Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

victorws

[Arquivado] Mouse nervoso

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

victorws    0

victorws
Postado

Senhores preciso de ajuda... estou utilizando o comodo como firewall, ele pede algumas autorizações que não sei como proceder... algumas vezes que bloquiei o processo deu algum problema. Se quiserem indicar algo de novo e eficaz sou todos ouvidos.

 

saudações

 

victorws

 

Logfile of HijackThis v1.99.1

Scan saved at 09:55:14, on 19/6/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Comodo\Firewall\cfp.exe

C:\ARQUIV~1\LAUNCH~1\LManager.exe

C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\HP\ToolBoxFX\bin\HPTLBXFX.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\igfxext.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\eMule\emule.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Documents and Settings\Windows\Desktop\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\cfp.exe" -h

O4 - HKLM\..\Run: [LManager] C:\ARQUIV~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Arquivos de programas\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HPUsageTracking] "C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe" "C:\Arquivos de programas\HP\HP UT\"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (file missing)

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (file missing)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vdvbrasil.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{ED5ADD18-933C-45A6-A82F-6FAB3A11E2FC}: NameServer = 201.10.120.2

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

Silas Martins    0

Silas Martins
Postado

Siga as Instruções:

Baixe o MSNfix.

Salve na área de trabalho, e descompacte ele, após isto, clique duas vezes em MSNFix.bat

Vai se abrir a tela MSN_Fix-menu nela aperte a opçãp R, será dado inicio ao scaneamento.

Caso o scan detecte algo irá aparecer a seguinte informação: Infection Presente, aperte enter, e prossiga.

Caso queira interromper o processo aperte a tecla Q

Na finalização vai se abrir o bloco de notas com um log, selecione todo ele e copie, que se encontra na pasta msnfix.txt.

Poste juntamente um novo log do Hijackthis

 

Aguardo o retorno.

 

 

Sobre comodo, esses pedidos de permissão acontece toda vez que uma alteração ou ação é executada no pc, se a acção/alteração for confiavel permita caso não bloqueie

Compartilhar este post

Link para o post
Compartilhar em outros sites

victorws    0

victorws
Postado
Siga as Instruções:

Baixe o MSNfix.

Salve na área de trabalho, e descompacte ele, após isto, clique duas vezes em MSNFix.bat

Vai se abrir a tela MSN_Fix-menu nela aperte a opçãp R, será dado inicio ao scaneamento.

Caso o scan detecte algo irá aparecer a seguinte informação: Infection Presente, aperte enter, e prossiga.

Caso queira interromper o processo aperte a tecla Q

Na finalização vai se abrir o bloco de notas com um log, selecione todo ele e copie, que se encontra na pasta msnfix.txt.

Poste juntamente um novo log do Hijackthis

 

Aguardo o retorno.

 

 

Sobre comodo, esses pedidos de permissão acontece toda vez que uma alteração ou ação é executada no pc, se a acção/alteração for confiavel permita caso não bloqueie

 

 

silas o que aconteceu foi que abriu uma tela azul do prompt onde dizia echo esta desativado. o que faço?

fiz duas vezes a operação, mantive o msnfix.bat no zip da primeira fez quando o acionei e outra trouxe o msnfix.bat para o desktop.

fico no aguardo de novas instruções.

 

saudações

 

victorws

Compartilhar este post

Link para o post
Compartilhar em outros sites

Silas Martins    0

Silas Martins
Postado

Baixe o ComboFix e salve na área de trabalho.

 

Feche todos os programas.

Clique duas vezes sobre combofix.exe e tecle (1) logo após aperte Enter para continuar.

O ComboFix irá reiniciar seu computador automaticamente, isto faz parte do processo de remoção.

 

Ao se encerrar, será gerado um log, que vai estar em C:\ComboFix.txt.

 

Atenção:

Não clique em nada enquanto o Combofix estiver rodando, Do contrário seu desktop ficará em branco.

 

Para parar o processo ou sair do ComboFix, tecle "2" e Enter.

 

Aguardo um novo log do HijackThis juntamente com o ComboFix.txt

Compartilhar este post

Link para o post
Compartilhar em outros sites

victorws    0

victorws
Postado

silas segue em partes.... hijack e na seqüencia combo

 

Logfile of HijackThis v1.99.1

Scan saved at 16:30:01, on 19/6/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\LAUNCH~1\LManager.exe

C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxext.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Windows\Desktop\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\cfp.exe" -h

O4 - HKLM\..\Run: [LManager] C:\ARQUIV~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HPUsageTracking] "C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe" "C:\Arquivos de programas\HP\HP UT\"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (file missing)

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (file missing)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vdvbrasil.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{ED5ADD18-933C-45A6-A82F-6FAB3A11E2FC}: NameServer = 201.10.120.2

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

victorws    0

victorws
Postado

ComboFix 08-06-16.5 - Victor W. Shtorache 2008-06-19 16:25:39.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1540 [GMT -3:00]

Executando de: C:\Documents and Settings\Windows\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((( Ficheiros criados de 2008-05-19 to 2008-06-19 ))))))))))))))))))))))))))))))))

.

 

2008-06-17 16:54 . 2008-06-17 16:54 <DIR> d-------- C:\Documents and Settings\Windows\Dados de aplicativos\HP

2008-06-17 16:54 . 2008-06-17 16:54 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard

2008-06-17 16:45 . 2008-06-17 16:45 <DIR> d-------- C:\WINDOWS\system32\URTTEMP

2008-06-17 16:44 . 2008-06-17 16:44 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

2008-06-17 16:43 . 2008-06-17 16:43 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

2008-06-17 16:43 . 2008-06-17 16:43 655 --a------ C:\WINDOWS\hpbvspst.his

2008-06-17 16:43 . 2008-06-17 16:43 314 --a------ C:\WINDOWS\hpbvspst.ini

2008-06-17 16:41 . 2007-03-22 14:45 573,440 -ra------ C:\WINDOWS\system32\hpxp3390.dll

2008-06-17 16:41 . 2007-02-28 16:39 458,752 -ra------ C:\WINDOWS\system32\hppasc01.dll

2008-06-17 16:41 . 2007-03-29 18:01 372,736 -ra------ C:\WINDOWS\system32\hppldcoi.dll

2008-06-17 16:41 . 2006-05-18 19:58 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll

2008-06-17 16:41 . 2007-02-05 20:49 188,416 -ra------ C:\WINDOWS\system32\hppcew01.dll

2008-06-17 16:41 . 2005-10-21 14:58 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys

2008-06-17 16:41 . 2005-10-21 14:52 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys

2008-06-17 16:41 . 2006-04-04 18:19 17,024 -ra------ C:\WINDOWS\system32\drivers\hpfxgen.sys

2008-06-17 16:41 . 2006-04-04 18:20 9,344 -ra------ C:\WINDOWS\system32\drivers\hpfxbulk.sys

2008-06-17 16:41 . 2001-08-17 21:47 8,704 --a------ C:\WINDOWS\system32\drivers\Dot4Scan.sys

2008-06-17 16:41 . 2001-08-17 21:47 8,704 --a--c--- C:\WINDOWS\system32\dllcache\dot4scan.sys

2008-06-17 16:39 . 2008-06-17 16:49 <DIR> d-------- C:\Arquivos de programas\HP

2008-06-17 16:35 . 2008-06-17 17:01 131,407 --a------ C:\WINDOWS\hppins02.dat

2008-06-17 16:35 . 2007-06-15 18:18 1,883 --------- C:\WINDOWS\hppmdl02.dat

2008-06-17 16:28 . 2008-04-13 15:39 206,976 --a------ C:\WINDOWS\system32\drivers\Dot4.sys

2008-06-17 16:28 . 2008-04-13 15:39 206,976 --a--c--- C:\WINDOWS\system32\dllcache\dot4.sys

2008-06-17 16:28 . 2001-09-05 23:06 24,064 --a------ C:\WINDOWS\system32\drivers\Dot4usb.sys

2008-06-17 16:28 . 2001-09-05 23:06 24,064 --a--c--- C:\WINDOWS\system32\dllcache\dot4usb.sys

2008-06-17 16:28 . 2001-08-17 21:47 12,928 --a------ C:\WINDOWS\system32\drivers\Dot4Prt.sys

2008-06-17 16:28 . 2001-08-17 21:47 12,928 --a--c--- C:\WINDOWS\system32\dllcache\dot4prt.sys

2008-06-17 14:26 . 2008-05-08 11:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys

2008-06-17 14:04 . 2008-04-14 12:59 272,384 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

2008-05-22 14:23 . 2008-05-22 14:35 <DIR> d-------- C:\Arquivos de programas\TIM Web Movel

