[Resolvido!] Problemas com acusaçao de virus avira

[Felipe7l 0]

Quando eu ligo meu computador o avira acusa um virus como na figura....

 

http://www.4shared.com/file/155561611/d4e6eb83/A_online.html

 

E qualquer uma das opçoes que eu seleciono ele volta ate parar e desativar o antivurus...

me ajuda ae...

 

Log HijachThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:11:09, on 19/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\DOCUME~1\FELIPE~1\CONFIG~1\Temp\GoogleUpdate.exe

C:\Arquivos de programas\Nero\Nero8\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\HiJackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.search.yahoo.com/search?fr=mcafee&p=%s

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O1 - Hosts: visanet.com.br

O1 - Hosts: 198.106.200.155# SpyBo t search and Destroy

O1 - Hosts: 198.106.200.155 www.visanet.com.br

O1 - Hosts: 198.106.200.155 www.bancoreal.com.br

O1 - Hosts: 198.106.200.155 real.com.br

O1 - Hosts: 198.106.200.155 www.real.com.br

O1 - Hosts: 198.106.200.155 www.itau.com.br

O1 - Hosts: 198.106.200.155 itau.com.br

O1 - Hosts: 198.106.200.155 www.itaupersonnalite.com.br

O1 - Hosts: 198.106.200.155 itaupersonnalite.com.br

O1 - Hosts: 198.106.200.155 www.itauprivatebank.com.br

O1 - Hosts: 198.106.200.155 itauprivatebank.com.br

O1 - Hosts: 198.106.200.155 www.bb.com.br

O1 - Hosts: 198.106.200.155 bb.com.br

O1 - Hosts: 198.106.200.155 www.bb.gov.br

O1 - Hosts: 198.106.200.155 bb.gov.br

O1 - Hosts: 198.106.200.155 bradesco.com.br

O1 - Hosts: 198.106.200.155 www.bradesco.com.br

O1 - Hosts: 198.106.200.155 www.bradescoprime.com.br

O1 - Hosts: 198.106.200.155 bradescoprime.com.br

O1 - Hosts: 198.106.200.155 bradescojuridico.com.br

O1 - Hosts: 198.106.200.155 www.checktudo.com.br

O1 - Hosts: 198.106.200.155 checktudo.com.br

O1 - Hosts: 198.106.200.155 www.infoseg.gov.br

O1 - Hosts: 198.106.200.155 infoseg.gov.br

O1 - Hosts: 198.106.200.155 www.bradescojuridico.com.br

O1 - Hosts: 198.106.200.155 santander.com.br

O1 - Hosts: 198.106.200.155 www.santander.com.br

O1 - Hosts: 198.106.200.155 banespa.com.br

O1 - Hosts: 198.106.200.155 www.nossacaixa.com.br

O1 - Hosts: 198.106.200.155 nossacaixa.com.br

O1 - Hosts: 198.106.200.155 www.unibanco.com.br

O1 - Hosts: 198.106.200.155 unibanco.com.br

O1 - Hosts: 198.106.200.155 www.banespa.com.br

O1 - Hosts: 198.106.200.155 www.itauprivatebank.com.br

O1 - Hosts: 198.106.200.155 itauprivatebank.com.br

O1 - Hosts: 198.106.200.155 cetelem.com.br

O1 - Hosts: 198.106.200.155 www.cetelem.com.br

O1 - Hosts: 198.106.200.155 citibank.com.br

O1 - Hosts: 198.106.200.155 www.citibank.com.br

O1 - Hosts: 198.106.200.155 www.cartaobndes.gov.br

O1 - Hosts: 198.106.200.155 cartaobndes.gov.br

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: CBHO Object - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Arquivos de programas\CoreStreet\SpoofStick\SpoofStickBHO.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Arquivos de programas\CoreStreet\SpoofStick\SpoofStick.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [bitTorrent] "C:\Arquivos de programas\BitTorrent\bittorrent.exe"

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [GoogleUpdate] "C:\DOCUME~1\FELIPE~1\CONFIG~1\Temp\GoogleUpdate.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Update Service (gupdate1c9f0603e0f074e) (gupdate1c9f0603e0f074e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero8\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpenDNS Updater (OpenDNS Updater.exe) - OpenDNS - C:\Arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

--

End of file - 11748 bytes

[Sam Spade 2]

Olá Felipe7l! Baixe: ComboFix > salve na área de trabalho

 

Desative seu antivirus, antispywares e firewall, para não causar conflitos. Mantenha-os desativados até terminar as instruções.

 

Dê um duplo-clique no combofix.exe. Ao aparecer esta mensagem, dê o Sim:

 

 

Aguarde até que apareça a mensagem do contrato de licença do usuário final (EULA):

 

 

Dê o OK e depois o Sim.

 

Ao final aparecerá o aviso de que a instalação foi realizada com sucesso. Dê o Sim para prosseguir o exame.

 

 

OBS: ao dar o Sim para que seja feito o download e instalação do CR, mesmo estando conectado, pode aparecer este aviso:

 

 

É só dar o OK, que o processo prosseguirá normalmente.

 

Quando terminar, será aberto um bloco de notas com algumas informações. Uma cópia ficará salva em C:\Combofix.txt

 

Selecione, copie e cole o conteúdo doComboFix.txt na sua próxima resposta.

 

OBS: Não rode o ComboFix mais do que uma vez. Isso irá sobreescrever o log e dificultará a remoção do(s) malware(s)

 

O ComboFix é uma ferramenta que pode danificar o sistema se for usada incorretamente. Use-o apenas sob supervisão de um analista de malwares.

[Felipe7l 0]

Ola...

ta ai o log do combofix... e depois o hijackthis atualizado!

vlw!

 

ComboFix 09-11-20.01 - Felipe de Souza 20/11/2009 15:51.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.512.93 [GMT -2:00]

Executando de: c:\documents and settings\Felipe de Souza\Desktop\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

* Criado um novo ponto de restauração

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\drivers\pciide.sys

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-10-20 to 2009-11-20 ))))))))))))))))))))))))))))

.

 

2009-11-19 22:14 . 2009-07-21 16:40 404737 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\update.exe

2009-11-19 22:14 . 2008-12-05 13:32 126721 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\scewxmlw.dll

2009-11-19 21:02 . 2009-11-19 21:02 -------- d-----r- c:\documents and settings\LocalService\Favoritos

2009-11-17 19:15 . 2009-11-20 17:40 598 ----a-w- C:\fsys.bat

2009-11-13 15:54 . 2009-03-30 12:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-11-13 15:54 . 2009-02-13 14:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-11-13 15:54 . 2009-02-13 14:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-11-13 15:54 . 2009-11-13 15:54 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Avira

2009-11-13 15:54 . 2009-11-13 15:54 -------- d-----w- c:\arquivos de programas\Avira

2009-11-07 19:26 . 2009-11-07 19:26 -------- d-----w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\kodak

2009-11-02 20:55 . 2009-11-03 01:20 -------- d-----w- c:\windows\BDOSCAN8

2009-10-27 00:01 . 2009-09-10 16:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-27 00:01 . 2009-09-10 16:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-27 00:01 . 2009-10-27 00:01 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-10-25 13:24 . 2009-10-25 13:43 -------- d-----w- C:\Toinzé

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-20 17:42 . 2009-04-24 21:09 -------- d-----w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\BitTorrent

2009-11-19 12:23 . 2009-04-21 00:09 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Babylon

2009-11-14 00:19 . 2009-06-06 16:12 -------- d-----w- c:\arquivos de programas\Windows Live Safety Center

2009-11-07 13:04 . 2009-04-21 00:49 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2009-11-02 18:15 . 2009-09-17 01:01 -------- d-----w- c:\arquivos de programas\BS_Player

2009-10-28 19:54 . 2001-10-28 15:07 83622 ----a-w- c:\windows\system32\perfc016.dat

2009-10-28 19:54 . 2001-10-28 15:07 479518 ----a-w- c:\windows\system32\perfh016.dat

2009-10-25 16:46 . 2009-09-26 13:54 -------- d-----w- c:\arquivos de programas\UsbFix

2009-10-20 21:51 . 2009-04-21 00:07 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2009-10-02 19:00 . 2009-10-02 19:00 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2009-10-02 19:00 . 2009-10-02 19:00 -------- d-----w- c:\arquivos de programas\Microsoft Office Outlook Connector

2009-10-02 18:57 . 2009-04-21 00:48 -------- d-----w- c:\arquivos de programas\Windows Live

2009-09-29 10:51 . 2009-04-21 00:30 -------- d-----w- c:\arquivos de programas\Google

2009-09-25 21:17 . 2009-08-10 00:07 -------- d-----w- c:\arquivos de programas\PhotoScape

2009-09-11 14:19 . 2008-04-13 22:20 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:04 . 2008-04-13 22:20 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-08-29 07:57 . 2008-04-13 22:20 916480 ----a-w- c:\windows\system32\wininet.dll

2009-08-26 08:01 . 2008-04-13 22:20 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-25 04:30 . 2009-10-13 15:44 13312 ----a-w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\extensions\twitternotifier@naan.net\components\nsTwitterFoxSign.dll

.

