:32:56 1,218,808 ----a-w C:\WINDOWS\system32\WMVADVD.DLL

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVD.dll

- 2005-01-28 11:53:20 1,512,448 ----a-w C:\WINDOWS\system32\WMVADVE.DLL

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVE.DLL

- 2006-12-07 05:29:34 2,374,472 ----a-w C:\WINDOWS\system32\wmvcore.dll

+ 2006-10-19 00:47:22 2,450,944 ----a-w C:\WINDOWS\system32\wmvcore.dll

+ 2006-10-19 00:47:22 1,543,680 ------w C:\WINDOWS\system32\WMVDECOD.dll

- 2005-09-19 20:12:51 895,736 ----a-w C:\WINDOWS\system32\wmvdmod.dll

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll

- 2005-09-19 20:12:52 1,003,008 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-19 00:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-19 00:47:22 1,574,912 ------w C:\WINDOWS\system32\WMVENCOD.dll

+ 2006-10-19 00:47:22 1,382,912 ------w C:\WINDOWS\system32\WMVSDECD.dll

+ 2006-10-19 00:47:22 767,488 ------w C:\WINDOWS\system32\WMVSENCD.dll

+ 2006-10-19 00:47:22 656,896 ------w C:\WINDOWS\system32\WMVXENCD.dll

- 2005-01-28 04:36:28 38,912 ----a-w C:\WINDOWS\system32\wpd_ci.dll

+ 2006-10-19 00:47:22 629,760 ----a-w C:\WINDOWS\system32\wpd_ci.dll

- 2005-01-28 04:36:20 61,952 ----a-w C:\WINDOWS\system32\wpdconns.dll

+ 2006-10-19 00:47:22 35,840 ----a-w C:\WINDOWS\system32\wpdconns.dll

- 2005-01-28 04:36:24 114,176 ----a-w C:\WINDOWS\system32\wpdmtp.dll

+ 2006-10-19 00:47:22 154,624 ----a-w C:\WINDOWS\system32\wpdmtp.dll

- 2005-01-28 04:36:22 66,560 ----a-w C:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-19 00:47:22 63,488 ----a-w C:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-19 00:47:22 2,603,008 ------w C:\WINDOWS\system32\WpdShext.dll

+ 2006-10-18 23:00:14 17,408 ------w C:\WINDOWS\system32\wpdshextautoplay.exe

+ 2006-11-02 14:52:56 41,984 ------w C:\WINDOWS\system32\wpdshextres.dll

+ 2006-10-19 00:47:22 133,632 ------w C:\WINDOWS\system32\WPDShServiceObj.dll

- 2005-01-28 04:36:28 331,264 ----a-w C:\WINDOWS\system32\WPDSp.dll

+ 2006-10-19 00:47:22 356,352 ----a-w C:\WINDOWS\system32\wpdsp.dll

+ 2006-09-28 23:13:26 95,344 ------w C:\WINDOWS\system32\WUDFCoinstaller.dll

+ 2006-09-28 21:56:38 146,432 ------w C:\WINDOWS\system32\WudfHost.exe

+ 2006-09-28 21:56:16 165,376 ------w C:\WINDOWS\system32\WudfPlatform.dll

+ 2006-09-28 21:56:14 55,808 ------w C:\WINDOWS\system32\WudfSvc.dll

+ 2006-09-28 21:56:38 316,416 ------w C:\WINDOWS\system32\WUDFx.dll

- 2007-06-14 14:24:20 119,296 ----a-w C:\WINDOWS\system32\xpsp3res.dll

+ 2007-08-21 10:53:16 119,296 ----a-w C:\WINDOWS\system32\xpsp3res.dll

+ 2006-06-05 17:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll

+ 2006-06-05 17:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll

+ 2006-06-05 17:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll

.

-- Snapshot reset to current date --