2008-05-22 14:23 . 2007-08-01 20:07 101,120 --a------ C:\WINDOWS\system32\drivers\ewusbmdm.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-19 19:00 --------- d-----w C:\Arquivos de programas\eMule

2008-06-17 14:02 87,056 ----a-w C:\WINDOWS\system32\drivers\cmdGuard.sys

2008-06-17 14:02 24,208 ----a-w C:\WINDOWS\system32\drivers\cmdhlp.sys

2008-06-17 14:02 143,104 ----a-w C:\WINDOWS\system32\guard32.dll

2008-06-17 13:47 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-06-10 12:19 --------- d-----w C:\Arquivos de programas\Picasa2

2008-05-31 00:34 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\gtk-2.0

2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

2008-05-07 05:11 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll

2008-04-30 02:52 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\avg8

2008-04-26 06:54 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Skype

2008-04-26 06:53 --------- d-----w C:\Arquivos de programas\Skype

2008-04-26 06:44 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys

2008-04-26 06:44 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll

2008-04-26 06:44 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft

2008-04-26 06:43 --------- d-----w C:\Arquivos de programas\AVG

2008-04-25 05:52 --------- d-----w C:\Arquivos de programas\MSXML 4.0

2008-04-23 07:14 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-04-22 20:58 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\Teleca

2008-04-22 20:56 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\Sony Ericsson

2008-04-14 02:37 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 02:24 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 02:20 99,840 ----a-w C:\WINDOWS\system32\winscard.dll

2008-04-14 02:19 763,392 ----a-w C:\WINDOWS\system32\winntbbu.dll

2008-04-14 02:19 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll

2008-04-14 02:19 5,632 ----a-w C:\WINDOWS\system32\wmi.dll

2008-04-14 02:19 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll

2008-04-14 02:00 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 02:00 2,149,376 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 02:00 2,028,032 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 01:58 86,016 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 01:57 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 01:56 49,664 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 01:55 563,712 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 01:54 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 01:54 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 01:53 67,584 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-13 22:21 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-13 22:20 995,328 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-13 22:20 424,448 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys

2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe

2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe

2008-04-13 18:40 444,928 ----a-w C:\WINDOWS\system32\xpob2res.dll

2008-04-13 18:35 2,945,536 ----a-w C:\WINDOWS\system32\xpsp2res.dll

2008-04-13 18:35 192,512 ----a-w C:\WINDOWS\system32\xpsp1res.dll

2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll

2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll

2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll

2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll

2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll

2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll

2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll

2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll

2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll

2007-12-08 01:26 47,360 ----a-w C:\Documents and Settings\Windows\Dados de aplicativos\pcouffin.sys

2004-07-24 00:42 1,511,114 ----a-w C:\WINDOWS\inf\SET12.tmp

.

 

((((((((((((((((((((((((((((( snapshot@2008-05-08_20.21.55,89 )))))))))))))))))))))))))))))))))))))))))

.

+ 2006-08-16 11:59:24 100,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\6to4svc.dll

+ 2006-10-04 14:05:26 39,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\acadproc.dll

+ 2006-10-04 14:05:26 39,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\acadproc.dll.000

+ 2004-08-04 03:45:30 187,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe

+ 2004-08-04 03:45:22 1,852,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll

+ 2004-08-04 03:45:22 1,852,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll.000

+ 2004-08-04 03:45:22 450,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclayers.dll

+ 2004-08-04 03:45:22 450,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclayers.dll.000

+ 2004-08-04 03:45:22 137,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclua.dll

+ 2004-08-04 03:45:22 137,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclua.dll.000

+ 2004-08-04 03:45:22 115,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclui.dll

+ 2004-08-04 03:35:08 188,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\acpi.sys

+ 2004-08-04 03:45:22 244,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\acspecfc.dll

+ 2004-08-04 03:45:22 244,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\acspecfc.dll.000

+ 2004-08-04 03:45:22 194,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\activeds.dll

+ 2004-08-04 03:45:30 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe

+ 2004-08-04 03:45:22 101,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\actxprxy.dll

+ 2004-08-04 03:45:22 116,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\acxtrnal.dll

+ 2004-08-04 03:45:22 116,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\acxtrnal.dll.000

+ 2004-08-04 03:45:22 29,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\admexs.dll

+ 2003-03-24 18:52:04 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.dll

+ 2003-03-24 18:52:04 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.exe

+ 2004-08-04 03:45:22 43,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\admwprox.dll

+ 2004-08-04 03:45:22 290,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsiis51.dll

+ 2004-08-04 03:45:22 175,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldp.dll

+ 2004-08-04 03:45:22 143,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldpc.dll

+ 2004-08-04 03:45:22 68,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsmsext.dll

+ 2004-08-04 03:45:22 263,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsnt.dll

+ 2001-10-28 12:06:06 109,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsnw.dll

+ 2004-08-04 03:45:22 683,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\advapi32.dll

+ 2006-02-15 00:22:26 142,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\aec.sys

+ 2006-02-15 00:22:26 142,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\aec.sys.000

+ 2004-08-04 02:14:16 138,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\afd.sys

+ 2004-08-04 03:45:22 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentanm.dll

+ 2004-08-04 03:45:22 214,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentctl.dll

+ 2006-10-12 14:04:05 42,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentdp2.dll

+ 2007-03-09 13:46:24 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentdpv.dll

+ 2004-08-04 03:45:22 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentmpx.dll

+ 2004-08-04 03:45:22 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentpsh.dll

+ 2004-08-04 03:45:22 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsr.dll

+ 2006-10-12 11:09:53 256,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0401.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0404.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0405.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0406.dll

+ 2001-10-28 12:06:06 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0407.dll

+ 2001-10-28 12:06:06 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0408.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0409.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt040b.dll

+ 2001-10-28 12:06:06 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt040c.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt040d.dll

+ 2001-10-28 12:06:06 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt040e.dll

+ 2001-10-28 12:06:06 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0410.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0411.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0412.dll

+ 2001-10-28 12:06:06 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0413.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0414.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0415.dll

+ 2001-10-28 12:06:06 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0416.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0419.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt041d.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt041f.dll

+ 2001-10-28 12:06:06 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0804.dll

+ 2001-10-28 12:06:06 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0816.dll

+ 2001-10-28 12:06:06 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\agt0c0a.dll

+ 2004-08-04 03:45:22 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\agtintl.dll

+ 2004-08-04 03:45:30 98,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\ahui.exe

+ 2004-08-04 03:45:30 44,544 -c----w C:\WINDOWS\$NtServicePackUninstall$\alg.exe

+ 2004-08-04 03:45:22 17,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\alrsvc.dll

+ 2004-08-04 03:55:42 41,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk6.sys

+ 2004-08-04 03:55:42 41,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk7.sys

+ 2004-08-04 03:45:22 70,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\amstream.dll

+ 2004-08-04 03:45:22 109,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\appconf.dll

+ 2004-08-04 03:45:22 126,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\apphelp.dll

+ 2004-08-04 03:45:22 172,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\appmgmts.dll

+ 2004-08-04 03:45:22 297,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\appmgr.dll

+ 2004-08-04 03:45:22 332,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\aqueue.dll

+ 2004-08-04 03:55:42 60,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\arp1394.sys

+ 2004-08-04 03:45:30 30,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\asr_fmt.exe

+ 2004-08-04 03:45:30 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\asr_pfu.exe

+ 2004-08-04 03:45:22 65,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\asycfilt.dll

+ 2004-08-04 02:05:04 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys

+ 2004-08-04 03:45:30 25,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\at.exe

+ 2004-08-04 01:59:44 95,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

+ 2004-08-04 03:45:22 58,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\atl.dll

+ 2004-08-04 03:45:30 11,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe

+ 2004-08-04 01:58:32 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmarpc.sys

+ 2004-08-04 03:44:08 285,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmfd.dll

+ 2004-08-04 01:58:36 55,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlane.sys

+ 2004-08-04 03:45:22 30,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlib.dll

+ 2001-10-28 12:06:10 11,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\attrib.exe

+ 2004-08-04 03:45:22 42,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\audiosrv.dll

+ 2004-08-04 03:45:30 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe

+ 2003-03-24 18:52:04 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.dll

+ 2003-03-24 18:52:04 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.exe

+ 2005-03-02 18:18:26 56,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\authz.dll

+ 2004-08-04 03:45:30 616,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

+ 2004-08-04 03:45:30 630,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\autoconv.exe

+ 2004-08-04 03:45:30 608,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\autofmt.exe

+ 2004-08-04 03:45:30 11,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\autolfn.exe

+ 2004-08-04 03:45:22 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\avifil32.dll