 

((((((((((((((((((((((((((((( SnapShot@2009-10-27_19.35.49 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-11-07 04:19 . 2007-11-07 04:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

- 2007-11-07 05:19 . 2007-11-07 05:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

- 2008-07-29 09:07 . 2008-07-29 09:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

+ 2008-07-29 08:07 . 2008-07-29 08:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

+ 2008-07-29 08:07 . 2008-07-29 08:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

- 2008-07-29 09:07 . 2008-07-29 09:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

+ 2009-11-20 17:59 . 2009-11-20 17:59 16384 c:\windows\temp\Perflib_Perfdata_4a8.dat

+ 2009-11-20 17:59 . 2009-11-20 17:59 34304 c:\windows\temp\OpenDNS Updater\update.exe

+ 2009-11-20 17:59 . 2009-11-20 17:59 14848 c:\windows\temp\OpenDNS Updater\admin.exe

+ 2008-10-16 17:09 . 2009-08-06 21:24 44768 c:\windows\system32\wups2.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 35552 c:\windows\system32\wups.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 53472 c:\windows\system32\wuauclt.exe

+ 2008-04-13 22:20 . 2009-06-25 08:27 54272 c:\windows\system32\wdigest.dll

+ 2009-10-30 15:24 . 2009-08-06 21:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll

+ 2009-10-30 15:24 . 2009-08-06 21:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 56832 c:\windows\system32\secur32.dll

- 2008-04-13 22:20 . 2009-02-03 19:58 56832 c:\windows\system32\secur32.dll

+ 2001-10-28 15:07 . 2009-10-28 19:54 71764 c:\windows\system32\perfc009.dat

- 2001-10-28 15:07 . 2009-10-21 22:47 71764 c:\windows\system32\perfc009.dat

+ 2008-08-22 06:05 . 2009-08-29 07:57 55296 c:\windows\system32\msfeedsbs.dll

- 2008-08-22 06:05 . 2009-07-03 16:59 55296 c:\windows\system32\msfeedsbs.dll

- 2008-04-13 22:20 . 2009-07-03 16:59 25600 c:\windows\system32\jsproxy.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 25600 c:\windows\system32\jsproxy.dll

+ 2009-11-13 15:54 . 2009-05-11 12:12 28520 c:\windows\system32\drivers\ssmdrv.sys

+ 2008-04-13 14:31 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys

+ 2009-05-16 14:29 . 2009-07-28 18:33 55656 c:\windows\system32\drivers\avgntflt.sys

- 2009-05-16 14:29 . 2009-08-06 01:03 55656 c:\windows\system32\drivers\avgntflt.sys

+ 2009-08-12 15:50 . 2009-08-29 07:57 12800 c:\windows\system32\dllcache\xpshims.dll

- 2009-08-12 15:50 . 2009-07-03 16:59 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 35552 c:\windows\system32\dllcache\wups.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 53472 c:\windows\system32\dllcache\wuauclt.exe

+ 2008-04-13 22:20 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll

- 2008-04-13 22:20 . 2009-02-03 19:58 56832 c:\windows\system32\dllcache\secur32.dll

+ 2009-08-12 15:50 . 2009-08-29 07:57 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2009-08-12 15:50 . 2009-07-03 16:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2008-04-13 22:20 . 2009-09-04 21:04 58880 c:\windows\system32\dllcache\msasn1.dll

+ 2008-04-13 14:31 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys

- 2008-04-13 22:20 . 2009-07-03 16:59 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-13 22:20 . 2009-08-06 21:24 96480 c:\windows\system32\dllcache\cdm.dll

+ 2009-11-10 13:56 . 2009-11-10 13:56 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2009-04-20 22:49 . 2009-10-13 01:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2009-04-20 22:49 . 2009-11-10 13:56 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat

- 2009-04-20 22:49 . 2009-10-13 01:08 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat

- 2009-04-20 22:49 . 2009-10-13 01:08 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

+ 2009-04-20 22:49 . 2009-11-10 13:56 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

+ 2008-04-13 22:20 . 2009-08-06 21:24 96480 c:\windows\system32\cdm.dll

+ 2009-11-02 02:51 . 2009-11-02 02:51 22528 c:\windows\Installer\3a0cdc.msi

+ 2009-10-28 19:49 . 2009-07-03 16:59 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll

+ 2009-01-05 17:44 . 2009-01-05 17:44 53248 c:\windows\bdoscandel.exe

+ 2009-11-02 20:55 . 2009-11-02 20:55 86016 c:\windows\BDOSCAN8\librtvr.dll

+ 2009-11-02 20:55 . 2009-11-02 20:55 27136 c:\windows\BDOSCAN8\avxt.dll

+ 2009-11-02 20:55 . 2009-11-02 20:55 10240 c:\windows\BDOSCAN8\avxs.dll

+ 2009-11-02 20:55 . 2009-11-02 20:55 45056 c:\windows\BDOSCAN8\avxdisk.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\a31f5136a236dae58c03db56ea2a1a7a\WindowsLiveWriter.ni.exe

+ 2009-10-29 18:37 . 2009-10-29 18:37 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0cce8134aebab15d6c31143f850af1a7\WindowsLive.Writer.Api.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll

+ 2009-10-29 18:26 . 2009-10-29 18:26 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe

+ 2009-10-29 18:25 . 2009-10-29 18:25 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe

+ 2009-10-29 18:34 . 2009-10-29 18:34 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2009-08-23 21:48 . 2009-08-23 21:48 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 05:54 . 2008-07-29 05:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

- 2008-07-29 06:54 . 2008-07-29 06:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 209632 c:\windows\system32\wuweb.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 327896 c:\windows\system32\wucltui.dll

+ 2009-04-20 22:42 . 2009-08-06 21:23 575704 c:\windows\system32\wuapi.dll

+ 2008-04-13 22:20 . 2009-04-02 01:02 604160 c:\windows\system32\wmspdmod.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 147456 c:\windows\system32\schannel.dll

+ 2001-10-28 15:07 . 2009-10-28 19:54 443738 c:\windows\system32\perfh009.dat

- 2001-10-28 15:07 . 2009-10-21 22:47 443738 c:\windows\system32\perfh009.dat

- 2008-04-13 22:20 . 2009-07-03 16:59 206848 c:\windows\system32\occache.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 206848 c:\windows\system32\occache.dll

- 2008-08-22 06:05 . 2009-07-03 16:59 594432 c:\windows\system32\msfeeds.dll

+ 2008-08-22 06:05 . 2009-08-29 07:57 594432 c:\windows\system32\msfeeds.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 732672 c:\windows\system32\lsasrv.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 301568 c:\windows\system32\kerberos.dll

+ 2008-04-13 22:20 . 2009-06-22 06:48 726528 c:\windows\system32\jscript.dll

- 2008-04-13 22:20 . 2009-03-08 07:33 726528 c:\windows\system32\jscript.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 184320 c:\windows\system32\iepeers.dll

- 2008-04-13 22:20 . 2009-07-03 16:59 184320 c:\windows\system32\iepeers.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 387584 c:\windows\system32\iedkcs32.dll

- 2008-04-13 22:21 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe

+ 2008-04-13 22:21 . 2009-08-28 10:38 173056 c:\windows\system32\ie4uinit.exe

+ 2009-04-20 19:32 . 2009-11-11 22:57 290088 c:\windows\system32\FNTCACHE.DAT

+ 2009-04-20 22:42 . 2009-08-06 21:24 209632 c:\windows\system32\dllcache\wuweb.dll

+ 2009-04-20 22:42 . 2009-08-06 21:24 327896 c:\windows\system32\dllcache\wucltui.dll

+ 2009-04-20 22:42 . 2009-08-06 21:23 575704 c:\windows\system32\dllcache\wuapi.dll

+ 2008-04-13 22:20 . 2009-04-02 01:02 604160 c:\windows\system32\dllcache\wmspdmod.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 916480 c:\windows\system32\dllcache\wininet.dll