+ 2004-08-04 03:45:22 52,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\basesrv.dll

+ 2004-08-04 03:45:22 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\batmeter.dll

+ 2004-08-04 03:45:22 8,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\batt.dll

+ 2001-08-17 21:57:54 14,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\battc.sys

+ 2004-08-04 03:45:22 17,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\bidispl.dll

+ 2004-08-04 03:45:22 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx2.dll

+ 2004-08-04 03:45:22 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx3.dll

+ 2004-08-04 03:45:30 71,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe

+ 2001-10-28 12:06:10 147,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\bootcfg.exe

+ 2004-08-04 01:59:58 71,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\bridge.sys

+ 2004-08-04 03:44:08 67,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\browselc.dll

+ 2004-08-04 03:45:22 77,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\browser.dll

+ 2007-10-11 06:13:34 1,024,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\browseui.dll

+ 2004-08-04 03:45:22 78,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\browsewm.dll

+ 2004-08-04 03:45:22 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\bthci.dll

+ 2004-08-04 03:45:22 30,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\bthserv.dll

+ 2004-08-04 03:45:22 50,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\btpanui.dll

+ 2001-10-28 12:06:18 218,112 -c----w C:\WINDOWS\$NtServicePackUninstall$\c_g18030.dll

+ 2004-08-04 03:45:22 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabinet.dll

+ 2004-08-04 03:45:22 84,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabview.dll

+ 2001-10-28 12:06:10 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\cacls.exe

+ 2004-08-04 03:45:22 385,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\callcont.dll

+ 2004-08-04 03:45:22 50,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\camocx.dll

+ 2001-10-28 12:06:10 145,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\capesnpn.dll

+ 2005-07-26 04:40:27 225,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll

+ 2004-08-04 03:45:22 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvps.dll

+ 2005-07-26 04:40:28 625,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll

+ 2004-08-04 02:14:12 63,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys

+ 2007-10-11 06:13:34 151,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfview.dll

+ 2005-09-10 01:55:12 2,067,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdosys.dll

+ 2004-08-04 01:59:54 49,536 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

+ 2004-08-04 03:45:22 199,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\certcli.dll

+ 2004-08-04 03:45:22 464,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\certmgr.dll

+ 2004-08-04 03:45:22 39,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgbkend.dll

+ 2004-08-04 03:44:08 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgmgr32.dll

+ 2003-03-24 18:52:04 188,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe

+ 2004-08-04 01:31:52 97,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\chtmbx.dll

+ 2004-08-04 01:31:54 56,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\chtskdic.dll

+ 2004-08-04 01:31:54 173,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\chtskf.dll

+ 2001-10-28 12:06:12 109,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\cic.dll

+ 2004-08-04 03:45:22 1,352,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\cimwin32.dll

+ 2004-08-04 01:31:54 198,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\cintime.dll

+ 2006-06-22 05:17:15 69,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\ciodm.dll

+ 2004-08-04 03:45:30 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\cipher.exe

+ 2004-08-04 03:45:30 5,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe

+ 2004-08-04 02:14:28 49,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys

+ 2005-07-26 04:40:28 110,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatex.dll

+ 2005-07-26 04:40:29 498,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll

+ 2004-08-04 03:45:30 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe

+ 2004-08-04 03:45:22 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.dll

+ 2004-08-04 03:45:30 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe

+ 2004-08-04 03:45:32 104,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe

+ 2004-08-04 03:45:32 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe

+ 2004-08-04 03:45:22 57,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\clusapi.dll

+ 2004-08-03 23:07:40 14,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmbatt.sys

+ 2004-08-04 03:45:22 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmcfg32.dll

+ 2004-08-04 03:45:32 400,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmd.exe

+ 2004-08-04 03:45:22 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdevtgprov.dll

+ 2004-08-04 03:45:22 347,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdial32.dll

+ 2004-08-04 03:45:32 47,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe

+ 2004-08-04 03:45:32 39,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe

+ 2004-08-04 03:45:22 188,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmprops.dll

+ 2004-08-04 03:45:22 13,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmsetacl.dll

+ 2004-08-04 03:45:32 65,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe

+ 2004-08-04 03:45:22 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmutil.dll

+ 2004-08-04 03:55:42 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\cnbjmon.dll

+ 2004-08-04 03:45:22 81,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\cnbjmon2.dll

+ 2004-08-04 03:45:22 47,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\coadmin.dll

+ 2005-07-26 04:40:29 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\colbact.dll

+ 2001-10-28 12:06:12 25,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\comaddin.dll

+ 2005-07-26 04:40:29 195,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\comadmin.dll

+ 2006-08-25 15:49:12 617,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll

+ 2004-08-04 03:45:22 275,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\comdlg32.dll

+ 2004-08-04 03:45:22 253,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\compatui.dll

+ 2001-08-17 21:58:00 9,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\compbatt.sys

+ 2004-08-04 03:45:22 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\compfilt.dll

+ 2004-08-04 03:45:22 230,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\compstui.dll

+ 2005-07-26 04:40:29 97,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\comrepl.dll

+ 2004-08-04 03:45:32 9,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe

+ 2001-10-28 12:06:16 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe

+ 2004-08-04 03:45:22 821,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\comres.dll

+ 2001-10-28 12:06:16 259,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\comsetup.dll

+ 2001-10-28 12:06:16 147,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\comsnap.dll

+ 2005-07-26 04:40:30 1,267,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\comsvcs.dll

+ 2005-07-26 04:40:30 540,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\comuid.dll

+ 2004-08-04 03:45:32 1,040,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\conf.exe

+ 2004-08-04 03:45:22 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\confmrsl.dll

+ 2001-10-28 12:06:16 346,112 -c----w C:\WINDOWS\$NtServicePackUninstall$\confmsp.dll

+ 2004-08-04 03:45:32 27,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\conime.exe

+ 2007-08-13 20:42:54 17,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\corpol.dll

+ 2004-08-04 03:45:22 164,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\credui.dll

+ 2004-08-04 03:55:42 40,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\crusoe.sys

+ 2004-08-04 03:45:22 603,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll

+ 2004-08-04 03:45:22 75,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdlg.dll

+ 2004-08-04 03:45:22 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdll.dll

+ 2004-08-04 03:45:22 54,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptext.dll

+ 2004-08-04 03:45:22 63,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptnet.dll

+ 2004-08-04 03:45:22 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

+ 2004-08-04 03:45:22 528,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptui.dll

+ 2004-08-04 03:45:22 102,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscdll.dll

+ 2004-08-04 03:45:32 98,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscript.exe

+ 2004-08-04 03:45:22 331,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscui.dll

+ 2004-08-04 03:45:22 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrsrv.dll

+ 2004-08-04 03:45:32 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

+ 2004-08-04 03:45:32 15,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe

+ 2006-06-02 19:32:23 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\custsat.dll

+ 2004-08-04 03:45:22 1,179,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8.dll

+ 2004-08-04 03:45:22 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll

+ 2004-08-04 03:45:22 1,689,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll

+ 2004-08-04 03:45:22 825,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3dim700.dll

+ 2007-10-11 06:13:34 1,055,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\danim.dll

+ 2004-08-04 03:45:22 561,179 -c----w C:\WINDOWS\$NtServicePackUninstall$\dao360.dll

+ 2004-08-04 03:45:22 54,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\dataclen.dll

+ 2001-10-28 12:06:18 152,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\datime.dll

+ 2004-08-04 03:45:32 42,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\davcdata.exe

+ 2004-08-04 03:45:22 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\davclnt.dll

+ 2004-08-04 03:45:22 640,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbghelp.dll

+ 2004-08-04 03:45:22 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbmsrpcn.dll

+ 2004-08-04 03:45:22 110,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnetlib.dll

+ 2004-08-04 03:45:22 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnmpntw.dll

+ 2004-08-04 03:57:52 1,788 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcache.bin

+ 2004-08-04 03:45:22 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcap32.dll

+ 2004-08-04 03:45:22 8,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\dciman32.dll

+ 2001-10-28 12:06:18 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe

+ 2004-08-04 03:45:32 32,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe

+ 2004-08-04 03:45:22 266,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll

+ 2004-08-04 03:45:22 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddrawex.dll

+ 2004-08-04 03:45:32 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\defrag.exe

+ 2004-08-04 03:45:22 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\devenum.dll

+ 2004-08-04 03:45:22 288,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\devmgr.dll

+ 2004-08-04 03:45:32 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe

+ 2004-08-04 03:45:32 104,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe

+ 2004-08-04 03:45:22 38,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgsnap.dll

+ 2004-08-04 03:45:22 123,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgui.dll

+ 2004-08-04 03:45:22 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfsshlex.dll

+ 2004-08-04 03:45:22 113,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\dgnet.dll

+ 2006-05-19 13:23:33 111,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\dhcpcsvc.dll

+ 2001-10-28 12:06:18 391,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\dhcpmon.dll

+ 2004-08-04 03:45:32 545,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\dialer.exe

+ 2004-08-04 03:45:32 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\diantz.exe

+ 2004-08-04 03:45:22 68,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\digest.dll

+ 2004-08-04 03:45:22 166,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput.dll

+ 2004-08-04 03:45:22 189,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput8.dll

+ 2007-05-16 15:13:53 86,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\directdb.dll

+ 2004-08-04 01:59:56 36,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\disk.sys

+ 2001-10-28 12:06:18 1,502,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskcopy.dll

+ 2004-08-04 01:59:54 14,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskdump.sys

+ 2004-08-04 03:45:32 165,376 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe

+ 2001-10-28 12:06:18 45,083 -c----w C:\WINDOWS\$NtServicePackUninstall$\dispex.dll

+ 2004-08-04 03:45:32 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe

+ 2004-08-04 03:45:32 225,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe

+ 2004-08-04 03:45:22 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmband.dll

+ 2004-08-04 03:39:24 800,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys

+ 2004-08-04 03:45:22 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmcompos.dll

+ 2001-10-28 12:06:18 273,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmdlgs.dll

+ 2004-08-04 03:45:22 200,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmdskmgr.dll

+ 2004-08-04 03:45:22 181,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmime.dll

+ 2004-08-04 03:39:26 153,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmio.sys

+ 2004-08-04 03:45:22 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmloader.dll

+ 2004-08-04 03:45:32 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe

+ 2004-08-04 03:45:22 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmscript.dll

+ 2004-08-04 03:45:22 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmserver.dll

+ 2004-08-04 03:45:22 105,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmstyle.dll

+ 2004-08-04 03:45:22 103,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmsynth.dll

+ 2004-08-04 03:45:22 104,448 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.dll

+ 2004-08-04 02:07:40 52,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys

+ 2004-08-04 03:55:42 55,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmutil.dll

+ 2008-02-20 05:37:59 148,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll

+ 2008-02-20 05:37:59 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll

+ 2004-08-04 03:45:22 48,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\docprop2.dll

+ 2004-08-04 03:44:50 96,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpcdll.dll

+ 2004-08-04 03:45:32 30,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe

+ 2004-08-04 03:45:22 229,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplayx.dll

+ 2004-08-04 03:45:22 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpmodemx.dll

+ 2004-08-04 03:44:10 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnaddr.dll

+ 2004-08-04 03:45:22 375,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnet.dll

+ 2004-08-04 03:45:22 35,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhpast.dll

+ 2004-08-04 03:45:22 60,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhupnp.dll

+ 2004-08-04 03:44:10 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnlobby.dll

+ 2004-08-04 03:45:32 18,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe

+ 2004-08-04 03:45:22 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvacm.dll

+ 2004-08-04 03:45:22 212,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvoice.dll

+ 2004-08-04 03:45:32 83,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe

+ 2004-08-04 03:45:22 116,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvvox.dll

+ 2004-08-04 03:45:22 57,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpwsockx.dll

+ 2001-10-28 12:06:30 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\driverquery.exe

+ 2004-08-04 03:45:52 299,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmclien.dll

+ 2004-08-04 02:08:00 60,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmk.sys

+ 2004-08-04 02:07:58 2,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys

+ 2004-08-04 03:45:22 87,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmstor.dll

+ 2004-08-04 03:45:22 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\drprov.dll

+ 2001-10-28 12:06:30 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\drvqry.exe

+ 2004-08-04 03:45:22 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\ds32gt.dll

+ 2004-08-04 03:45:22 181,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmo.dll

+ 2004-08-04 03:45:22 71,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmoprp.dll

+ 2004-08-04 03:45:22 93,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\dskquota.dll

+ 2001-10-28 12:06:30 146,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\dskquoui.dll

+ 2004-08-04 03:45:22 367,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound.dll

+ 2004-08-04 03:45:22 1,294,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound3d.dll

+ 2004-08-04 03:45:22 143,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprop.dll

+ 2004-08-04 03:44:10 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprpres.dll

+ 2004-08-04 03:45:22 240,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsquery.dll

+ 2004-08-04 03:45:22 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssec.dll

+ 2004-08-04 01:31:44 137,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll

+ 2004-08-04 03:45:22 113,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsuiext.dll

+ 2004-08-04 03:45:22 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\dswave.dll

+ 2004-08-04 03:45:32 10,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe

+ 2004-08-04 03:45:22 304,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\duser.dll

+ 2004-08-04 03:45:32 17,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe

+ 2004-08-04 03:45:32 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe

+ 2004-08-04 03:45:22 619,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx7vb.dll

+ 2004-08-04 03:45:22 1,227,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx8vb.dll

+ 2004-08-04 03:45:32 1,298,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe

+ 2004-08-04 03:45:22 2,113,536 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiagn.dll

+ 2004-08-04 02:00:56 71,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxg.sys

+ 2006-08-24 16:18:32 499,766 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxmasf.dll

+ 2004-08-04 03:45:22 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\efsadu.dll

+ 2004-08-04 03:45:22 185,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\els.dll

+ 2004-08-04 03:45:22 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\encapi.dll

+ 2004-08-04 03:45:22 186,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\encdec.dll

+ 2004-08-04 03:45:22 23,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\ersvc.dll

+ 2005-07-26 04:40:30 243,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\es.dll

+ 2005-10-20 22:25:15 1,092,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\esent.dll

+ 2004-08-04 03:45:22 247,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\esscli.dll

+ 2004-08-04 03:45:34 194,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe

+ 2004-08-04 03:45:34 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\evcreate.exe

+ 2004-08-04 03:45:34 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\eventcreate.exe

+ 2004-08-04 03:45:22 55,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

+ 2001-10-28 12:06:32 79,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\eventtriggers.exe

+ 2004-08-04 03:45:22 106,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntagnt.dll

+ 2004-08-04 03:45:34 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe

+ 2004-08-04 03:45:22 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntrprv.dll

+ 2004-08-04 03:45:34 93,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe

+ 2004-08-04 03:45:22 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\evtgprov.dll

+ 2001-10-28 12:06:32 79,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\evtrig.exe

+ 2007-06-13 13:21:56 1,035,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

+ 2004-08-04 03:45:22 380,957 -c----w C:\WINDOWS\$NtServicePackUninstall$\expsrv.dll

+ 2004-08-04 03:45:22 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\exstrace.dll

+ 2004-08-04 03:45:34 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe

+ 2001-10-28 12:06:32 121,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\exts.dll

+ 2001-10-28 12:06:32 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\f3ahvoas.dll

+ 2004-08-04 02:14:18 143,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys

+ 2004-08-04 03:45:22 472,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\fastprox.dll

+ 2004-08-04 03:45:22 80,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\faultrep.dll

+ 2004-08-04 01:59:28 27,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\fdc.sys

+ 2001-10-28 12:06:32 118,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\fde.dll

+ 2004-08-04 03:45:22 75,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\fdeploy.dll

+ 2004-08-04 03:45:22 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\feclient.dll

+ 2004-08-04 03:45:22 342,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\filemgmt.dll

+ 2004-08-04 03:45:34 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\findstr.exe

+ 2001-10-28 12:06:32 35,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\fips.sys

+ 2004-08-04 03:45:22 88,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\fldrclnr.dll

+ 2004-08-04 01:59:28 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\flpydisk.sys

+ 2006-08-21 12:27:07 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\fltlib.dll

+ 2006-08-21 09:14:58 23,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe

+ 2006-08-21 09:14:58 128,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\fltmgr.sys

+ 2004-08-04 03:45:22 384,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\fontext.dll

+ 2005-10-17 21:21:02 80,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\fontsub.dll

+ 2004-08-04 03:45:34 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\fontview.exe

+ 2001-10-28 12:06:32 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe

+ 2001-10-28 12:06:32 25,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\format.com

+ 2004-08-04 03:45:22 32,828 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp40ext.dll

+ 2004-05-13 03:39:48 184,435 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4amsft.dll

+ 2003-03-24 18:52:04 82,035 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4anscp.dll

+ 2003-03-24 18:52:04 147,513 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4apws.dll

+ 2003-03-24 18:52:04 49,210 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4areg.dll

+ 2003-03-24 18:52:04 102,509 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4atxt.dll

+ 2003-03-24 18:52:04 618,605 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4autl.dll

+ 2003-03-24 18:52:04 41,020 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4avnb.dll

+ 2003-03-24 18:52:04 32,826 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4avss.dll