+ 2009-04-20 22:42 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll

- 2009-04-20 22:42 . 2008-04-13 22:20 153088 c:\windows\system32\dllcache\triedit.dll

+ 2008-04-13 22:20 . 2009-08-26 08:01 247326 c:\windows\system32\dllcache\strmdll.dll

- 2008-04-13 22:20 . 2008-10-03 10:04 247326 c:\windows\system32\dllcache\strmdll.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll

- 2008-04-13 22:20 . 2009-07-03 16:59 206848 c:\windows\system32\dllcache\occache.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 206848 c:\windows\system32\dllcache\occache.dll

+ 2008-04-13 22:20 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll

- 2009-08-12 15:50 . 2009-07-03 16:59 594432 c:\windows\system32\dllcache\msfeeds.dll

+ 2009-08-12 15:50 . 2009-08-29 07:57 594432 c:\windows\system32\dllcache\msfeeds.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll

+ 2008-04-13 22:20 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll

+ 2008-04-13 22:20 . 2009-06-22 06:48 726528 c:\windows\system32\dllcache\jscript.dll

- 2008-04-13 22:20 . 2009-03-08 07:33 726528 c:\windows\system32\dllcache\jscript.dll

+ 2009-08-12 15:49 . 2009-08-29 07:57 246272 c:\windows\system32\dllcache\ieproxy.dll

- 2009-08-12 15:49 . 2009-07-03 16:59 246272 c:\windows\system32\dllcache\ieproxy.dll

- 2008-04-13 22:20 . 2009-07-03 16:59 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2008-04-13 22:21 . 2009-08-28 10:38 173056 c:\windows\system32\dllcache\ie4uinit.exe

- 2008-04-13 22:21 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe

+ 2009-08-08 01:51 . 2009-08-08 01:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2009-11-04 14:24 . 2008-07-08 12:58 395128 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll

+ 2009-11-04 14:24 . 2008-07-08 12:58 233336 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe

+ 2009-10-28 19:49 . 2009-07-03 16:59 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll

+ 2009-10-28 19:49 . 2009-05-26 11:40 395128 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll

+ 2009-10-28 19:49 . 2008-07-08 12:58 233336 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe

+ 2009-10-28 19:49 . 2009-07-03 16:59 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll

+ 2009-10-28 19:49 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe

+ 2009-10-28 19:42 . 2008-07-08 12:58 395128 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll

+ 2009-10-28 19:42 . 2008-07-08 12:58 233336 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe

+ 2009-10-28 19:42 . 2009-03-08 07:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll

+ 2009-01-05 17:44 . 2009-01-05 17:44 741376 c:\windows\Downloaded Program Files\ipsupd.dll

+ 2009-11-02 20:55 . 2009-11-02 20:55 142848 c:\windows\BDOSCAN8\libfn.dll

+ 2009-01-05 17:44 . 2009-01-05 17:44 741376 c:\windows\BDOSCAN8\ipsupd.dll

+ 2009-01-05 17:44 . 2009-11-02 20:55 107800 c:\windows\BDOSCAN8\bdcore.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe

+ 2009-10-29 18:37 . 2009-10-29 18:37 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\9d1a36d51bb6a24f943e73c0011e342a\WindowsLiveLocal.WriterPlugin.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\feb5009ee6406995983c67d61254b713\WindowsLive.Writer.Extensibility.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ef0daf9b5b7002d4d3493671db79fec5\WindowsLive.Writer.HtmlEditor.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea3b7fc0ae639a2cd268d9a0aab47d15\WindowsLive.Writer.BrowserControl.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd20f981722448ea96d2c0995eeaf9b7\WindowsLive.Writer.Mshtml.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ac50120d9dfafb4868aa4531456cf2e7\WindowsLive.Writer.BlogClient.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9603a068ba2de2c7ec244454e8ad0763\WindowsLive.Writer.SpellChecker.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b674da2d622aec8a9c150e4f7437c4f\WindowsLive.Writer.Controls.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7ca3eb94ab1ae6867d35382ecf407260\WindowsLive.Writer.Passport.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c494448c732a975d727098bad24f42b\WindowsLive.Writer.Localization.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\75a1c524a87004611e911be710454234\WindowsLive.Writer.Interop.Mshtml.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63d852a9374556240906cbd19946f7b0\WindowsLive.Writer.Instrumentation.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\627621628abc220fd9c02f442178e41c\WindowsLive.Writer.FileDestinations.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\60e6ca35b86ce10970a63fa5ea8b1d9c\WindowsLive.Writer.HtmlParser.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\551d4211cde9574615ad847741667699\WindowsLive.Writer.Interop.SHDocVw.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\311874611f12ea8440bc760c3203cbd3\WindowsLive.Writer.Interop.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\f5d7a7417ffcd9af285e64946ba48f74\WindowsLive.Client.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4\System.Runtime.Remoting.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll

+ 2009-10-29 18:35 . 2009-10-29 18:35 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll

+ 2009-10-29 18:35 . 2009-10-29 18:35 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll

+ 2009-10-29 18:31 . 2009-10-29 18:31 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe

+ 2009-10-29 18:37 . 2009-10-29 18:37 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe

+ 2009-10-29 18:28 . 2009-10-29 18:28 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll

+ 2009-10-29 18:28 . 2009-10-29 18:28 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll

+ 2009-10-29 18:28 . 2009-10-29 18:28 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll

+ 2009-10-29 18:28 . 2009-10-29 18:28 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe

+ 2009-10-29 18:37 . 2009-10-29 18:37 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe

+ 2009-10-29 18:35 . 2009-10-29 18:35 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2009-10-28 16:23 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

+ 2008-07-29 10:05 . 2008-07-29 10:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

- 2008-07-29 11:05 . 2008-07-29 11:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

+ 2009-04-20 22:42 . 2009-08-06 21:23 1929952 c:\windows\system32\wuaueng.dll

+ 2008-04-13 22:21 . 2009-05-20 06:56 2458112 c:\windows\system32\WMVCore.dll

- 2008-04-13 22:21 . 2008-06-18 08:03 2458112 c:\windows\system32\WMVCore.dll

+ 2008-04-13 21:54 . 2009-08-14 15:15 1850752 c:\windows\system32\win32k.sys

- 2008-04-13 22:20 . 2009-07-03 16:59 1208832 c:\windows\system32\urlmon.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 1208832 c:\windows\system32\urlmon.dll

- 2008-04-13 22:20 . 2008-04-13 22:20 1439744 c:\windows\system32\query.dll

+ 2008-04-13 22:20 . 2009-07-17 16:17 1439744 c:\windows\system32\query.dll

+ 2008-04-13 22:00 . 2009-08-04 17:27 2149376 c:\windows\system32\ntoskrnl.exe

- 2008-04-13 22:00 . 2009-02-09 11:25 2149376 c:\windows\system32\ntoskrnl.exe

+ 2008-04-13 19:00 . 2009-08-04 17:27 2028032 c:\windows\system32\ntkrnlpa.exe

- 2008-04-13 19:00 . 2009-02-09 11:25 2028032 c:\windows\system32\ntkrnlpa.exe

+ 2008-04-13 22:20 . 2009-10-22 09:17 5939712 c:\windows\system32\mshtml.dll

- 2008-08-22 06:06 . 2009-07-03 16:59 1985536 c:\windows\system32\iertutil.dll

+ 2008-08-22 06:06 . 2009-08-29 07:57 1985536 c:\windows\system32\iertutil.dll

+ 2009-04-20 22:42 . 2009-08-06 21:23 1929952 c:\windows\system32\dllcache\wuaueng.dll

- 2008-04-13 22:21 . 2008-06-18 08:03 2458112 c:\windows\system32\dllcache\WMVCore.dll

+ 2008-04-13 22:21 . 2009-05-20 06:56 2458112 c:\windows\system32\dllcache\WMVCore.dll

+ 2008-04-13 21:54 . 2009-08-14 15:15 1850752 c:\windows\system32\dllcache\win32k.sys

- 2008-04-13 22:20 . 2009-07-03 16:59 1208832 c:\windows\system32\dllcache\urlmon.dll

+ 2008-04-13 22:20 . 2009-08-29 07:57 1208832 c:\windows\system32\dllcache\urlmon.dll

+ 2008-04-13 22:20 . 2009-07-17 16:17 1439744 c:\windows\system32\dllcache\query.dll

- 2008-04-13 22:20 . 2008-04-13 22:20 1439744 c:\windows\system32\dllcache\query.dll

+ 2009-04-24 17:54 . 2009-08-05 00:57 2193408 c:\windows\system32\dllcache\ntoskrnl.exe