+ 2003-03-24 18:52:04 49,212 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4awebs.dll

+ 2004-05-13 03:39:48 876,653 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4awel.dll

+ 2002-05-14 16:08:54 14,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe

+ 2002-05-14 16:08:54 109,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe

+ 2003-03-24 18:52:04 24,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe

+ 2003-03-24 18:52:04 20,541 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpadmdll.dll

+ 2003-03-24 18:52:04 188,494 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe

+ 2002-05-14 16:08:54 94,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpencode.dll

+ 2003-03-24 18:52:04 20,541 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpexedll.dll

+ 2004-05-13 03:39:48 598,071 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpmmc.dll

+ 2003-03-24 18:52:04 20,538 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe

+ 2004-08-04 03:44:16 9,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\framebuf.dll

+ 2004-08-04 03:45:22 185,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\framedyn.dll

+ 2004-08-04 03:45:34 193,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe

+ 2004-08-04 03:45:34 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\ftp.exe

+ 2004-08-04 03:45:22 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\ftpmib.dll

+ 2004-08-04 03:45:22 127,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\ftpsv251.dll

+ 2004-08-04 03:45:22 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\fwcfg.dll

+ 2004-08-04 03:45:22 452,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsapi.dll

+ 2004-08-04 03:45:34 143,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe

+ 2004-08-04 03:45:22 72,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscom.dll

+ 2004-08-04 03:45:22 285,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscomex.dll

+ 2004-08-04 03:45:36 234,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe

+ 2004-08-04 03:45:22 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsdrv.dll

+ 2004-08-04 03:45:24 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsevent.dll

+ 2004-08-04 03:45:24 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsext32.dll

+ 2004-08-04 03:45:24 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsmon.dll

+ 2004-08-04 03:45:24 132,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsocm.dll

+ 2004-08-04 03:45:24 8,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsperf.dll

+ 2004-08-04 03:44:16 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsres.dll

+ 2004-08-04 03:45:24 562,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsst.dll

+ 2004-08-04 03:45:36 268,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe

+ 2004-08-04 03:45:24 246,272 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxst30.dll

+ 2004-08-04 03:45:24 397,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxstiff.dll

+ 2004-08-04 03:45:24 155,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsui.dll

+ 2004-08-04 03:45:24 195,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxswzrd.dll

+ 2004-08-04 03:45:24 400,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsxp32.dll

+ 2008-02-20 06:51:35 282,624 -c----w C:\WINDOWS\$NtServicePackUninstall$\gdi32.dll

+ 2001-10-28 12:06:34 56,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\getmac.exe

+ 2004-08-04 03:45:24 123,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\glu32.dll

+ 2004-08-04 03:44:18 572,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\gpedit.dll

+ 2004-08-04 03:44:18 10,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\gpkrsrc.dll

+ 2004-08-04 03:45:36 122,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\gpresult.exe

+ 2004-08-04 03:45:36 122,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\gprslt.exe

+ 2004-08-04 03:45:24 200,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\gptext.dll

+ 2004-08-04 03:45:36 39,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe

+ 2004-08-04 03:45:24 124,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\guitrn.dll

+ 2004-08-04 03:45:24 32,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\gzip.dll

+ 2004-08-04 03:45:24 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\h323cc.dll

+ 2004-08-04 03:45:24 614,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\h323msp.dll

+ 2004-08-04 01:59:14 134,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\hal.dll

+ 2004-08-04 03:45:24 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\hccoin.dll

+ 2005-01-07 20:07:18 138,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\hdaudbus.sys

+ 2001-10-28 12:06:34 15,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\help.exe

+ 2004-08-04 03:45:36 768,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe

+ 2004-08-04 03:45:36 743,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe

+ 2005-05-26 23:22:01 10,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\hh.exe

+ 2005-05-27 02:07:52 41,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\hhsetup.dll

+ 2004-08-04 03:55:42 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\hid.dll

+ 2004-08-04 02:08:20 36,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\hidclass.sys

+ 2004-08-04 02:08:18 24,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\hidparse.sys

+ 2001-08-18 01:02:20 9,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\hidusb.sys

+ 2006-07-21 08:28:16 72,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\hlink.dll

+ 2004-08-04 03:45:24 346,624 -c----w C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll

+ 2004-08-04 03:45:24 334,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\hnetwiz.dll

+ 2004-08-04 03:45:24 39,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\hostmib.dll

+ 2004-08-04 03:45:24 146,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\hotplug.dll

+ 2004-08-04 02:45:24 87,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\hpfud50.dll

+ 2004-08-04 03:45:36 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe

+ 2006-03-17 00:33:10 262,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\http.sys

+ 2006-03-17 00:33:10 262,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\http.sys.000

+ 2004-08-04 03:45:24 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\httpapi.dll

+ 2004-08-04 03:45:24 268,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\httpext.dll

+ 2004-08-04 03:45:24 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\httpmb51.dll

+ 2004-08-04 03:45:24 61,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\httpod51.dll

+ 2004-08-04 03:45:24 42,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\htui.dll

+ 2001-10-28 12:06:44 13,463,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\hwxjpn.dll

+ 2004-11-17 17:43:08 352,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\hypertrm.dll

+ 2004-08-04 03:37:16 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys

+ 2004-08-04 03:45:24 119,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\iasrad.dll

+ 2004-08-04 03:45:24 11,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\icaapi.dll

+ 2004-08-04 03:45:24 80,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\iccvid.dll

+ 2005-06-29 01:49:48 254,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\icm32.dll

+ 2004-08-04 03:44:20 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\icmp.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\iconlib.dll

+ 2004-08-04 03:45:24 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn.dll

+ 2004-08-04 03:45:36 217,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe

+ 2004-08-04 03:45:36 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe

+ 2004-08-04 03:45:24 73,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwdial.dll

+ 2004-08-04 03:45:24 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwdl.dll

+ 2004-08-04 03:45:24 176,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwhelp.dll

+ 2004-08-04 03:45:24 65,536 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwphbk.dll

+ 2004-08-04 03:45:36 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe

+ 2004-08-04 03:45:24 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwutil.dll

+ 2004-08-04 03:45:24 121,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\idq.dll

+ 2007-08-13 20:45:18 78,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\ieencode.dll

+ 2004-08-04 03:45:36 114,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe

+ 2004-08-04 03:45:24 137,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\ifmon.dll

+ 2004-08-04 03:45:24 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\igmpagnt.dll

+ 2004-08-04 03:45:24 507,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\iis.dll

+ 2004-08-04 03:45:24 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\iisadmin.dll

+ 2004-08-04 03:45:24 145,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\iische51.dll

+ 2004-08-04 03:45:24 68,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\iisext51.dll

+ 2004-08-04 03:45:24 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\iisfecnv.dll

+ 2004-08-04 03:45:24 79,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\iislog51.dll

+ 2004-08-04 03:45:24 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\iismap.dll

+ 2004-08-04 03:45:36 31,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\iisrstas.exe

+ 2004-08-04 03:45:24 133,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\iisrtl.dll

+ 2004-08-04 03:45:24 81,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\ils.dll

+ 2004-08-04 03:45:24 144,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\imagehlp.dll

+ 2004-08-04 03:45:36 150,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\imapi.exe

+ 2004-08-04 02:00:16 41,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\imapi.sys

+ 2004-08-04 02:04:38 106,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\imekrcic.dll

+ 2004-08-04 02:04:34 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\imekrmbx.dll

+ 2004-08-04 03:45:24 36,921 -c----w C:\WINDOWS\$NtServicePackUninstall$\imeshare.dll

+ 2004-08-04 01:31:50 811,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjp81k.dll

+ 2004-08-04 01:31:52 368,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpcic.dll

+ 2004-08-04 01:31:52 716,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpcus.dll

+ 2004-08-04 01:31:54 81,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpdct.dll

+ 2004-08-04 01:32:16 274,489 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjputyc.dll

+ 2004-08-04 01:32:28 102,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\imlang.dll

+ 2004-08-04 03:45:24 110,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\imm32.dll

+ 2001-10-28 12:06:38 117,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\imsinsnt.dll

+ 2001-10-28 12:06:50 315,452 -c----w C:\WINDOWS\$NtServicePackUninstall$\imskf.dll

+ 2004-08-04 03:45:24 278,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetcfg.dll

+ 2007-08-21 06:17:40 683,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetcomm.dll

+ 2004-08-04 03:45:36 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetin51.exe

+ 2004-08-04 03:45:24 837,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetmgr.dll

+ 2004-08-04 03:45:24 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetmib1.dll

+ 2004-08-04 03:45:24 75,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetpp.dll

+ 2004-08-04 03:45:24 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetppui.dll

+ 2004-08-04 03:44:20 49,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetres.dll

+ 2004-08-04 03:45:36 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe

+ 2004-08-04 03:45:24 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\infoadmn.dll

+ 2004-08-04 03:45:24 257,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\infocomm.dll

+ 2004-08-04 03:45:24 147,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\initpki.dll

+ 2004-08-04 03:45:24 125,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\input.dll

+ 2004-08-04 03:38:28 40,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\intelppm.sys

+ 2004-08-04 02:00:08 29,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys

+ 2004-08-04 03:45:36 56,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe

+ 2006-05-19 13:23:33 95,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\iphlpapi.dll

+ 2004-08-04 02:04:46 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipinip.sys

+ 2001-10-28 12:06:38 158,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipmontr.dll

+ 2004-09-29 22:28:37 134,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipnat.sys

+ 2004-08-04 03:45:24 331,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipnathlp.dll

+ 2004-08-04 03:45:24 348,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\ippromon.dll

+ 2004-08-04 03:45:24 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\iprip.dll

+ 2001-10-28 12:06:38 169,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\iprtrmgr.dll

+ 2004-08-04 02:14:30 74,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys

+ 2004-08-04 03:45:24 357,376 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsecsnp.dll

+ 2004-08-04 03:45:24 183,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsecsvc.dll

+ 2004-08-04 03:45:24 386,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsmsnap.dll

+ 2004-08-04 03:45:36 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe

+ 2004-08-04 03:45:24 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipv6mon.dll

+ 2004-08-04 03:45:36 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe

+ 2001-10-28 12:06:38 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipxwan.dll

+ 2004-08-04 03:45:24 120,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir41_qc.dll

+ 2004-08-04 03:45:24 338,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir41_qcx.dll

+ 2004-08-04 03:45:24 755,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_32.dll

+ 2004-08-04 03:45:24 200,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_qc.dll

+ 2004-08-04 03:45:24 183,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_qcx.dll

+ 2004-08-04 02:00:48 11,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\irenum.sys

+ 2001-10-28 12:06:40 36,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

+ 2004-08-04 03:45:24 68,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\isatq.dll

+ 2004-08-04 03:45:24 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\iscomlog.dll

+ 2004-08-04 03:45:24 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\isign32.dll

+ 2004-08-04 03:45:24 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\isrdbg32.dll

+ 2005-05-27 02:07:52 155,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\itircl.dll

+ 2005-05-27 02:07:53 137,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\itss.dll

+ 2004-08-04 03:45:24 192,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\iuengine.dll

+ 2004-08-04 03:45:24 54,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\ixsso.dll

+ 2004-08-04 03:55:42 47,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\iyuv_32.dll

+ 2006-06-01 18:48:50 163,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\jgdw400.dll

+ 2006-06-01 18:48:50 27,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\jgpl400.dll

+ 2007-08-13 20:38:04 491,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\jscript.dll

+ 2001-10-28 12:06:40 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbd101.dll

+ 2001-10-28 12:06:40 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbd106n.dll

+ 2001-10-28 12:06:40 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdax2.dll

+ 2004-08-04 03:39:20 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys

+ 2004-08-04 03:44:24 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdfi1.dll

+ 2001-10-28 12:06:40 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdibm02.dll

+ 2004-08-04 03:44:24 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdinbe1.dll

+ 2004-08-04 03:44:24 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdinben.dll

+ 2004-08-04 03:44:24 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdinmal.dll

+ 2001-10-28 12:06:40 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdlk41a.dll

+ 2001-10-28 12:06:40 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdlk41j.dll

+ 2004-08-04 03:44:24 5,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdmaori.dll

+ 2004-08-04 03:44:24 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdmlt47.dll

+ 2004-08-04 03:44:24 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdmlt48.dll

+ 2001-10-28 12:06:40 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdnec.dll

+ 2004-08-04 03:44:24 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdno1.dll

+ 2004-08-04 03:44:24 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdsmsfi.dll

+ 2004-08-04 03:44:24 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdsmsno.dll

+ 2004-08-04 03:44:24 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdukx.dll

+ 2004-08-04 01:59:24 7,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\kd1394.dll

+ 2005-06-15 17:50:49 295,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\kerberos.dll

+ 2007-04-16 15:53:09 1,023,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll

+ 2004-08-04 03:45:24 152,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\keymgr.dll

+ 2006-06-14 08:47:45 172,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys

+ 2006-06-14 08:47:45 172,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys.000

+ 2004-08-04 03:45:24 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\krnlprov.dll

+ 2004-08-04 02:15:22 140,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\ks.sys

+ 2004-08-04 01:59:48 92,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\ksecdd.sys

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll

+ 2004-08-04 03:45:24 424,448 -c----w C:\WINDOWS\$NtServicePackUninstall$\licdll.dll

+ 2004-08-04 03:45:24 58,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\licwmi.dll

+ 2005-09-01 01:43:35 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll

+ 2004-08-04 03:45:24 13,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmhsvc.dll

+ 2004-08-04 03:45:24 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmmib2.dll

+ 2004-08-04 03:45:24 399,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmrt.dll

+ 2004-08-04 03:45:24 100,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\loadperf.dll

+ 2004-08-04 03:45:24 221,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\localsec.dll

+ 2004-08-04 03:45:24 343,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\localspl.dll

+ 2004-08-04 03:45:24 11,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\localui.dll

+ 2004-08-04 03:45:36 75,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\locator.exe

+ 2004-08-04 03:45:24 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\log.dll

+ 2004-08-04 03:45:36 60,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\logman.exe

+ 2004-08-04 03:45:48 220,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\logon.scr

+ 2004-08-04 03:45:36 515,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\logonui.exe

+ 2004-08-04 03:45:24 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\lonsint.dll

+ 2004-08-04 03:45:24 23,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\lpdsvc.dll

+ 2004-08-04 03:45:24 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\lpk.dll

+ 2004-08-04 03:45:24 10,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\lprhelp.dll

+ 2004-08-04 03:45:24 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\lprmon.dll

+ 2007-11-07 09:28:43 724,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\lsasrv.dll

+ 2004-08-04 03:45:36 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\lsass.exe

+ 2004-08-04 03:45:36 72,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\magnify.exe

+ 2004-08-04 03:45:36 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\makecab.exe

+ 2004-08-04 03:45:24 14,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\mcastmib.dll

+ 2004-08-04 03:45:24 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciavi32.dll

+ 2004-08-04 03:45:24 35,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciqtz32.dll

+ 2004-08-04 03:45:24 23,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciseq.dll

+ 2004-08-04 03:45:24 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciwave.dll

+ 2004-08-04 03:45:24 37,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\md5filt.dll

+ 2004-08-04 03:45:24 119,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\mdminst.dll

+ 2004-08-04 03:45:24 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\medctroc.dll

+ 2004-08-04 03:45:24 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\metada51.dll

+ 2004-08-04 03:55:42 63,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\mf.sys

+ 2007-03-08 15:36:54 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\mf3216.dll

+ 2006-11-01 19:18:30 927,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfc40u.dll

+ 2004-08-04 03:45:24 1,028,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfc42.dll

+ 2004-08-04 03:45:24 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfcsubs.dll

+ 2004-08-04 03:45:24 14,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\mgmtapi.dll

+ 2004-08-04 03:45:24 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\midimap.dll

+ 2004-08-04 03:45:24 201,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\migism.dll

+ 2004-08-04 03:45:24 60,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\miglibnt.dll

+ 2004-08-04 03:45:36 103,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\migload.exe

+ 2005-07-25 23:46:57 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe

+ 2004-08-04 03:45:38 245,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe

+ 2006-09-15 12:36:32 29,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\mimefilt.dll

+ 2004-08-04 03:45:24 586,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\mlang.dll

+ 2004-08-04 03:45:38 815,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmc.exe

+ 2004-08-04 03:45:24 75,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcbase.dll

+ 2004-08-04 03:45:24 1,197,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcndmgr.dll

+ 2004-08-04 03:45:24 50,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcshext.dll

+ 2004-08-04 03:45:24 17,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmfutil.dll

+ 2004-08-04 03:45:24 34,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\mnmdd.dll

+ 2004-08-04 03:45:38 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe

+ 2004-08-04 03:45:24 208,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\mobsync.dll

+ 2004-08-04 03:45:38 143,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe

+ 2004-08-04 03:55:42 30,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\modem.sys

+ 2004-08-04 03:45:24 155,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\modemui.dll

+ 2004-08-04 03:45:38 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe

+ 2004-08-04 03:45:24 124,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\mofd.dll

+ 2001-10-28 12:07:00 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\more.com