- 2008-04-13 19:00 . 2009-02-09 11:25 2028032 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2008-04-13 19:00 . 2009-08-04 17:27 2028032 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2009-02-10 22:07 . 2009-08-04 17:27 2070272 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2009-02-10 22:07 . 2009-02-10 22:07 2070272 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2008-04-13 22:00 . 2009-02-09 11:25 2149376 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-04-13 22:00 . 2009-08-04 17:27 2149376 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-04-13 22:20 . 2009-10-22 09:17 5939712 c:\windows\system32\dllcache\mshtml.dll

+ 2009-08-12 15:49 . 2009-08-29 07:57 1985536 c:\windows\system32\dllcache\iertutil.dll

- 2009-08-12 15:49 . 2009-07-03 16:59 1985536 c:\windows\system32\dllcache\iertutil.dll

+ 2009-08-08 01:51 . 2009-08-08 01:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2009-08-08 01:51 . 2009-08-08 01:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

- 2008-11-25 07:59 . 2008-11-25 07:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2009-11-04 14:24 . 2009-08-29 07:57 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll

+ 2009-10-28 19:49 . 2009-07-19 13:15 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll

+ 2009-10-28 19:49 . 2009-07-03 16:59 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll

+ 2009-04-24 17:54 . 2009-08-05 00:57 2193408 c:\windows\Driver Cache\i386\ntoskrnl.exe

- 2009-04-24 17:54 . 2009-02-09 11:25 2028032 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2009-04-24 17:54 . 2009-08-04 17:27 2028032 c:\windows\Driver Cache\i386\ntkrpamp.exe

- 2009-02-10 22:07 . 2009-02-10 22:07 2070272 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2009-02-10 22:07 . 2009-08-04 17:27 2070272 c:\windows\Driver Cache\i386\ntkrnlpa.exe

- 2009-04-24 17:54 . 2009-02-09 11:25 2149376 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2009-04-24 17:54 . 2009-08-04 17:27 2149376 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2009-10-29 18:37 . 2009-10-29 18:37 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f431bc9e7c51a50035c19abea4cbcaa2\WindowsLive.Writer.ApplicationFramework.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf704776939a6c4d0fac5ad70099300b\WindowsLive.Writer.CoreServices.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7e735c4d2b299eb78cf8cb2c70865978\WindowsLive.Writer.PostEditor.ni.dll

+ 2009-10-29 18:25 . 2009-10-29 18:25 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll

+ 2009-10-29 18:25 . 2009-10-29 18:25 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll

+ 2009-10-29 18:40 . 2009-10-29 18:40 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll

+ 2009-10-29 18:31 . 2009-10-29 18:31 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll

+ 2009-10-29 18:35 . 2009-10-29 18:35 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll

+ 2009-10-29 18:31 . 2009-10-29 18:31 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll

+ 2009-10-29 18:35 . 2009-10-29 18:35 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll

+ 2009-10-29 18:31 . 2009-10-29 18:31 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll

+ 2009-10-29 18:29 . 2009-10-29 18:29 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\ffa1018e8022964eb51025c2c6d8727a\System.Data.OracleClient.ni.dll

+ 2009-10-29 18:30 . 2009-10-29 18:30 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll

+ 2009-10-29 18:29 . 2009-10-29 18:29 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll

+ 2009-10-29 18:29 . 2009-10-29 18:29 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll

+ 2009-10-29 18:28 . 2009-10-29 18:28 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll

+ 2009-10-29 18:25 . 2009-10-29 18:25 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll

+ 2009-10-29 18:38 . 2009-10-29 18:38 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll

+ 2009-10-29 18:39 . 2009-10-29 18:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2009-10-29 18:37 . 2009-10-29 18:37 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2009-10-28 19:53 . 2009-10-28 19:53 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-08-23 21:47 . 2009-08-23 21:47 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-08-23 21:48 . 2009-08-23 21:48 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2009-10-28 19:54 . 2009-10-28 19:54 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2009-04-25 22:48 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe

+ 2008-08-22 06:10 . 2009-08-29 07:57 11069440 c:\windows\system32\ieframe.dll

+ 2009-08-12 15:49 . 2009-08-29 07:57 11069440 c:\windows\system32\dllcache\ieframe.dll

+ 2009-08-14 22:32 . 2009-08-14 22:32 11110912 c:\windows\Installer\56d910.msp

+ 2009-10-28 19:49 . 2009-07-19 21:45 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll

+ 2009-10-29 18:32 . 2009-10-29 18:32 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll

+ 2009-10-29 18:36 . 2009-10-29 18:36 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll

+ 2009-10-29 18:30 . 2009-10-29 18:30 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll

+ 2009-10-29 18:27 . 2009-10-29 18:27 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll

+ 2009-10-29 18:26 . 2009-10-29 18:26 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll

+ 2009-10-28 19:55 . 2009-10-28 19:55 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

2009-11-02 18:17 2166296 ----a-w- c:\arquivos de programas\BS_Player\tbBS_1.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\arquivos de programas\BitTorrent\bittorrent.exe" [2009-11-06 654128]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-23 39408]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

"Malwarebytes Anti-Malware (reboot)"="c:\arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Color Calibration.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Color Calibration.lnk

backup=c:\windows\pss\Color Calibration.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^MagicTune4.0.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\MagicTune4.0.lnk

backup=c:\windows\pss\MagicTune4.0.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Windows Search.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Windows Search.lnk

backup=c:\windows\pss\Windows Search.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^Felipe de Souza^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]

path=c:\documents and settings\Felipe de Souza\Menu Iniciar\Programas\Inicializar\Recorte de tela e Iniciador do OneNote 2007.lnk

backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"c:\\Arquivos de programas\\DNA\\btdna.exe"=

"c:\\Arquivos de programas\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [13/11/2009 13:54 108289]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [23/4/2009 17:39 54752]

R2 OpenDNS Updater.exe;OpenDNS Updater;c:\arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe --run --> c:\arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe --run [?]

S2 gupdate1c9f0603e0f074e;Google Update Service (gupdate1c9f0603e0f074e);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [18/6/2009 20:00 133104]

S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [5/8/2009 23:48 704864]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [22/6/2009 22:12 136704]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [22/6/2009 22:12 8320]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-06-18 22:00]

 

2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-06-18 22:00]

 

2009-11-20 c:\windows\Tasks\User_Feed_Synchronization-{2EE23A71-91D3-45DA-A56C-77DA13359452}.job

- c:\windows\system32\msfeedssync.exe [2008-08-22 07:31]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://br.search.yahoo.com/search?fr=mcafee&p=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Translate with &Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

FF - ProfilePath - c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\

FF - component: c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\extensions\twitternotifier@naan.net\components\nsTwitterFoxSign.dll

FF - plugin: c:\arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\arquivos de programas\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-11-20 16:00

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]

"ImagePath"="\??\c:\arquivos de programas\CyberLink\PowerDVD\000.fcl"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(3984)

c:\windows\system32\WININET.dll

c:\arquiv~1\WINDOW~2\wmpband.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\arquivos de programas\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\arquivos de programas\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\arquivos de programas\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_por-br.nlr

c:\arquivos de programas\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe

c:\arquivos de programas\Nero\Nero8\InCD\InCDsrv.exe

c:\arquivos de programas\Java\jre6\bin\jqs.exe

c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

c:\arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\nvsvc32.exe

c:\arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe

c:\arquivos de programas\CyberLink\Shared files\RichVideo.exe

c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\slserv.exe

c:\arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

c:\windows\system32\wbem\wmiapsrv.exe

.

**************************************************************************

.

Tempo para conclusão: 2009-11-20 16:04 - Máquina reiniciou

ComboFix-quarantined-files.txt 2009-11-20 18:04

ComboFix2.txt 2009-10-27 19:38

 

Pré-execução: 2.424.958.976 bytes disponíveis

Pós execução: 2.557.497.344 bytes disponíveis

 

- - End Of File - - EEE67F88DBA12BE4AC8E9E9261036506

 

 

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:48:14, on 20/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Nero\Nero8\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\HiJackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.search.yahoo.com/search?fr=mcafee&p=%s

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: CBHO Object - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Arquivos de programas\CoreStreet\SpoofStick\SpoofStickBHO.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Arquivos de programas\CoreStreet\SpoofStick\SpoofStick.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [bitTorrent] "C:\Arquivos de programas\BitTorrent\bittorrent.exe"

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Update Service (gupdate1c9f0603e0f074e) (gupdate1c9f0603e0f074e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero8\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpenDNS Updater (OpenDNS Updater.exe) - OpenDNS - C:\Arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

--

End of file - 9505 bytes

[Sam Spade 2]

Desative seu antivirus, antispywares e firewall, para não causar conflitos. Mantenha-os desativados até terminar as instruções.

 

Selecione e copie o texto dentro do QUOTE. Abra o Bloco de notas e cole o que copiou. Salve então, na área de trabalho, com o nome de CFScript.txt.

 

File::

C:\fsys.bat

 

DirLook::

C:\Toinzé

Arraste agora o CFScript.txt para o ComboFix conforme a demonstração abaixo.

 

 

O ComboFix irá rodar e reiniciará o PC automaticamente para completar o processo de remoção. Caso isso não aconteça, então reinicie manualmente.

 

IMPORTANTE: Não use o mouse nem o teclado quando o ComboFix estiver rodando.

 

Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

 

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.

 

Quando acabar, será gerado um log, que estará em C:\ComboFix.txt. Selecione, copie e cole o seu conteúdo na próxima resposta.

 

OBS: Não rode o ComboFix mais do que uma vez. Isso irá sobreescrever o log e dificultará a remoção do(s) malware(s)

[Felipe7l 0]

Opa..

ta ai o log combo fix...

 

ComboFix 09-11-22.02 - Felipe de Souza 22/11/2009 21:00.4.2 - x86

Executando de: c:\documents and settings\Felipe de Souza\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\Felipe de Souza\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

FILE ::

"C:\fsys.bat"

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\fsys.bat

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-10-22 to 2009-11-22 ))))))))))))))))))))))))))))

.

 

2009-11-22 22:55 . 2009-11-22 22:57 -------- d-----w- C:\32788R22FWJFW

2009-11-21 12:22 . 2009-11-21 12:22 152576 ----a-w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\Sun\Java\jre1.6.0_17\lzma.dll

2009-11-19 21:02 . 2009-11-19 21:02 -------- d-----r- c:\documents and settings\LocalService\Favoritos

2009-11-13 15:54 . 2009-03-30 12:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-11-13 15:54 . 2009-02-13 14:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-11-13 15:54 . 2009-02-13 14:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-11-13 15:54 . 2009-11-13 15:54 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Avira

2009-11-13 15:54 . 2009-11-13 15:54 -------- d-----w- c:\arquivos de programas\Avira

2009-11-07 19:26 . 2009-11-07 19:26 -------- d-----w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\kodak

2009-11-02 20:55 . 2009-11-03 01:20 -------- d-----w- c:\windows\BDOSCAN8

2009-10-27 00:01 . 2009-09-10 16:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-27 00:01 . 2009-09-10 16:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-27 00:01 . 2009-10-27 00:01 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-10-25 13:24 . 2009-10-25 13:43 -------- d-----w- C:\Toinzé

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-22 22:40 . 2009-04-24 21:09 -------- d-----w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\BitTorrent

2009-11-22 20:37 . 2009-04-21 00:57 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2009-11-19 12:23 . 2009-04-21 00:09 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Babylon

2009-11-14 00:19 . 2009-06-06 16:12 -------- d-----w- c:\arquivos de programas\Windows Live Safety Center

2009-11-07 13:04 . 2009-04-21 00:49 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2009-11-02 18:15 . 2009-09-17 01:01 -------- d-----w- c:\arquivos de programas\BS_Player

2009-10-28 19:54 . 2001-10-28 15:07 83622 ----a-w- c:\windows\system32\perfc016.dat

2009-10-28 19:54 . 2001-10-28 15:07 479518 ----a-w- c:\windows\system32\perfh016.dat

2009-10-25 16:46 . 2009-09-26 13:54 -------- d-----w- c:\arquivos de programas\UsbFix

2009-10-20 21:51 . 2009-04-21 00:07 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2009-10-02 19:00 . 2009-10-02 19:00 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2009-10-02 19:00 . 2009-10-02 19:00 -------- d-----w- c:\arquivos de programas\Microsoft Office Outlook Connector

2009-10-02 18:57 . 2009-04-21 00:48 -------- d-----w- c:\arquivos de programas\Windows Live

2009-09-29 10:51 . 2009-04-21 00:30 -------- d-----w- c:\arquivos de programas\Google

2009-09-25 21:17 . 2009-08-10 00:07 -------- d-----w- c:\arquivos de programas\PhotoScape

2009-09-11 14:19 . 2008-04-13 22:20 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:04 . 2008-04-13 22:20 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-08-29 07:57 . 2008-04-13 22:20 916480 ------w- c:\windows\system32\wininet.dll

2009-08-26 08:01 . 2008-04-13 22:20 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-25 04:30 . 2009-10-13 15:44 13312 ----a-w- c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\extensions\twitternotifier@naan.net\components\nsTwitterFoxSign.dll

.

 

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of C:\Toinzé ----

 

2009-10-25 13:43 . 2009-06-11 22:09 3948359 ----a-w- c:\toinzé\wWw.FunkNeurotico.net_-_Montagem_-_Aquecimento_eita_porra(Ma.mp3

2009-10-25 13:43 . 2009-06-11 22:04 2838259 ----a-w- c:\toinzé\wWw.FunkNeurotico.net_-_Montagem_-_Aquecimento_da_loura(Marl.mp3

2009-10-25 13:42 . 2009-10-23 16:29 5266184 ----a-w- c:\toinzé\vj_loop_-_Klaas__-_How_Does_It_Feel.mp3

2009-10-25 13:42 . 2009-06-02 16:19 2418774 ----a-w- c:\toinzé\Top 10 Melbourne Shuffle Songs - HARDSTYLE.mp3

2009-10-25 13:42 . 2009-09-09 22:15 4078698 ----a-r- c:\toinzé\The Highstreet Allstars - Rock That Beat.mp3

2009-10-25 13:42 . 2009-09-23 23:34 5493258 ----a-r- c:\toinzé\Tecktonik - The Colour Of The Harder Style.mp3

2009-10-25 13:42 . 2009-09-09 22:14 9792322 ----a-r- c:\toinzé\Technoboy - Next Dimensional World (The Qlimax 2008 Anthem).mp3

2009-10-25 13:42 . 2009-08-18 21:59 6293835 ----a-w- c:\toinzé\Technoboy - My Style Is Hardstyle !.mp3

2009-10-25 13:42 . 2009-08-07 01:02 1804984 ----a-w- c:\toinzé\Sunshine (Remix) - MC Mario.mp3

2009-10-25 13:42 . 2009-10-21 16:41 5472102 ----a-w- c:\toinzé\Souja_Boy_-Kiss_Me_Thru_The_Phone.mp3

2009-10-25 13:42 . 2009-08-18 21:40 4758541 ----a-w- c:\toinzé\smf-hahaha_hardstyle_music_shuffle_czesio_dj_dannio_remix.mp3

2009-10-25 13:41 . 2009-09-09 22:14 4932035 ----a-r- c:\toinzé\SMF - Hardstyle (hahaha rmx).mp3

2009-10-25 13:41 . 2009-08-17 23:55 9893555 ----a-w- c:\toinzé\showtek_feat_mc_dv8 - back_2_skool [www.shuffle.lt].mp3

2009-10-25 13:41 . 2009-08-17 23:41 2980295 ----a-w- c:\toinzé\Showtek_Feat._DV8_-_We_are_The_Night [www.shuffle.lt].mp3

2009-10-25 13:41 . 2009-08-22 12:38 4626656 ----a-w- c:\toinzé\Showtek_-_Colours_Of_The_Hardstyle.MP3

2009-10-25 13:41 . 2009-08-09 20:11 6911071 ----a-r- c:\toinzé\Showtek - #@?$%~ Madre(Jumpstyle).mp3

2009-10-25 13:41 . 2009-09-09 22:14 2053374 ----a-r- c:\toinzé\Showtek - Party Lover (hardstyle Music).mp3

2009-10-25 13:41 . 2009-08-17 23:47 4637093 ----a-w- c:\toinzé\Showtek - FTS [www.shuffle.lt].mp3

2009-10-25 13:41 . 2009-08-09 20:12 4649381 ----a-r- c:\toinzé\Showtek - FTS.mp3

2009-10-25 13:41 . 2009-09-09 22:14 2064240 ----a-r- c:\toinzé\Showtek - Early Sounds (hardstyle Music).mp3

2009-10-25 13:40 . 2009-09-09 22:14 4590073 ----a-r- c:\toinzé\Showtek - Dust 2 Dust.MP3

2009-10-25 13:40 . 2009-08-17 23:45 8583800 ----a-w- c:\toinzé\Showtek - Dominate [www.shuffle.lt].mp3

2009-10-25 13:40 . 2009-09-09 22:14 4640300 ----a-r- c:\toinzé\Showtek - Colours Of The Hardstyle.MP3

2009-10-25 13:40 . 2009-09-19 13:25 10017296 ----a-r- c:\toinzé\Showtek - Black 2008.mp3

2009-10-25 13:40 . 2009-10-23 15:12 5228672 ----a-w- c:\toinzé\Remady P&R - No Superstar (Mr. Pink Remix).mp3

2009-10-25 13:40 . 2009-08-09 20:12 4188485 ----a-r- c:\toinzé\Rebolation!. Tuntz Tuntz Tuntz.mp3

2009-10-25 13:40 . 2008-09-29 08:19 3123118 ----a-w- c:\toinzé\RadioACTIVE - 03 - Everybody Knows.mp3

2009-10-25 13:40 . 2009-10-03 20:17 4267490 ----a-w- c:\toinzé\RadioACTIVE - 02 - Falling in Love.mp3

2009-10-25 13:40 . 2008-09-29 08:18 2783317 ----a-w- c:\toinzé\RadioACTIVE - 01 - Do Ya.mp3

2009-10-25 13:39 . 2009-09-23 23:34 5162947 ----a-r- c:\toinzé\Patrick bunton - young birds.mp3

2009-10-25 13:39 . 2009-06-11 22:02 3338240 ----a-w- c:\toinzé\Os Piratas - Barco (DJ_Marlon).mp3

2009-10-25 13:39 . 2007-06-26 23:05 2203526 ----a-w- c:\toinzé\O Som Do Galerao - Mc Cesinha Da Vila - Zoeira Do Uuhhh !!!.MP3

2009-10-25 13:39 . 2009-05-19 18:32 5633924 ----a-w- c:\toinzé\Neyo_-_Miss_Independent.mp3

2009-10-25 13:39 . 2009-06-11 22:00 5484544 ----a-w- c:\toinzé\montagem - aquecimento da gaita - (dj marlon)185249.mp3

2009-10-25 13:39 . 2009-10-04 13:46 5985048 ----a-r- c:\toinzé\Mondotek - Alive (Original Mix).mp3

2009-10-25 13:39 . 2009-10-23 15:42 4348413 ----a-w- c:\toinzé\mondotec - alive(2).mp3

2009-10-25 13:39 . 2009-10-03 20:20 1134803 ----a-w- c:\toinzé\Mini Game - (DJ.mp3

2009-10-25 13:39 . 2009-10-07 11:40 441272 ----a-w- c:\toinzé\MINI GAME.mp3

2009-10-25 13:39 . 2009-09-19 13:25 3960594 ----a-r- c:\toinzé\michael_mind_-_bakerstreet_(radio_version).mp3

2009-10-25 13:39 . 2009-08-18 21:13 2234482 ----a-w- c:\toinzé\Metropolis Discotheque - Dj Arno Vs FuraX - Tecktonik TCK El.mp3

2009-10-25 13:39 . 2009-08-29 19:13 2397040 ----a-w- c:\toinzé\Melbourne Vs Hardstyle Republic - Shuffle.mp3

2009-10-25 13:38 . 2009-08-29 19:13 4310208 ----a-w- c:\toinzé\Melbourne Shufflers - The Shuffle(1)(1).mp3

2009-10-25 13:38 . 2009-08-18 22:54 3951848 ----a-w- c:\toinzé\Maski - Bom Bim Bom (DJ Yan Bomba Remix) VA ACID TECHNO HARD.mp3

2009-10-25 13:38 . 2009-10-06 20:38 3715179 ----a-r- c:\toinzé\Linkin Park - Numb (DJ Picci HarDsTyLe ReMix).mp3

2009-10-25 13:38 . 2009-10-14 15:33 3250883 ----a-w- c:\toinzé\Laurent Wolf - No Stress.mp3

2009-10-25 13:38 . 2009-10-06 20:38 3192938 ----a-r- c:\toinzé\Laurent Wof - No Stress.mp3

2009-10-25 13:38 . 2009-10-06 20:38 5584512 ----a-r- c:\toinzé\Jumped - Loituma Jumpstyle Remix.MP3

2009-10-25 13:38 . 2009-10-14 15:33 7404716 ----a-w- c:\toinzé\Judgement Day.mp3

2009-10-25 13:38 . 2009-09-13 01:42 2652847 ----a-w- c:\toinzé\HIT ME.mp3

2009-10-25 13:38 . 2009-09-09 22:14 9854468 ----a-r- c:\toinzé\Headhunterz - Victim of my rage.mp3

2009-10-25 13:37 . 2009-09-09 22:14 3983795 ----a-r- c:\toinzé\Headhunterz - The Sacrifice(1).mp3

2009-10-25 13:37 . 2009-09-09 22:14 4327249 ----a-r- c:\toinzé\Headhunterz - The Power of the Mind (Qlimax 2008).mp3

2009-10-25 13:37 . 2009-09-09 22:14 2632423 ----a-r- c:\toinzé\Headhunterz - Rockin' Steady (Hardstyle Mixed By DJ Zany) - Tecktonik TCK Electro Elektro Jump Jumpstyle Ha.mp3

2009-10-25 13:37 . 2009-09-09 22:14 6251481 ----a-r- c:\toinzé\Headhunterz - Rock Civilization.mp3

2009-10-25 13:37 . 2009-09-09 22:14 3294472 ----a-r- c:\toinzé\Headhunterz - Reloaded.mp3

2009-10-25 13:37 . 2009-08-09 20:10 6129906 ----a-r- c:\toinzé\Headhunterz - Hate It Or Love It.mp3

2009-10-25 13:37 . 2009-09-09 22:14 10313468 ----a-r- c:\toinzé\Headhunterz - Forever Az One.mp3

2009-10-25 13:36 . 2009-09-09 22:14 1695777 ----a-r- c:\toinzé\Headhunterz - Esta Loca.mp3

2009-10-25 13:36 . 2009-09-09 22:14 1616175 ----a-r- c:\toinzé\Hardstyle_Republic_-_Resistance_Is_Futile.mp3

2009-10-25 13:36 . 2009-09-09 22:14 4362358 ----a-r- c:\toinzé\Hardstyle Masterz - Beat Diz (Technoboy 2007 Remix).mp3

2009-10-25 13:36 . 2009-09-27 18:49 9529545 ----a-w- c:\toinzé\Hardstyle Dance Revolution -Melbourne Shuffle-.mp3

2009-10-25 13:36 . 2009-08-18 22:52 2418774 ----a-w- c:\toinzé\HARDSTYLE - Top 10 Melbourne Shuffle Songs.mp3

2009-10-25 13:36 . 2009-10-23 15:42 8422768 ----a-w- c:\toinzé\Hardrox - Feel The hard rock (Heiko And Maiko mix).mp3

2009-10-25 13:36 . 2009-10-03 20:08 7361610 ----a-w- c:\toinzé\halo.mp3

2009-10-25 13:35 . 2009-09-27 18:48 8557612 ----a-w- c:\toinzé\Haddaway - What is love.mp3

2009-10-25 13:35 . 2009-10-03 20:14 7692496 ----a-w- c:\toinzé\Guru Josh Project - Infinity 2008 (Klaas Vocal Edit).mp3

2009-10-25 13:35 . 2009-05-09 14:24 3242627 ----a-w- c:\toinzé\Funk - Mc Pé de Pano - Abre as Pernas e Relaxa - (DJ Phabyo).mp3

2009-10-25 13:35 . 2009-05-09 18:32 5150431 ----a-w- c:\toinzé\Funk - Mágico MC e Suzy - Se o Magico Faz Mágica, a Feiticei.mp3

2009-10-25 13:35 . 2009-10-20 23:32 10369636 ----a-w- c:\toinzé\Freddo Fuori vs Veron - Masters Get Up At Work (Art Inc. Mashup).mp3

2009-10-25 13:35 . 2009-09-23 23:33 5477992 ----a-r- c:\toinzé\End Of My Existence.mp3

2009-10-25 13:35 . 2009-10-05 12:28 4591598 ----a-w- c:\toinzé\Eletrônica - Work It.mp3

2009-10-25 13:34 . 2009-10-05 12:25 7437520 ----a-w- c:\toinzé\Eletrônica - Vampire Tec.mp3

2009-10-25 13:34 . 2009-10-05 12:01 2440922 ----a-w- c:\toinzé\Eletrônica - Let Me Thi.mp3

2009-10-25 13:34 . 2009-10-05 11:59 3704709 ----a-w- c:\toinzé\Eletrônica - I Dont Know Why.mp3

2009-10-25 13:34 . 2009-10-05 11:52 3861531 ----a-w- c:\toinzé\Eletrônica - Colby Odonis.mp3

2009-10-25 13:34 . 2009-09-23 23:33 3616300 ----a-r- c:\toinzé\elektro love is gone.mp3

2009-10-25 13:34 . 2009-08-16 14:15 5802425 ----a-r- c:\toinzé\EFS ll HSL´z ll Devil Jin Remix For GHD ll Nathalia.mp3

2009-10-25 13:34 . 2009-09-09 22:14 9017580 ----a-r- c:\toinzé\Donkey Rollers - No One Can Stop Us (Showtek Kwartjes Remix).mp3

2009-10-25 13:34 . 2009-10-21 16:50 2197504 ----a-w- c:\toinzé\DJ_Asa_-_Super_Mario_Bros.mp3

2009-10-25 13:34 . 2009-10-21 00:04 3899347 ----a-w- c:\toinzé\Dj_Antonie_-_Now_That_Are_You_Gone.mp3

2009-10-25 13:33 . 2009-08-18 22:52 5658375 ----a-w- c:\toinzé\DJ Lady Dana - Hardstyle God(shuffle).mp3

2009-10-25 13:33 . 2009-10-23 15:29 2889105 ----a-w- c:\toinzé\Dj José - Turn The Lights Off.mp3

2009-10-25 13:33 . 2009-08-17 23:51 6746304 ----a-w- c:\toinzé\dj corrosive - hard stile.mp3

2009-10-25 13:33 . 2009-10-20 23:54 3887232 ----a-w- c:\toinzé\Dj Antonie Vs. The Drill - Good Evening Moscow.mp3

2009-10-25 13:33 . 2009-10-20 23:57 3074924 ----a-w- c:\toinzé\DJ Antonie- Doggy Style.mp3

2009-10-25 13:33 . 2009-09-09 22:14 4606702 ----a-r- c:\toinzé\Dj Antonie - Work It.mp3

2009-10-25 13:33 . 2009-10-21 00:10 5301504 ----a-w- c:\toinzé\Dj Antonie - This Time.mp3

2009-10-25 13:33 . 2009-10-21 00:20 4718323 ----a-w- c:\toinzé\DJ Antonie - Stop.mp3

2009-10-25 13:33 . 2009-10-21 00:04 3953061 ----a-w- c:\toinzé\Dj Antonie - Arabian Adventure.mp3

2009-10-25 13:32 . 2009-09-09 22:14 5407511 ----a-r- c:\toinzé\Discotronic - Tricky Disco (Headhunterz Remix).mp3

2009-10-25 13:32 . 2009-09-09 22:14 5479771 ----a-r- c:\toinzé\Desaparecidos (ibiza) v.S (dota) Busshunter(_[Dj] Liustreet_) .mp3

2009-10-25 13:32 . 2009-10-20 23:16 3211634 ----a-w- c:\toinzé\Desaparecidos - Ibiza.mp3

2009-10-25 13:32 . 2009-08-09 20:10 8420500 ----a-r- c:\toinzé\Deepforces - Paxi Fixi.mp3

2009-10-25 13:32 . 2009-09-09 22:14 9345527 ----a-r- c:\toinzé\Deepack vs Showtek - Rockin Steady.mp3

2009-10-25 13:32 . 2009-09-09 22:14 5793227 ----a-r- c:\toinzé\Decibel Outdoor 2005 - Hardstyle Mixed By DJ Zany - 09 - Showtek - Down With This.mp3

2009-10-25 13:32 . 2009-08-26 15:46 3130815 ----a-w- c:\toinzé\D-devils_-_Impheatus.mp3

2009-10-25 13:32 . 2009-10-14 15:33 4816606 ----a-w- c:\toinzé\D-Devils - The Devil is a DJ (Extended Power Mix).mp3

2009-10-25 13:31 . 2009-09-09 22:15 5804032 ----a-r- c:\toinzé\Davide Sonar - Sarabande.mp3

2009-10-25 13:31 . 2009-08-22 23:11 3043844 ----a-w- c:\toinzé\David Guetta Love Is Gone - Tecktonik Tck Electro Elektro Ju.mp3

2009-10-25 13:31 . 2009-09-09 22:14 7159178 ----a-r- c:\toinzé\Darude - SandStorm - (Techno Dance) (Hard Trance Remix) (Love Parade) 1.mp3

2009-10-25 13:31 . 2009-10-23 16:28 3617442 ----a-w- c:\toinzé\Darude - Sandstorm.mp3

2009-10-25 13:31 . 2009-09-09 22:14 7054258 ----a-r- c:\toinzé\Dark Oscillators - Superstar DJ(1).mp3

2009-10-25 13:31 . 2009-10-19 21:35 7661236 ----a-r- c:\toinzé\Dark Oscillators - Stereophobia.mp3

2009-10-25 13:31 . 2009-09-09 22:14 5756284 ----a-r- c:\toinzé\Dark By Design SMG- Lost In The Dark.mp3

2009-10-25 13:30 . 2009-09-09 22:15 9480192 ----a-r- c:\toinzé\Dan Winter - Carry Your Heart (Tune Up! Remix).mp3

2009-10-25 13:30 . 2009-10-18 02:03 4397984 ----a-r- c:\toinzé\Daft Punk - Harder Better Faster Stronger (Hardstyle Remix).mp3

2009-10-25 13:30 . 2009-10-24 13:14 3294727 ----a-r- c:\toinzé\d_devils_-_final_countdown(01).mp3

2009-10-25 13:30 . 2009-09-09 22:14 6718602 ----a-r- c:\toinzé\Cupid-Cupid Shuffle.mp3

2009-10-25 13:30 . 2009-09-29 21:39 3340544 ----a-w- c:\toinzé\Creed - One Last Breath.mp3

2009-10-25 13:30 . 2009-10-03 19:38 5862980 ----a-w- c:\toinzé\Coldplay - Viva La Vida.mp3

2009-10-25 13:30 . 2009-10-15 23:37 5077930 ----a-w- c:\toinzé\Colbie Caillat - Midnight bottle.mp3

2009-10-25 13:30 . 2009-10-05 13:04 8021517 ----a-w- c:\toinzé\Chris Brown - Exclusive - 19 - Fallen Angel .mp3

2009-10-25 13:30 . 2009-05-19 18:38 3280321 ----a-w- c:\toinzé\Children - Dave Darrel.mp3

2009-10-25 13:29 . 2009-10-15 13:15 18921472 ----a-r- c:\toinzé\Celldweller_-_Switchback_(GMS_Rmx).mp3

2009-10-25 13:29 . 2009-09-27 19:48 5281544 ----a-w- c:\toinzé\CD Sensation 2009 -Faixa 01.mp3

2009-10-25 13:29 . 2009-09-09 22:14 4618664 ----a-r- c:\toinzé\Cascade - Bad Boy.mp3

2009-10-25 13:29 . 2009-10-15 13:26 5734957 ----a-r- c:\toinzé\Cascada - Shut Up (Cascada Remix).mp3

2009-10-25 13:29 . 2009-09-09 22:14 2039967 ----a-r- c:\toinzé\Builder - Hardbeat Market.mp3

2009-10-25 13:29 . 2009-09-09 22:14 2938789 ----a-r- c:\toinzé\Brennan Heart - We Are Possessed (Headhunterz RMX) Tecktonik vol 4 CD2 DJ DESS.mp3

2009-10-25 13:29 . 2009-07-03 16:22 2946192 ----a-w- c:\toinzé\Black Eyed Peas - I Gotta Feeling_-_By Francisco & Bronit Ir.mp3

2009-10-25 13:28 . 2009-08-09 20:11 4724309 ----a-r- c:\toinzé\Beattraax-Project_Well.mp3

2009-10-25 13:28 . 2009-09-09 22:14 5108251 ----a-r- c:\toinzé\Basshunter - Now you.mp3

2009-10-25 13:28 . 2009-09-09 22:14 2461974 ----a-r- c:\toinzé\BassHunter - Heaven.mp3

2009-10-25 13:28 . 2009-09-09 22:14 6936430 ----a-r- c:\toinzé\Basshunter - Boten Anna.mp3

2009-10-25 13:28 . 2009-09-23 23:34 8150785 ----a-r- c:\toinzé\Basshunter - Angel In The Night.mp3

2009-10-25 13:28 . 2009-09-09 22:14 7078721 ----a-r- c:\toinzé\Basshunter - All I Ever Wanted.mp3

2009-10-25 13:28 . 2009-10-03 20:06 5094295 ----a-w- c:\toinzé\Basshunter -01- Now you're gone.mp3

2009-10-25 13:28 . 2009-09-09 22:15 5463293 ----a-r- c:\toinzé\Bass Agents - Black Winter HARDSTYLE Shuffle music.mp3

2009-10-25 13:27 . 2009-09-09 22:14 6822988 ----a-r- c:\toinzé\BASHUNTER - DOTA REEDIT(DAVIDPRODJ).mp3

2009-10-25 13:27 . 2009-10-19 22:01 4540638 ----a-r- c:\toinzé\Axel Coon - Lamenting City.mp3

2009-10-25 13:27 . 2009-10-02 16:16 4701291 ----a-w- c:\toinzé\artist - Track 5_0925133619.mp3

2009-10-25 13:27 . 2009-09-09 22:14 10187770 ----a-r- c:\toinzé\Alpha_twins-nowhere_to_hide-sds.mp3

2009-10-25 13:27 . 2009-09-09 22:14 5608294 ----a-r- c:\toinzé\Alpha twins - Smack My Derb.mp3

2009-10-25 13:27 . 2009-10-14 15:34 5768548 ----a-w- c:\toinzé\All The Above.mp3

2009-10-25 13:27 . 2009-09-27 18:47 5303332 ----a-w- c:\toinzé\Alex Gaudino feat. Shena - Watch out.mp3

2009-10-25 13:26 . 2009-10-20 23:54 5133312 ----a-w- c:\toinzé\Abretura_Planeta_Ibiza_2_____Gringa__.mp3

2009-10-25 13:26 . 2009-09-27 18:47 2799575 ----a-w- c:\toinzé\117_charly_lownoise_und_mental_theo_-_wonderfull_days_2008_(showtek_remix_edit).mp3

2009-10-25 13:26 . 2009-08-27 21:24 4950016 ----a-r- c:\toinzé\20 - Dan Winter - Carry Your Heart (radio edit).mp3

2009-10-25 13:26 . 2009-10-20 23:53 3427507 ----a-w- c:\toinzé\18 - DJ Antonie- All We Need.mp3

2009-10-25 13:26 . 2009-09-28 21:09 7153742 ----a-r- c:\toinzé\14 - Dj Jose - Turn The Lights Off (Radio Edit).mp3

2009-10-25 13:26 . 2009-10-03 20:04 4712116 ----a-w- c:\toinzé\10_-_Pacificadores_-_Eu_queria_mudar.mp3

2009-10-25 13:26 . 2007-06-11 20:53 4378624 ----a-w- c:\toinzé\08 - Kasino - Shake It (Paginas da vida internacional).mp3

2009-10-25 13:26 . 2009-10-21 00:24 4958329 ----a-w- c:\toinzé\07 - UNDERNEATH- DJ ANTONIE.mp3

2009-10-25 13:26 . 2009-10-19 12:55 6870998 ----a-w- c:\toinzé\06-lady_gaga-poker_face(2).mp3

2009-10-25 13:26 . 2009-09-28 14:57 3779440 ----a-w- c:\toinzé\06_-_Dj_Zamli_-_The_Bashunter_Song.mp3

2009-10-25 13:25 . 2009-09-27 17:46 3146316 ----a-w- c:\toinzé\05. All i need.mp3

2009-10-25 13:25 . 2009-10-05 12:55 140583 ----a-w- c:\toinzé\4iki-4ikita000.mp3

2009-10-25 13:25 . 2009-10-21 00:02 3207545 ----a-w- c:\toinzé\04.Dj Antonie - Tribute.mp3

2009-10-25 13:25 . 2009-10-14 15:33 5472304 ----a-w- c:\toinzé\3. DJ Yves Meets Chaps & Rolay - Who’s Fiction (Devils Fiction).mp3

2009-10-25 13:25 . 2009-10-20 23:43 2936579 ----a-w- c:\toinzé\02I_like_to_move_it.mp3

2009-10-25 13:25 . 2009-10-06 20:39 5459026 ----a-r- c:\toinzé\2-Cosmic Gate - Tomorrow.mp3

2009-10-25 13:25 . 2009-07-18 16:04 4591598 ----a-w- c:\toinzé\02. Dj Antonie - Work It.mp3

2009-10-25 13:25 . 2008-04-13 18:55 2721924 ----a-w- c:\toinzé\001oliversom cornetas.mp3

2009-10-25 13:25 . 2009-09-09 23:33 7440221 ----a-r- c:\toinzé\01-korsakoff-unrivalled.mp3

2009-10-25 13:25 . 2009-09-19 13:47 6590696 ----a-r- c:\toinzé\1-Dave Joy- Fourth Joyride (buckle up).mp3

2009-10-25 13:25 . 2009-10-05 11:40 700400 ----a-w- c:\toinzé\~O266UO0.mp3

 

 

((((((((((((((((((((((((((((( SnapShot_2009-11-20_18.00.22 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-11-22 22:38 . 2009-11-22 22:38 16384 c:\windows\temp\Perflib_Perfdata_174.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

2009-11-02 18:17 2166296 ----a-w- c:\arquivos de programas\BS_Player\tbBS_1.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\arquivos de programas\BS_Player\tbBS_1.dll" [2009-11-02 2166296]

 

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\arquivos de programas\BitTorrent\bittorrent.exe" [2009-11-06 654128]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-23 39408]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

"Malwarebytes Anti-Malware (reboot)"="c:\arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Color Calibration.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Color Calibration.lnk

backup=c:\windows\pss\Color Calibration.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^MagicTune4.0.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\MagicTune4.0.lnk

backup=c:\windows\pss\MagicTune4.0.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Windows Search.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Windows Search.lnk

backup=c:\windows\pss\Windows Search.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^Felipe de Souza^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]

path=c:\documents and settings\Felipe de Souza\Menu Iniciar\Programas\Inicializar\Recorte de tela e Iniciador do OneNote 2007.lnk

backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"c:\\Arquivos de programas\\DNA\\btdna.exe"=

"c:\\Arquivos de programas\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [13/11/2009 13:54 108289]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [23/4/2009 17:39 54752]

R2 OpenDNS Updater.exe;OpenDNS Updater;c:\arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe --run --> c:\arquivos de programas\OpenDNS Updater\OpenDNS Updater.exe --run [?]

S2 gupdate1c9f0603e0f074e;Google Update Service (gupdate1c9f0603e0f074e);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [18/6/2009 20:00 133104]

S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [5/8/2009 23:48 704864]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [22/6/2009 22:12 136704]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [22/6/2009 22:12 8320]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-06-18 22:00]

 

2009-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-06-18 22:00]

 

2009-11-22 c:\windows\Tasks\User_Feed_Synchronization-{2EE23A71-91D3-45DA-A56C-77DA13359452}.job

- c:\windows\system32\msfeedssync.exe [2008-08-22 07:31]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://br.search.yahoo.com/search?fr=mcafee&p=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Translate with &Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

FF - ProfilePath - c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\

FF - component: c:\documents and settings\Felipe de Souza\Dados de aplicativos\Mozilla\Firefox\Profiles\rbkrvids.default\extensions\twitternotifier@naan.net\components\nsTwitterFoxSign.dll

FF - plugin: c:\arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\arquivos de programas\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-11-22 21:07

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]

"ImagePath"="\??\c:\arquivos de programas\CyberLink\PowerDVD\000.fcl"

.

Tempo para conclusão: 2009-11-22 21:09

ComboFix-quarantined-files.txt 2009-11-22 23:09

ComboFix2.txt 2009-11-20 18:04

ComboFix3.txt 2009-10-27 19:38

 

Pré-execução: 2.456.010.752 bytes disponíveis

Pós execução: 2.483.871.744 bytes disponíveis

 

- - End Of File - - 3EA685C92AF8476090CD541C2D617C13

[Sam Spade 2]

Ok, o log está limpo. Para finalizar, vá em Iniciar > Executar > digite (ou copie e cole): ComboFix /Uninstall

 

 

Dê o OK. Aguarde, pois isso irá desinstalar o ComboFix, deletar os arquivos e pastas relacionados e apagará pontos da Restauração do sistema que possam estar infectados, criando um ponto limpo.

 

Leia estes artigos sobre segurança:

 

Proteja seu PC

Cuidados ao navegar na net.

 

Abraço.

[Felipe7l 0]

Kra vlw mesmo!

mt obrigado!

Abrass!

[Sam Spade 2]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.