+ 2004-08-04 03:44:26 216,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\moricons.dll

+ 2004-08-04 03:55:42 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys

+ 2004-08-04 01:58:32 42,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys

+ 2004-08-04 03:45:38 3,555,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe

+ 2004-08-04 03:45:40 124,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe

+ 2004-08-04 03:45:40 4,639 -c----w C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe

+ 2004-08-04 03:45:24 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\mpr.dll

+ 2004-08-04 03:45:24 87,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\mprapi.dll

+ 2001-10-28 12:07:00 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\mprdim.dll

+ 2007-07-06 10:05:47 72,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqac.sys

+ 2007-07-06 12:51:36 138,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqad.dll

+ 2004-08-04 03:45:40 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqbkup.exe

+ 2007-07-06 12:51:36 47,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqdscli.dll

+ 2007-07-06 12:51:36 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqise.dll

+ 2004-08-04 03:45:24 89,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqlogmgr.dll

+ 2004-08-04 03:45:24 225,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqoa.dll

+ 2007-07-06 12:51:36 660,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqqm.dll

+ 2007-07-06 12:51:36 177,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqrt.dll

+ 2004-08-04 03:45:24 123,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqrtdep.dll

+ 2007-07-06 12:51:36 95,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqsec.dll

+ 2004-08-04 03:45:24 517,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqsnap.dll

+ 2004-08-04 03:45:40 4,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqsvc.exe

+ 2004-08-04 03:45:40 117,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqtgsvc.exe

+ 2004-08-04 03:45:24 186,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqtrig.dll

+ 2007-07-06 12:51:36 48,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqupgrd.dll

+ 2007-07-06 12:51:36 523,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\mqutil.dll

+ 2007-12-18 09:51:35 179,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\mrxdav.sys

+ 2006-05-05 09:41:45 453,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys

+ 2006-05-05 09:41:45 453,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys.000

+ 2004-08-04 03:45:24 71,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\msacm32.dll

+ 2004-08-04 03:45:24 331,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadce.dll

+ 2004-08-04 03:44:28 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcer.dll

+ 2004-08-04 03:45:24 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcf.dll

+ 2004-08-04 03:44:28 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcfr.dll

+ 2006-03-23 05:44:21 143,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadco.dll

+ 2004-08-04 03:44:28 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcor.dll

+ 2004-08-04 03:45:24 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcs.dll

+ 2004-08-04 03:45:24 155,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadds.dll

+ 2004-08-04 03:44:28 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\msaddsr.dll

+ 2004-08-04 03:44:28 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\msader15.dll

+ 2006-12-26 13:07:36 536,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\msado15.dll

+ 2006-12-26 13:07:36 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadomd.dll

+ 2004-08-04 03:45:24 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\msador15.dll

+ 2006-12-26 13:07:36 200,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadox.dll

+ 2004-08-04 03:45:24 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadrh15.dll

+ 2004-08-04 03:44:28 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\msafd.dll

+ 2004-08-04 03:45:24 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\msapsspc.dll

+ 2004-08-04 03:45:24 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\msasn1.dll

+ 2004-08-04 03:45:24 220,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscandui.dll

+ 2005-06-29 01:49:48 74,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscms.dll

+ 2004-08-04 03:45:24 69,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\msconf.dll

+ 2004-08-04 03:45:40 159,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe

+ 2004-08-04 03:44:28 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscpx32r.dll

+ 2004-08-04 03:45:24 36,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscpxl32.dll

+ 2004-08-04 03:45:24 294,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\msctf.dll

+ 2004-08-04 03:45:24 69,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\msctfp.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdadc.dll

+ 2004-08-04 03:45:24 118,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdadiag.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaenum.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaer.dll

+ 2004-08-04 03:45:24 233,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaora.dll

+ 2004-08-04 03:44:28 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaorar.dll

+ 2004-08-04 03:45:24 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaosp.dll

+ 2004-08-04 03:44:28 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaprsr.dll

+ 2004-08-04 03:45:24 200,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaprst.dll

+ 2004-08-04 03:45:24 204,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaps.dll

+ 2004-08-04 03:45:24 118,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdarem.dll

+ 2004-08-04 03:44:28 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaremr.dll

+ 2004-08-04 03:45:24 151,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdart.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasc.dll

+ 2004-08-04 03:45:24 315,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasql.dll

+ 2004-08-04 03:44:28 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasqlr.dll

+ 2004-08-04 03:45:24 94,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdatl3.dll

+ 2004-08-04 03:45:24 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdatt.dll

+ 2004-08-04 03:45:24 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaurl.dll

+ 2004-08-04 03:45:24 36,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdfmap.dll

+ 2004-08-04 03:45:24 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdmo.dll

+ 2004-08-04 03:45:40 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe

+ 2004-08-04 03:45:24 58,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtclog.dll

+ 2006-03-01 19:44:01 426,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtcprx.dll

+ 2001-10-28 12:07:02 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtcstp.dll

+ 2006-03-01 19:44:01 956,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtctm.dll

+ 2006-03-01 19:44:01 161,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtcuiu.dll

+ 2004-08-04 03:44:28 4,126 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdxmlc.dll

+ 2004-08-04 03:45:24 512,029 -c----w C:\WINDOWS\$NtServicePackUninstall$\msexch40.dll

+ 2004-08-04 03:45:24 319,517 -c----w C:\WINDOWS\$NtServicePackUninstall$\msexcl40.dll

+ 2004-08-04 02:00:42 19,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\msfs.sys

+ 2006-11-27 14:55:29 539,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\msftedit.dll

+ 2004-08-04 03:45:24 997,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgina.dll

+ 2004-08-04 02:04:14 35,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgpc.sys

+ 2004-08-04 03:45:24 3,166,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgr3en.dll

+ 2004-08-04 03:45:24 15,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgrocm.dll

+ 2004-08-04 03:56:52 82,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgsc.dll

+ 2004-08-04 03:56:54 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgslang.dll

+ 2004-08-04 03:45:24 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgsvc.dll

+ 2004-08-04 03:45:48 188,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh261.drv

+ 2004-08-04 03:55:42 294,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh263.drv

+ 2007-04-18 16:13:00 2,854,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\msi.dll

+ 2004-08-04 03:45:24 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\msident.dll

+ 2004-08-04 03:45:24 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\msidle.dll

+ 2004-08-04 03:45:24 250,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\msieftp.dll

+ 2005-05-04 16:45:36 78,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe

+ 2005-05-04 16:45:36 271,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\msihnd.dll

+ 2004-08-04 03:45:24 4,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll

+ 2004-08-04 03:45:40 60,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimn.exe

+ 2005-05-04 16:45:36 884,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimsg.dll

+ 2004-08-04 03:45:24 159,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimtf.dll

+ 2004-08-04 03:45:24 380,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\msinfo.dll

+ 2004-08-04 03:45:40 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe

+ 2005-05-04 16:45:36 15,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\msisip.dll

+ 2004-08-04 03:45:26 1,507,356 -c----w

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Voce nao pode postar seguidamente senao o sistema anti flood juntará os posts e como ja extrapolou dara este erro

 

tente colocar mais uma parte agora

Compartilhar este post

Link para o post
Compartilhar em outros sites

victorws    0

victorws
Postado

gerei um novo relatorio, este é mais curto... não entendi o porque

 

ComboFix 08-06-16.5 - Victor W. Shtorache 2008-06-19 20:39:47.5 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1285 [GMT -3:00]

Executando de: C:\Documents and Settings\Windows\Desktop\ComboFix.exe

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((( Ficheiros criados de 2008-05-19 to 2008-06-19 ))))))))))))))))))))))))))))))))

.

 

2008-06-17 16:54 . 2008-06-17 16:54 <DIR> d-------- C:\Documents and Settings\Windows\Dados de aplicativos\HP

2008-06-17 16:54 . 2008-06-17 16:54 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard

2008-06-17 16:45 . 2008-06-17 16:45 <DIR> d-------- C:\WINDOWS\system32\URTTEMP

2008-06-17 16:44 . 2008-06-17 16:44 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

2008-06-17 16:43 . 2008-06-17 16:43 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

2008-06-17 16:43 . 2008-06-17 16:43 655 --a------ C:\WINDOWS\hpbvspst.his

2008-06-17 16:43 . 2008-06-17 16:43 314 --a------ C:\WINDOWS\hpbvspst.ini

2008-06-17 16:41 . 2007-03-22 14:45 573,440 -ra------ C:\WINDOWS\system32\hpxp3390.dll

2008-06-17 16:41 . 2007-02-28 16:39 458,752 -ra------ C:\WINDOWS\system32\hppasc01.dll

2008-06-17 16:41 . 2007-03-29 18:01 372,736 -ra------ C:\WINDOWS\system32\hppldcoi.dll

2008-06-17 16:41 . 2006-05-18 19:58 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll

2008-06-17 16:41 . 2007-02-05 20:49 188,416 -ra------ C:\WINDOWS\system32\hppcew01.dll

2008-06-17 16:41 . 2005-10-21 14:58 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys

2008-06-17 16:41 . 2005-10-21 14:52 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys

2008-06-17 16:41 . 2006-04-04 18:19 17,024 -ra------ C:\WINDOWS\system32\drivers\hpfxgen.sys

2008-06-17 16:41 . 2006-04-04 18:20 9,344 -ra------ C:\WINDOWS\system32\drivers\hpfxbulk.sys

2008-06-17 16:41 . 2001-08-17 21:47 8,704 --a------ C:\WINDOWS\system32\drivers\Dot4Scan.sys

2008-06-17 16:41 . 2001-08-17 21:47 8,704 --a--c--- C:\WINDOWS\system32\dllcache\dot4scan.sys

2008-06-17 16:39 . 2008-06-17 16:49 <DIR> d-------- C:\Arquivos de programas\HP

2008-06-17 16:35 . 2008-06-17 17:01 131,407 --a------ C:\WINDOWS\hppins02.dat

2008-06-17 16:35 . 2007-06-15 18:18 1,883 --------- C:\WINDOWS\hppmdl02.dat

2008-06-17 16:28 . 2008-04-13 15:39 206,976 --a------ C:\WINDOWS\system32\drivers\Dot4.sys

2008-06-17 16:28 . 2008-04-13 15:39 206,976 --a--c--- C:\WINDOWS\system32\dllcache\dot4.sys

2008-06-17 16:28 . 2001-09-05 23:06 24,064 --a------ C:\WINDOWS\system32\drivers\Dot4usb.sys

2008-06-17 16:28 . 2001-09-05 23:06 24,064 --a--c--- C:\WINDOWS\system32\dllcache\dot4usb.sys

2008-06-17 16:28 . 2001-08-17 21:47 12,928 --a------ C:\WINDOWS\system32\drivers\Dot4Prt.sys

2008-06-17 16:28 . 2001-08-17 21:47 12,928 --a--c--- C:\WINDOWS\system32\dllcache\dot4prt.sys

2008-06-17 14:26 . 2008-05-08 11:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys

2008-06-17 14:04 . 2008-04-14 12:59 272,384 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

2008-05-22 14:23 . 2008-05-22 14:35 <DIR> d-------- C:\Arquivos de programas\TIM Web Movel

2008-05-22 14:23 . 2007-08-01 20:07 101,120 --a------ C:\WINDOWS\system32\drivers\ewusbmdm.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-19 19:00 --------- d-----w C:\Arquivos de programas\eMule

2008-06-17 14:02 87,056 ----a-w C:\WINDOWS\system32\drivers\cmdGuard.sys

2008-06-17 14:02 24,208 ----a-w C:\WINDOWS\system32\drivers\cmdhlp.sys

2008-06-17 14:02 143,104 ----a-w C:\WINDOWS\system32\guard32.dll

2008-06-17 13:47 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-06-10 12:19 --------- d-----w C:\Arquivos de programas\Picasa2

2008-05-31 00:34 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\gtk-2.0

2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

2008-05-07 05:11 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll

2008-04-30 02:52 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\avg8

2008-04-26 06:54 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Skype

2008-04-26 06:53 --------- d-----w C:\Arquivos de programas\Skype

2008-04-26 06:44 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys

2008-04-26 06:44 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll

2008-04-26 06:44 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft

2008-04-26 06:43 --------- d-----w C:\Arquivos de programas\AVG

2008-04-25 05:52 --------- d-----w C:\Arquivos de programas\MSXML 4.0

2008-04-23 07:14 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-04-22 20:58 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\Teleca

2008-04-22 20:56 --------- d-----w C:\Documents and Settings\Windows\Dados de aplicativos\Sony Ericsson

2008-04-14 02:37 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 02:24 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 02:20 99,840 ----a-w C:\WINDOWS\system32\winscard.dll

2008-04-14 02:19 763,392 ----a-w C:\WINDOWS\system32\winntbbu.dll

2008-04-14 02:19 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll

2008-04-14 02:19 5,632 ----a-w C:\WINDOWS\system32\wmi.dll

2008-04-14 02:19 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll

2008-04-14 02:00 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 02:00 2,149,376 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 02:00 2,028,032 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 01:58 86,016 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 01:57 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 01:56 49,664 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 01:55 563,712 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 01:54 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 01:54 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 01:53 67,584 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-13 22:21 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-13 22:20 995,328 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-13 22:20 424,448 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys

2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe

2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe

2008-04-13 18:40 444,928 ----a-w C:\WINDOWS\system32\xpob2res.dll

2008-04-13 18:35 2,945,536 ----a-w C:\WINDOWS\system32\xpsp2res.dll

2008-04-13 18:35 192,512 ----a-w C:\WINDOWS\system32\xpsp1res.dll

2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll

2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll

2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll

2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll

2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll

2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll

2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll

2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll

2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll

2007-12-08 01:26 47,360 ----a-w C:\Documents and Settings\Windows\Dados de aplicativos\pcouffin.sys

2004-07-24 00:42 1,511,114 ----a-w C:\WINDOWS\inf\SET12.tmp

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 23:20 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"COMODO Firewall Pro"="C:\Arquivos de programas\Comodo\Firewall\cfp.exe" [2008-06-17 10:42 1655552]

"LManager"="C:\ARQUIV~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15 593920]

"SynTPEnh"="C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"TkBellExe"="C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2008-04-26 00:52 185896]

"AVG8_TRAY"="C:\ARQUIV~1\AVG\AVG8\avgtray.exe" [2008-04-26 03:43 1177368]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]

"HPUsageTracking"="C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe" [2007-05-03 16:38 36864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"= 1 (0x1)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{A3717295-941D-416F-9384-ED1736729F1C}"= C:\Arquivos de programas\Scpad\scpLIB.dll [2007-03-27 01:29 128512]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"= C:\Arquivos de programas\GbPlugin\gbieh.dll [2007-06-25 09:24 332616]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

"CompIBBrd"= {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll [2007-03-27 01:29 128512]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll,avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.ac3filter"= ac3filter.acm

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"TkBellExe"="C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Arquivos de programas\\NetMeeting\\conf.exe"=

 

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-04-26 03:44]

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-06-17 11:02]

R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-06-17 11:02]

R2 avg8wd;AVG8 WatchDog;C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe [2008-04-26 03:43]

R2 GbpSv;Gbp Service;C:\Arquivos de programas\GbPlugin\GbpSv.exe [2007-06-25 09:29]

S3 HPFXBULK;HPFXBULK;C:\WINDOWS\system32\drivers\hpfxbulk.sys [2006-04-04 18:20]

S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]

S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]

S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]

S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]

S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06bafcb2-2808-11dd-9e56-0016d40f5321}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06bafcb5-2808-11dd-9e56-0016d40f5321}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1299cae4-8c9e-11dc-9cfc-0016d40f5321}]

\Shell\AutoRun\command - E:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52ad0058-1c9a-11dd-9e43-0016d40f5321}]

\Shell\AutoRun\command - b.com

\Shell\explore\Command - b.com

\Shell\open\Command - b.com

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58cc59ce-ac04-11dc-9d3e-0016d40f5321}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(&0)\command - Recycled\ctfmon.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0244492-6dcd-11dc-9cc8-0016d40f5321}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(&0)\command - Recycled\ctfmon.exe

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2008-06-13 20:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"

- C:\Arquivos de programas\TuneUp Utilities 2008\OneClick.exe

"2008-05-01 06:30:00 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"

- C:\Arquivos de programas\ErrorSmart\ErrorSmart.ex

- C:\Arquivos de programas\ErrorSmart

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-19 20:41:02

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

PROCESS: C:\WINDOWS\SYSTEM32\winlogon.exe

-> C:\WINDOWS\system32\guard32.dll

 

PROCESS: C:\WINDOWS\system32\lsass.exe

-> C:\WINDOWS\system32\guard32.dll

.

Tempo para conclusão: 2008-06-19 20:42:18

ComboFix-quarantined-files.txt 2008-06-19 23:41:58

ComboFix2.txt 2008-06-19 19:29:06

ComboFix3.txt 2008-05-08 23:22:30

 

Pre-Run: 50,673,070,080 bytes disponíveis

Post-Run: 50,668,179,456 bytes disponíveis

 

201 --- E O F --- 2008-06-19 17:51:03

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito