Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Armensen

[Resolvido!] Análise de log

Recommended Posts

Gostaria que analisassem meu log do Hijackthis pois várias coisas estranhas tem ocorrido em meu PC. Uso o Windows 7 e o espaço ocupado no disco local tem aumentado e diminuido diversas vezes sem eu instalar ou remover algum programa (me refiro às casas dos números dos MB no ícone do Disco Local), o firewall tem bloqueado o arquivo explorer.exe no acesso à memória por inúmeras vezes e a aplicação Windows Operating System em diversas portas com nºs de IP diversos (uso o Ares como compartilhador de arquivos, não sei se tem a ver) e o Hijackthis não tem mostrado alguns processos presentes no gerenciador de tarefas, como o svchost.exe. No mais, também seria para certificar se há alguma existência de vírus/malware que passa desapercebido.

OBS: Já passei o Eset On-line Scanner e nada foi encontrado, se me indicarem o procedimento com o Kaspersly On line favor me indicar o link de onde posso atualizar o Java pois ao tentar scanear ele pede a nova versão.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:29:59, on 30/04/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{AC1A1AEB-7F16-46B6-900B-F8512D651384}: NameServer = 10.14.96.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL

O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Update Service (gupdate1cacdbe85183cc9) (gupdate1cacdbe85183cc9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files\Scpad\scpVista.exe

 

--

End of file - 5391 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Armensen

 

<@> Baixe: < OTL > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Clique duplo em: < otlDesktopIcon.png >

<@> Ps: Sigamos,agora,com sua configuração!

 

1 - Em "Saída",deixe marcado o botão "Resumida".

2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit!

3 - Processos: Usar SafeList <-- Marque!

4 - Módulos: Usar SafeList <-- Marque!

5 - Serviços: Usar SafeList <-- Marque!

6 - Drivers: Usar SafeList <-- Marque!

7 - Exame Padrão do Registro: Usar SafeList <-- Marque!

8 - Exame Extra do Registro: Usar SafeList <-- Marque!

9 - Verificação de Arquivos:

 

<!> Data de Criação >> Escolha: 15 dias

 

<!> Marque: Usar WhiteList para Nomes de Companhias

<!> Marque: Ignorar Arquivos Microsoft

 

10 - Arquivos Criados Desde:

 

<!> Marque: Data de Criação

 

11 - Arquivos Modificados Desde:

 

<!> Marque: Data de Criação

<!> Marque as caixas:

 

[] Verificar Lop

[] Verificar Purity

 

<@> Ps: Sugiro que imprima estas orientações,para posterior leitura.

 

netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\cngaudit.dll /s /md5%SYSTEMDRIVE%\sceclt.dll /s /md5%SYSTEMDRIVE%\ntelogon.dll /s /md5%SYSTEMDRIVE%\logevent.dll /s /md5%SYSTEMDRIVE%\iaStor.sys /s /md5%SYSTEMDRIVE%\nvstor.sys /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5%SYSTEMDRIVE%\IdeChnDr.sys /s /md5%SYSTEMDRIVE%\viasraid.sys /s /md5

<@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções

<@> Clique em: Verificar --> Aguarde!

<@> Concluindo,poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

OTL logfile created on: 02/05/2010 15:36:09 - Run 1

OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Lucas\Ambiente de rede\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 97,56 Gb Total Space | 84,30 Gb Free Space | 86,41% Space Free | Partition Type: NTFS

Drive D: | 200,43 Gb Total Space | 200,09 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LUCAS-PC

Current User Name: Lucas

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = All Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Lucas\Ambiente de rede\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\COMODO\COMODO Internet Security\cmdagent.exe ()

PRC - C:\Arquivos de Programas\COMODO\COMODO Internet Security\cfp.exe (COMODO)

PRC - C:\Arquivos de Programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Arquivos de Programas\VIA\VIAudioi\VDeck\VDeck.exe (VIA)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)

PRC - C:\Arquivos de Programas\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)

PRC - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Lucas\Ambiente de rede\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) Instalador do ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (scpVista) -- C:\Arquivos de Programas\Scpad\scpVista.exe (Scopus Tecnologia Ltda)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)

DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)

DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)

DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (SASDIFSV) -- C:\Arquivos de Programas\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Arquivos de Programas\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASENUM) -- C:\Arquivos de Programas\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (SrvHsfPCI) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)

DRV - (SrvHsfV92) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)

DRV - (SrvHsfWinac) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)

DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 75 85 A0 1B 6D DD CA 01 [binary data]

IE - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: ""

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/02 01:29:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/21 13:56:51 | 000,000,000 | ---D | M]

 

[2010/03/26 15:44:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\mozilla\Extensions

[2010/03/26 17:38:30 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\hltlaus5.default\extensions

[2010/03/26 15:43:57 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2010/01/15 22:18:55 | 000,001,027 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/01/15 22:18:55 | 000,001,212 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/01/15 22:18:55 | 000,001,168 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/01/15 22:18:55 | 000,000,952 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: ([2010/04/24 14:50:25 | 000,000,822 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de Programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

O3 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)

O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1

O7 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Arquivos de Programas\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de Programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de Programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de Programas\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias [2009/07/13 23:37:08 | 000,000,000 | ---D | M]

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

 

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: CLPSLS - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootMin: Primary disk - Driver Group

SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: CLPSLS - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)

SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - File not found

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: vsmon - Service

SafeBootNet: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {49C187D7-91E1-459E-9759-2925384BD397} - .NET Framework

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

========== Files/Folders - Created Within All Days ==========

 

[2010/05/02 15:37:27 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Temp

[2010/05/02 15:32:14 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Lucas\Ambiente de rede\Desktop\OTL.exe

[2010/05/02 00:44:04 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Documents

[2010/05/01 23:18:53 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Downloads

[2010/05/01 22:54:24 | 000,000,000 | ---D | M] -- C:\Users\Lucas\Tracing

[2010/05/01 14:31:35 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Music

[2010/04/29 14:38:25 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\ElevatedDiagnostics

[2010/04/28 00:03:55 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Ares

[2010/04/27 17:44:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010/04/27 17:39:45 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files

[2010/04/27 17:35:20 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010/04/27 17:35:20 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010/04/27 17:35:20 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010/04/27 17:34:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010/04/27 01:08:53 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Pictures

[2010/04/24 11:47:17 | 000,000,000 | ---D | M] -- C:\ProgramData\COMODO

[2010/04/24 11:44:41 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\COMODO

[2010/04/24 11:43:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Comodo Downloader

[2010/04/24 10:59:41 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs

[2010/04/24 10:59:11 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\CheckPoint

[2010/04/24 10:58:45 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\CheckPoint

[2010/04/21 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\GetRightToGo

[2010/04/21 16:51:51 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Downloads

[2010/04/21 14:09:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010/04/21 13:48:43 | 000,000,000 | --SD | M] -- C:\Users\Lucas\AppData\Roaming\Microsoft

[2010/04/21 13:30:50 | 000,000,000 | ---D | M] -- C:\ProgramData\CheckPoint

[2010/04/21 12:58:45 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Trend Micro

[2010/04/20 09:49:36 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\DVDVideoSoft

[2010/04/20 09:49:32 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\DVDVideoSoft

[2010/04/20 09:49:29 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\DVDVideoSoft

[2010/04/20 00:38:53 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\NCH Swift Sound

[2010/04/20 00:38:53 | 000,000,000 | ---D | M] -- C:\ProgramData\NCH Swift Sound

[2010/04/20 00:35:14 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\NCH Swift Sound

[2010/04/20 00:34:16 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Favorites

[2010/04/20 00:29:31 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Free Audio Pack

[2010/04/20 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\FreeAudioPack

[2010/04/20 00:27:20 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll

[2010/04/20 00:27:20 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll

[2010/04/20 00:27:20 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll

[2010/04/20 00:27:20 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll

[2010/04/20 00:27:20 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll

[2010/04/20 00:27:20 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll

[2010/04/20 00:27:20 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll

[2010/04/17 14:40:12 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\SUPERAntiSpyware

[2010/04/17 01:09:50 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Google

[2010/04/17 00:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2010/04/16 10:58:50 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Spyware Doctor

[2010/04/16 10:56:21 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP

[2010/04/14 01:13:22 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Threat Expert

[2010/04/13 11:20:09 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink

[2010/04/13 11:20:04 | 000,000,000 | ---D | M] -- C:\Users\Lucas\local

[2010/04/08 22:36:00 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Scpad

[2010/04/08 01:46:48 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Avira

[2010/04/08 01:41:56 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010/04/08 01:41:56 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010/04/08 01:41:56 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2010/04/08 01:41:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2010/04/08 01:41:56 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2010/04/08 01:41:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira

[2010/04/08 01:41:56 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Avira

[2010/04/05 00:33:51 | 000,034,816 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Users\Lucas\Ambiente de rede\Desktop\IBProcMan.exe

[2010/04/04 15:17:48 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft

[2010/04/04 15:17:21 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Microsoft

[2010/04/02 01:43:11 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\eder

[2010/04/02 01:29:46 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Mozilla Firefox

[2010/04/01 21:46:53 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Ambiente de rede\Desktop\Kelly

[2010/04/01 20:04:18 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware

[2010/04/01 01:01:17 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\WinRAR

[2010/04/01 01:01:05 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\WinRAR

[2010/03/31 11:15:16 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Adobe

[2010/03/30 00:57:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe

[2010/03/28 23:10:05 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Adobe

[2010/03/27 19:35:55 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Nero

[2010/03/27 13:17:14 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Fotosizer

[2010/03/27 13:14:30 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Google

[2010/03/27 12:32:20 | 000,298,496 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\unin0416.exe

[2010/03/27 11:02:35 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\VIA

[2010/03/27 10:42:48 | 000,000,000 | -H-D | M] -- C:\Arquivos de Programas\InstallShield Installation Information

[2010/03/27 10:42:24 | 000,205,824 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll

[2010/03/27 10:42:24 | 000,181,248 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\ViaMicArrayAPO.dll

[2010/03/27 10:42:24 | 000,076,288 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll

[2010/03/27 10:42:24 | 000,071,680 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll

[2010/03/27 10:42:24 | 000,068,608 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll

[2010/03/27 10:41:43 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\InstallShield

[2010/03/27 00:52:18 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Malwarebytes

[2010/03/27 00:52:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/03/27 00:52:13 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/03/27 00:52:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes

[2010/03/27 00:40:58 | 000,000,000 | ---D | M] -- C:\ProgramData\SUPERAntiSpyware.com

[2010/03/27 00:40:54 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\SUPERAntiSpyware.com

[2010/03/27 00:40:33 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\Wise Installation Wizard

[2010/03/27 00:31:49 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Lucas Tadeu de Souza

[2010/03/27 00:21:00 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Ares

[2010/03/27 00:13:06 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Microsoft Games

[2010/03/27 00:12:52 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Saved Games

[2010/03/26 17:44:44 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Macromedia

[2010/03/26 17:43:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2010/03/26 17:43:14 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\CyberLink

[2010/03/26 17:43:14 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\CyberLink

[2010/03/26 17:39:35 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\CCleaner

[2010/03/26 17:23:10 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Meus arquivos recebidos

[2010/03/26 15:44:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Mozilla

[2010/03/26 15:44:02 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Mozilla

[2010/03/26 14:15:27 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Silverlight

[2010/03/26 14:15:04 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft

[2010/03/26 14:14:59 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Live

[2010/03/26 14:14:54 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\microsoft shared

[2010/03/26 14:14:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2010/03/26 14:14:49 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Live SkyDrive

[2010/03/26 14:11:57 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\Windows Live

[2010/03/26 14:11:09 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\MSECache

[2010/03/26 13:35:11 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\CyberLink

[2010/03/26 13:31:06 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Alwil Software

[2010/03/26 13:30:34 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\Adobe

[2010/03/26 13:30:29 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Adobe

[2010/03/26 13:30:19 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Nero

[2010/03/26 13:30:06 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\Nero

[2010/03/26 13:30:03 | 001,757,184 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagX7.dll

[2010/03/26 13:30:03 | 000,802,816 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXRA7.dll

[2010/03/26 13:30:03 | 000,497,296 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXpr7.dll

[2010/03/26 13:30:03 | 000,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\Windows\System32\TwnLib4.dll

[2010/03/26 13:30:03 | 000,258,048 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXR7.dll

[2010/03/26 13:30:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero

[2010/03/26 13:27:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help

[2010/03/26 13:26:27 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Works

[2010/03/26 13:26:22 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\MSBuild

[2010/03/26 13:26:19 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Office

[2010/03/26 13:26:16 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Visual Studio

[2010/03/26 13:26:16 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\DESIGNER

[2010/03/26 13:26:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft.NET

[2010/03/26 13:26:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010/03/26 13:25:02 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Visual Studio 8

[2010/03/26 13:24:49 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\System

[2010/03/26 13:24:38 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\Microsoft Help

[2010/03/26 13:24:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2010/03/26 13:22:38 | 000,000,000 | R--D | C] -- C:\MSOCache

[2010/03/26 13:19:36 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Videos

[2010/03/26 13:19:36 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Searches

[2010/03/26 13:19:36 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Links

[2010/03/26 13:19:36 | 000,000,000 | R--D | M] -- C:\Users\Lucas\Contacts

[2010/03/26 13:19:28 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Identities

[2010/03/26 13:19:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Local\VirtualStore

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\AppData\Local\Temporary Internet Files

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\SendTo

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Recent

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Modelos

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Meus documentos

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Menu Iniciar

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\AppData\Local\Histórico

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Dados de aplicativos

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\AppData\Local\Dados de aplicativos

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Cookies

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Configurações locais

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Ambiente de rede

[2010/03/26 13:19:10 | 000,000,000 | -HSD | M] -- C:\Users\Lucas\Ambiente de impressão

[2010/03/26 13:19:10 | 000,000,000 | -HSD | C] -- C:\Users\Lucas\Documents\Minhas músicas

[2010/03/26 13:19:10 | 000,000,000 | -HSD | C] -- C:\Users\Lucas\Documents\Minhas imagens

[2010/03/26 13:19:10 | 000,000,000 | -HSD | C] -- C:\Users\Lucas\Documents\Meus vídeos

[2010/03/26 13:19:10 | 000,000,000 | -H-D | M] -- C:\Users\Lucas\AppData

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\Arquivos de Programas\Common Files\Sistema

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modelos

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Iniciar

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoritos

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documentos

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dados de aplicativos

[2010/03/26 13:19:02 | 000,000,000 | -HSD | M] -- C:\Arquivos de Programas\Arquivos Comuns

[2010/03/26 13:19:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2010/03/26 13:19:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2010/03/26 13:19:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2010/03/26 13:19:02 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas

[2010/03/26 13:19:02 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows NT

[2010/03/26 13:19:02 | 000,000,000 | ---D | C] -- C:\Recovery

[2010/03/26 13:16:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/03/26 13:13:45 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2010/03/26 13:13:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2010/03/26 13:12:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2009/07/14 05:53:54 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\DVD Maker

[2009/07/14 05:53:52 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Microsoft Games

[2009/07/14 05:53:48 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Journal

[2009/07/14 05:53:32 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew

[2009/07/14 05:53:32 | 000,000,000 | ---D | C] -- C:\Windows\ehome

[2009/07/14 05:53:31 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents

[2009/07/14 05:53:30 | 000,000,000 | ---D | C] -- C:\Windows\RemotePackages

[2009/07/14 05:53:30 | 000,000,000 | ---D | C] -- C:\Windows\CSC

[2009/07/14 05:52:54 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Media Center Programs

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Sidebar

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Photo Viewer

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Media Player

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Mail

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Defender

[2009/07/14 05:31:03 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Internet Explorer

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\winrm

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\slmgr

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\pt-BR

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\en-US

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\en

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker

[2009/07/14 05:31:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\0409

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCN

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\pt-BR

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\Printing_Admin_Scripts

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\en-US

[2009/07/14 05:31:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US

[2009/07/14 05:30:37 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-BR\yk62x86.sys.mui

[2009/07/14 05:30:37 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerId.sys.mui

[2009/07/14 05:30:37 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerIb.sys.mui

[2009/07/14 05:30:37 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-BR\ltmdmnt.sys.mui

[2009/07/14 05:30:36 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-BR\pscr.sys.mui

[2009/07/14 05:30:36 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrParwdm.sys.mui

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop

[2009/07/14 01:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data

[2009/07/14 01:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos

[2009/07/14 01:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures

[2009/07/14 01:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music

[2009/07/14 01:53:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings

[2009/07/14 01:53:23 | 000,000,000 | -H-D | M] -- C:\Arquivos de Programas\Uninstall Information

[2009/07/14 01:52:32 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Windows Portable Devices

[2009/07/14 01:52:30 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Reference Assemblies

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WinBioPlugIns

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WinBioDatabase

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\twain_32

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\restore

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Performance

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Offline Web Pages

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\FxsTmp

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics

[2009/07/14 01:52:30 | 000,000,000 | ---D | C] -- C:\Windows\addins

[2009/07/14 01:34:21 | 000,000,000 | ---D | C] -- C:\Windows\debug

[2009/07/14 01:34:16 | 000,000,000 | ---D | C] -- C:\Windows\Setup

[2009/07/14 01:34:13 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles

[2009/07/14 01:34:06 | 000,000,000 | --SD | C] -- C:\Windows\System32\Microsoft

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-TW

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-HK

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CN

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\winsxs

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\winevt

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wfp

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Web

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wdi

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wbem

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Vss

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\uk-UA

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr-TR

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\tracing

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\th-TH

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Temp

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Tasks

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\Tasks

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\TAPI

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sysprep

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv-SE

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sr-Latn-CS

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sppui

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\spp

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\spool

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\Speech

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SMI

[2009/07/13 23:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sl-SI

[2009/07/13 23:37:08 | 000,000,000 | -H-D | C] -- C:\Windows\System32\GroupPolicy

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\sk-SK

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Setup

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru-RU

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ro-RO

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Recovery

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ras

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt-PT

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt-BR

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pl-PL

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\oobe

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl-NL

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\NetworkList

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\NDF

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\nb-NO

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\MUI

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Msdtc

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\migwiz

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\migration

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\manifeststore

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\lv-LV

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\lt-LT

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\LogFiles

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko-KR

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja-JP

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\it-IT

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\inetsrv

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\IME

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\icsxml

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ias

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\hu-HU

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\hr-HR

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\he-IL

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\GroupPolicyUsers

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr-FR

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\fi-FI

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\et-EE

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\etc

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-ES

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\en-US

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\el-GR

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\DriverStore

[2009/07/13 23:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\system

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Speech

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\servicing

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\security

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\schemas

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\SchCache

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Resources

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\rescache

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Registration

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\PLA

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft.NET

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Dism

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\de-DE

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\da-DK

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\cs-CZ

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\config

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\com

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\CodeIntegrity

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Boot

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\bg-BG

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar-SA

[2009/07/13 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\AdvancedInstallers

[2009/07/13 23:37:06 | 000,000,000 | R-SD | C] -- C:\Windows\Media

[2009/07/13 23:37:06 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Logs

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\inf

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\IME

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Help

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Globalization

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Cursors

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Branding

[2009/07/13 23:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Boot

[2009/07/13 23:37:05 | 000,000,000 | R-SD | C] -- C:\Windows\assembly

[2009/07/13 23:37:05 | 000,000,000 | R--D | C] -- C:\Users

[2009/07/13 23:37:05 | 000,000,000 | R--D | C] -- C:\Program Files

[2009/07/13 23:37:05 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\SpeechEngines

[2009/07/13 23:37:05 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Common Files\Services

[2009/07/13 23:37:05 | 000,000,000 | ---D | C] -- C:\Windows

[2009/07/13 23:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData

[2009/07/13 23:37:05 | 000,000,000 | ---D | C] -- C:\PerfLogs

[2009/07/13 23:37:05 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch

[2009/07/13 23:37:05 | 000,000,000 | ---D | C] -- C:\Windows\AppCompat

[2009/07/13 21:59:16 | 000,013,568 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys

[2009/07/13 21:59:14 | 000,017,408 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\brcoinst.dll

[2009/07/13 21:59:02 | 000,062,336 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys

[2009/07/13 21:58:59 | 000,005,248 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys

[2009/07/13 21:58:35 | 000,011,904 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys

[2009/07/13 21:58:27 | 000,012,160 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys

[2009/07/13 21:57:25 | 000,272,128 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys

[2009/07/13 20:25:34 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll

[2009/07/13 19:54:14 | 000,026,624 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\System32\drivers\hcw85cir.sys

[2009/07/13 19:09:19 | 000,095,824 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_fc.sys

[2009/07/13 19:09:18 | 000,096,848 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_scsi.sys

[2009/07/13 19:09:18 | 000,089,168 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_sas.sys

[2009/07/13 19:09:18 | 000,077,888 | ---- | C] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys

[2009/07/13 19:09:18 | 000,054,864 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_sas2.sys

[2009/07/13 19:09:18 | 000,021,072 | ---- | C] (Promise Technology) -- C:\Windows\System32\drivers\stexstor.sys

[2009/07/13 19:09:17 | 000,235,584 | ---- | C] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys

[2009/07/13 19:09:17 | 000,086,608 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys

[2009/07/13 19:09:17 | 000,076,368 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys

[2009/07/13 19:09:17 | 000,041,040 | ---- | C] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys

[2009/07/13 19:09:16 | 000,297,552 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys

[2009/07/13 19:09:16 | 000,146,512 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys

[2009/06/10 18:20:26 | 000,070,720 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys

[2009/06/10 18:20:24 | 000,141,904 | ---- | C] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys

[2009/06/10 18:20:08 | 000,040,016 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys

[2009/06/10 18:20:03 | 000,159,312 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\System32\drivers\amdsbs.sys

[2009/06/10 18:19:35 | 000,030,800 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys

[2009/06/10 18:19:19 | 000,453,712 | ---- | C] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys

[2009/06/10 18:19:05 | 000,422,976 | ---- | C] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys

[2009/06/10 18:18:34 | 000,139,776 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rt86win7.sys

[2009/06/10 18:18:33 | 000,545,792 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr73.sys

 

========== Files - Modified Within All Days ==========

 

[2010/05/02 15:38:22 | 001,835,008 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT

[2010/05/02 15:32:29 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Lucas\Ambiente de rede\Desktop\OTL.exe

[2010/05/02 15:30:12 | 001,499,760 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/05/02 15:30:12 | 000,657,176 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2010/05/02 15:30:12 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/05/02 15:30:12 | 000,125,568 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2010/05/02 15:30:12 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/05/02 15:26:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/05/02 15:25:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/05/02 15:25:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/05/02 15:25:49 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys

[2010/05/02 01:18:43 | 024,868,676 | -H-- | M] () -- C:\Users\Lucas\AppData\Local\IconCache.db

[2010/05/02 01:02:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/05/02 00:53:54 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/05/02 00:53:54 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/05/01 22:52:55 | 000,413,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/04/28 01:21:22 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2010/04/27 17:42:49 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe

[2010/04/24 14:50:25 | 000,000,822 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/04/23 17:20:16 | 000,000,000 | -H-- | M] () -- C:\Users\Lucas\Documents\Default.rdp

[2010/04/21 02:05:59 | 000,007,620 | ---- | M] () -- C:\Users\Lucas\AppData\Local\Resmon.ResmonCfg

[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/03/28 12:20:50 | 000,000,792 | RHS- | M] () -- C:\Users\Lucas\ntuser.pol

[2010/03/28 12:18:53 | 000,000,792 | RHS- | M] () -- C:\ProgramData\ntuser.pol

[2010/03/27 12:42:02 | 000,000,092 | ---- | M] () -- C:\Windows\lexstat.ini

[2010/03/27 11:14:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/03/27 11:14:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/03/26 15:44:03 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat

[2010/03/26 14:05:28 | 000,108,824 | ---- | M] () -- C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT

[2010/03/26 13:35:58 | 000,524,288 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/03/26 13:35:58 | 000,524,288 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/03/26 13:35:58 | 000,065,536 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/03/26 13:31:30 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010/03/26 13:24:50 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini

[2010/03/26 13:19:10 | 000,000,020 | -HS- | M] () -- C:\Users\Lucas\ntuser.ini

[2010/03/26 13:16:37 | 000,051,953 | ---- | M] () -- C:\Windows\System32\license.rtf

[2010/03/26 13:15:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/03/01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010/02/16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2009/10/25 06:11:34 | 000,077,312 | ---- | M] () -- C:\Windows\MBR.exe

[2009/07/14 05:30:56 | 000,323,154 | ---- | M] () -- C:\Windows\System32\prfi0416.dat

[2009/07/14 05:30:56 | 000,038,536 | ---- | M] () -- C:\Windows\System32\prfd0416.dat

[2009/07/14 05:30:37 | 000,033,792 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\pt-BR\yk62x86.sys.mui

[2009/07/14 05:30:37 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerId.sys.mui

[2009/07/14 05:30:37 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerIb.sys.mui

[2009/07/14 05:30:37 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\pt-BR\ltmdmnt.sys.mui

[2009/07/14 05:30:36 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-BR\pscr.sys.mui

[2009/07/14 05:30:36 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrParwdm.sys.mui

[2009/07/14 01:56:51 | 000,021,504 | ---- | M] () -- C:\Windows\System32\umstartup.etl

[2009/07/14 01:47:13 | 000,009,216 | ---- | M] () -- C:\Windows\System32\umstartup000.etl

[2009/07/14 01:42:29 | 000,001,244 | ---- | M] () -- C:\Windows\System32\migwiz.lnk

[2009/07/14 01:42:26 | 000,000,535 | ---- | M] () -- C:\Windows\System32\mapisvc.inf

[2009/07/14 01:41:57 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest

[2009/07/13 22:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys

[2009/07/13 22:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys

[2009/07/13 22:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\System32\drivers\amdsbs.sys

[2009/07/13 22:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys

[2009/07/13 22:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys

[2009/07/13 22:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys

[2009/07/13 22:20:37 | 000,089,168 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_sas.sys

[2009/07/13 22:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys

[2009/07/13 22:20:36 | 000,096,848 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_scsi.sys

[2009/07/13 22:20:36 | 000,095,824 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_fc.sys

[2009/07/13 22:20:36 | 000,054,864 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\lsi_sas2.sys

[2009/07/13 22:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys

[2009/07/13 22:20:36 | 000,030,800 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys

[2009/07/13 22:20:28 | 000,453,712 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys

[2009/07/13 22:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys

[2009/07/13 22:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys

[2009/07/13 22:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys

[2009/07/13 22:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys

[2009/07/13 22:19:04 | 000,021,072 | ---- | M] (Promise Technology) -- C:\Windows\System32\drivers\stexstor.sys

[2009/07/13 22:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll

[2009/07/13 22:15:21 | 000,093,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll

[2009/07/13 22:15:00 | 000,073,728 | ---- | M] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 22:15:00 | 000,064,000 | ---- | M] () -- C:\Windows\System32\BWContextHandler.dll

[2009/07/13 22:15:00 | 000,017,408 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\brcoinst.dll

[2009/07/13 22:14:46 | 000,001,536 | ---- | M] () -- C:\Windows\System32\winver.exe

[2009/07/13 22:14:28 | 000,066,048 | ---- | M] () -- C:\Windows\System32\PrintBrmUi.exe

[2009/07/13 21:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys

[2009/07/13 21:34:40 | 000,291,294 | ---- | M] () -- C:\Windows\System32\perfi009.dat

[2009/07/13 21:34:38 | 000,031,548 | ---- | M] () -- C:\Windows\System32\perfd009.dat

[2009/07/13 20:06:14 | 000,004,453 | ---- | M] () -- C:\Windows\System32\odbcconf.rsp

[2009/07/13 19:58:08 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin

[2009/07/13 19:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\System32\drivers\hcw85cir.sys

[2009/07/13 19:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys

[2009/07/13 19:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys

[2009/07/13 19:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys

[2009/07/13 19:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys

[2009/07/13 19:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys

[2009/07/13 19:38:23 | 000,071,951 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2009/07/13 19:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr73.sys

[2009/07/13 19:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rt86win7.sys

[2009/07/13 18:41:56 | 000,053,552 | ---- | M] () -- C:\Windows\System32\dosx.exe

[2009/07/13 18:41:05 | 000,000,718 | ---- | M] () -- C:\Windows\System32\mscdexnt.exe

[2009/07/13 18:41:04 | 000,002,842 | ---- | M] () -- C:\Windows\System32\redir.exe

[2009/07/13 18:41:02 | 000,000,882 | ---- | M] () -- C:\Windows\System32\share.exe

[2009/07/13 18:41:02 | 000,000,882 | ---- | M] () -- C:\Windows\System32\fastopen.exe

[2009/07/13 18:41:01 | 000,019,694 | ---- | M] () -- C:\Windows\System32\GRAPHICS.COM

[2009/07/13 18:40:59 | 000,014,710 | ---- | M] () -- C:\Windows\System32\KB16.COM

[2009/07/13 18:40:57 | 000,007,052 | ---- | M] () -- C:\Windows\System32\nlsfunc.exe

[2009/07/13 18:40:57 | 000,001,131 | ---- | M] () -- C:\Windows\System32\LOADFIX.COM

[2009/07/13 18:40:56 | 000,039,274 | ---- | M] () -- C:\Windows\System32\mem.exe

[2009/07/13 18:40:54 | 000,011,753 | ---- | M] () -- C:\Windows\System32\setver.exe

[2009/07/13 18:40:52 | 000,020,634 | ---- | M] () -- C:\Windows\System32\debug.exe

[2009/07/13 18:40:51 | 000,008,424 | ---- | M] () -- C:\Windows\System32\exe2bin.exe

[2009/07/13 18:40:50 | 000,012,642 | ---- | M] () -- C:\Windows\System32\edlin.exe

[2009/07/13 18:40:49 | 000,012,498 | ---- | M] () -- C:\Windows\System32\append.exe

[2009/07/13 18:40:48 | 000,050,648 | ---- | M] () -- C:\Windows\System32\COMMAND.COM

[2009/07/13 18:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys

[2009/07/13 18:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS

[2009/07/13 18:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS

[2009/07/13 18:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS

[2009/07/13 18:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS

[2009/07/13 18:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS

[2009/07/13 18:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS

[2009/07/13 18:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS

[2009/07/13 18:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS

[2009/07/13 18:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS

[2009/07/13 18:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS

[2009/07/13 18:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS

[2009/07/13 18:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS

[2009/07/13 18:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS

[2009/07/13 18:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS

[2009/07/13 18:38:33 | 000,000,610 | ---- | M] () -- C:\Windows\System32\WdsUnattendTemplate.xml

[2009/07/13 17:29:26 | 000,000,714 | ---- | M] () -- C:\Windows\System32\RestartManager.mof

[2009/07/13 17:29:26 | 000,000,176 | ---- | M] () -- C:\Windows\System32\RestartManagerUninstall.mof

[2009/07/13 17:26:31 | 000,419,952 | ---- | M] () -- C:\Windows\System32\locale.nls

[2009/06/10 18:48:27 | 000,009,958 | ---- | M] () -- C:\Windows\System32\l_intl.nls

[2009/06/10 18:48:26 | 000,067,808 | ---- | M] () -- C:\Windows\System32\normnfkc.nls

[2009/06/10 18:48:26 | 000,061,718 | ---- | M] () -- C:\Windows\System32\normnfkd.nls

[2009/06/10 18:48:26 | 000,059,342 | ---- | M] () -- C:\Windows\System32\normidna.nls

[2009/06/10 18:48:26 | 000,047,076 | ---- | M] () -- C:\Windows\System32\normnfc.nls

[2009/06/10 18:48:26 | 000,040,566 | ---- | M] () -- C:\Windows\System32\normnfd.nls

[2009/06/10 18:48:18 | 000,180,770 | ---- | M] () -- C:\Windows\System32\C_20932.NLS

[2009/06/10 18:48:18 | 000,177,698 | ---- | M] () -- C:\Windows\System32\C_20949.NLS

[2009/06/10 18:48:18 | 000,173,602 | ---- | M] () -- C:\Windows\System32\C_20936.NLS

[2009/06/10 18:48:17 | 000,195,618 | ---- | M] () -- C:\Windows\System32\C_10002.NLS

[2009/06/10 18:48:17 | 000,177,698 | ---- | M] () -- C:\Windows\System32\C_10003.NLS

[2009/06/10 18:48:17 | 000,173,602 | ---- | M] () -- C:\Windows\System32\C_10008.NLS

[2009/06/10 18:48:17 | 000,162,850 | ---- | M] () -- C:\Windows\System32\C_10001.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_869.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_866.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_865.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_864.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_863.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_862.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_861.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_860.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_858.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_857.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_855.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_852.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_850.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_775.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_737.NLS

[2009/06/10 18:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_437.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10082.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10081.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10079.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10029.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10021.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10017.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10010.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10007.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10006.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10005.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10004.NLS

[2009/06/10 18:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_10000.NLS

[2009/06/10 18:48:16 | 000,189,986 | ---- | M] () -- C:\Windows\System32\C_1361.NLS

[2009/06/10 18:48:16 | 000,187,938 | ---- | M] () -- C:\Windows\System32\C_20005.NLS

[2009/06/10 18:48:16 | 000,186,402 | ---- | M] () -- C:\Windows\System32\C_20001.NLS

[2009/06/10 18:48:16 | 000,185,378 | ---- | M] () -- C:\Windows\System32\C_20003.NLS

[2009/06/10 18:48:16 | 000,180,258 | ---- | M] () -- C:\Windows\System32\C_20004.NLS

[2009/06/10 18:48:16 | 000,180,258 | ---- | M] () -- C:\Windows\System32\C_20000.NLS

[2009/06/10 18:48:16 | 000,173,602 | ---- | M] () -- C:\Windows\System32\C_20002.NLS

[2009/06/10 18:48:16 | 000,139,810 | ---- | M] () -- C:\Windows\System32\C_20261.NLS

[2009/06/10 18:48:16 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_720.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_708.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28605.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\c_28603.nls

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28599.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28598.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28597.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28596.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28595.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28594.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28593.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28592.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_28591.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_21866.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_21027.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20866.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20269.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20127.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20108.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20107.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20106.NLS

[2009/06/10 18:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20105.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_875.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_870.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_500.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_21025.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20924.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20905.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20880.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20871.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20838.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20833.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20424.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20423.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20420.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20297.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20290.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20285.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20284.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20280.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20278.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20277.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_20273.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1149.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1148.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1147.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1146.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1145.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1144.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1143.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1142.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1141.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1140.NLS

[2009/06/10 18:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1047.NLS

[2009/06/10 18:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\System32\C_950.NLS

[2009/06/10 18:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\System32\C_949.NLS

[2009/06/10 18:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\System32\C_936.NLS

[2009/06/10 18:48:14 | 000,162,850 | ---- | M] () -- C:\Windows\System32\C_932.NLS

[2009/06/10 18:48:14 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_874.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1258.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1257.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1256.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1255.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1254.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1253.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1252.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1251.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1250.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_1026.NLS

[2009/06/10 18:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\System32\C_037.NLS

[2009/06/10 18:47:11 | 000,047,679 | ---- | M] () -- C:\Windows\System32\diskmgmt.msc

[2009/06/10 18:46:53 | 000,008,280 | ---- | M] () -- C:\Windows\System32\spcinstrumentation.man

[2009/06/10 18:46:40 | 000,152,516 | ---- | M] () -- C:\Windows\System32\systemsf.ebd

[2009/06/10 18:46:28 | 000,105,371 | ---- | M] () -- C:\Windows\System32\RacRules.xml

[2009/06/10 18:46:08 | 000,145,640 | ---- | M] () -- C:\Windows\System32\devmgmt.msc

[2009/06/10 18:44:34 | 003,170,304 | ---- | M] () -- C:\Windows\System32\boot.sdi

[2009/06/10 18:43:22 | 000,000,874 | ---- | M] () -- C:\Windows\System32\manage-bde.wsf

[2009/06/10 18:43:20 | 000,144,862 | ---- | M] () -- C:\Windows\System32\tpm.msc

[2009/06/10 18:42:54 | 000,028,420 | ---- | M] () -- C:\Windows\System32\bios1.rom

[2009/06/10 18:42:54 | 000,018,832 | ---- | M] () -- C:\Windows\System32\v7vga.rom

[2009/06/10 18:42:54 | 000,008,191 | ---- | M] () -- C:\Windows\System32\bios4.rom

[2009/06/10 18:42:49 | 000,000,707 | ---- | M] () -- C:\Windows\_default.pif

[2009/06/10 18:42:32 | 000,069,886 | ---- | M] () -- C:\Windows\System32\edit.com

[2009/06/10 18:42:32 | 000,021,232 | ---- | M] () -- C:\Windows\System32\graphics.pro

[2009/06/10 18:42:32 | 000,010,790 | ---- | M] () -- C:\Windows\System32\EDIT.HLP

[2009/06/10 18:42:20 | 000,013,312 | ---- | M] () -- C:\Windows\System32\win87em.dll

[2009/06/10 18:42:20 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt

[2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2009/06/10 18:42:08 | 000,000,843 | ---- | M] () -- C:\Windows\System32\onlinesetup.cmd

[2009/06/10 18:42:07 | 000,004,041 | ---- | M] () -- C:\Windows\System32\xwizard.dtd

[2009/06/10 18:41:29 | 000,211,938 | ---- | M] () -- C:\Windows\System32\lcphrase.tbl

[2009/06/10 18:41:29 | 000,024,114 | ---- | M] () -- C:\Windows\System32\lcptr.tbl

[2009/06/10 18:40:51 | 000,146,389 | ---- | M] () -- C:\Windows\System32\printmanagement.msc

[2009/06/10 18:40:47 | 000,201,034 | ---- | M] () -- C:\Windows\System32\winrm.vbs

[2009/06/10 18:40:47 | 000,004,675 | ---- | M] () -- C:\Windows\System32\wsmanconfig_schema.xml

[2009/06/10 18:40:47 | 000,002,426 | ---- | M] () -- C:\Windows\System32\WsmTxt.xsl

[2009/06/10 18:40:47 | 000,001,559 | ---- | M] () -- C:\Windows\System32\WsmPty.xsl

[2009/06/10 18:40:47 | 000,000,035 | ---- | M] () -- C:\Windows\System32\winrm.cmd

[2009/06/10 18:40:16 | 000,146,036 | ---- | M] () -- C:\Windows\System32\drivers\VSTProf.cty

[2009/06/10 18:39:59 | 000,060,124 | ---- | M] () -- C:\Windows\System32\tcpmon.ini

[2009/06/10 18:39:59 | 000,001,041 | ---- | M] () -- C:\Windows\System32\tcpbidi.xml

[2009/06/10 18:39:54 | 000,003,577 | ---- | M] () -- C:\Windows\System32\sysprtj.sep

[2009/06/10 18:39:54 | 000,003,214 | ---- | M] () -- C:\Windows\System32\sysprint.sep

[2009/06/10 18:39:53 | 000,000,114 | ---- | M] () -- C:\Windows\System32\pcl.sep

[2009/06/10 18:39:53 | 000,000,051 | ---- | M] () -- C:\Windows\System32\pscript.sep

[2009/06/10 18:39:44 | 000,144,673 | ---- | M] () -- C:\Windows\System32\WmiMgmt.msc

[2009/06/10 18:39:37 | 000,017,463 | ---- | M] () -- C:\Windows\System32\drivers\etc\services

[2009/06/10 18:39:37 | 000,003,683 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts.sam

[2009/06/10 18:39:37 | 000,001,358 | ---- | M] () -- C:\Windows\System32\drivers\etc\protocol

[2009/06/10 18:39:37 | 000,000,407 | ---- | M] () -- C:\Windows\System32\drivers\etc\networks

[2009/06/10 18:39:18 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h

[2009/06/10 18:38:48 | 000,113,543 | ---- | M] () -- C:\Windows\System32\slmgr.vbs

[2009/06/10 18:38:43 | 000,145,059 | ---- | M] () -- C:\Windows\System32\taskschd.msc

[2009/06/10 18:38:33 | 000,145,127 | ---- | M] () -- C:\Windows\System32\eventvwr.msc

[2009/06/10 18:38:10 | 000,017,935 | ---- | M] () -- C:\Windows\System32\EventViewer_EventDetails.xsl

[2009/06/10 18:36:33 | 000,063,070 | ---- | M] () -- C:\Windows\System32\certmgr.msc

[2009/06/10 18:35:57 | 000,120,458 | ---- | M] () -- C:\Windows\System32\secpol.msc

[2009/06/10 18:34:45 | 000,215,943 | ---- | M] () -- C:\Windows\System32\dssec.dat

[2009/06/10 18:34:23 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx

[2009/06/10 18:32:47 | 000,000,741 | ---- | M] () -- C:\Windows\System32\NOISE.DAT

[2009/06/10 18:32:07 | 000,002,060 | ---- | M] () -- C:\Windows\System32\noise.jpn

[2009/06/10 18:31:26 | 000,145,519 | ---- | M] () -- C:\Windows\System32\perfmon.msc

[2009/06/10 18:30:15 | 000,093,702 | ---- | M] () -- C:\Windows\System32\SubRange.uce

[2009/06/10 18:30:14 | 000,060,458 | ---- | M] () -- C:\Windows\System32\ideograf.uce

[2009/06/10 18:30:14 | 000,024,006 | ---- | M] () -- C:\Windows\System32\gb2312.uce

[2009/06/10 18:30:14 | 000,022,984 | ---- | M] () -- C:\Windows\System32\bopomofo.uce

[2009/06/10 18:30:14 | 000,016,740 | ---- | M] () -- C:\Windows\System32\ShiftJIS.uce

[2009/06/10 18:30:14 | 000,012,876 | ---- | M] () -- C:\Windows\System32\korean.uce

[2009/06/10 18:30:14 | 000,008,484 | ---- | M] () -- C:\Windows\System32\kanji_2.uce

[2009/06/10 18:30:14 | 000,006,948 | ---- | M] () -- C:\Windows\System32\kanji_1.uce

[2009/06/10 18:29:34 | 000,000,697 | ---- | M] () -- C:\Windows\System32\NOISE.THA

[2009/06/10 18:29:29 | 011,967,524 | ---- | M] () -- C:\Windows\System32\korwbrkr.lex

[2009/06/10 18:29:29 | 000,001,486 | ---- | M] () -- C:\Windows\System32\noise.kor

[2009/06/10 18:29:28 | 000,001,696 | ---- | M] () -- C:\Windows\System32\NOISE.CHT

[2009/06/10 18:29:17 | 000,001,696 | ---- | M] () -- C:\Windows\System32\NOISE.CHS

[2009/06/10 18:28:59 | 000,147,439 | ---- | M] () -- C:\Windows\System32\gpedit.msc

[2009/06/10 18:28:59 | 000,043,566 | ---- | M] () -- C:\Windows\System32\rsop.msc

[2009/06/10 18:27:46 | 000,115,091 | ---- | M] () -- C:\Windows\System32\WF.msc

[2009/06/10 18:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf

[2009/06/10 18:26:15 | 000,144,998 | ---- | M] () -- C:\Windows\System32\lusrmgr.msc

[2009/06/10 18:26:10 | 000,673,088 | ---- | M] () -- C:\Windows\System32\mlang.dat

[2009/06/10 18:26:01 | 000,127,213 | ---- | M] () -- C:\Windows\System32\ega.cpi

[2009/06/10 18:25:52 | 000,063,411 | ---- | M] () -- C:\Windows\System32\NAPCLCFG.MSC

[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () -- C:\Windows\System32\services.msc

[2009/06/10 18:21:07 | 000,144,909 | ---- | M] () -- C:\Windows\System32\fsmgmt.msc

[2009/06/10 18:21:06 | 000,113,256 | ---- | M] () -- C:\Windows\System32\compmgmt.msc

[2009/06/10 18:21:06 | 000,041,587 | ---- | M] () -- C:\Windows\System32\azman.msc

[2009/06/10 18:19:31 | 002,584,543 | ---- | M] () -- C:\Windows\System32\iglhxa32.cpa

[2009/06/10 18:19:31 | 000,060,072 | ---- | M] () -- C:\Windows\System32\iglhxg32.vp

[2009/06/10 18:19:31 | 000,059,105 | ---- | M] () -- C:\Windows\System32\iglhxo32.vp

[2009/06/10 18:19:31 | 000,058,952 | ---- | M] () -- C:\Windows\System32\iglhxc32.vp

[2009/06/10 18:19:31 | 000,039,292 | ---- | M] () -- C:\Windows\System32\iglhxs32.vp

[2009/06/10 18:19:31 | 000,001,073 | ---- | M] () -- C:\Windows\System32\iglhxa32.vp

[2009/06/10 18:19:27 | 000,001,405 | ---- | M] () -- C:\Windows\msdfmap.ini

[2009/06/10 18:19:05 | 000,040,552 | ---- | M] () -- C:\Windows\System32\gatherNetworkInfo.vbs

[2009/06/10 18:19:05 | 000,021,812 | ---- | M] () -- C:\Windows\System32\NetTrace.PLA.Diagnostics.xml

[2009/06/10 18:18:29 | 000,000,565 | ---- | M] () -- C:\Windows\System32\NdfEventView.xml

[2009/06/10 18:17:44 | 000,124,118 | ---- | M] () -- C:\Windows\System32\comexp.msc

[2009/06/10 18:17:19 | 000,116,288 | ---- | M] () -- C:\Windows\System32\PerfCenterCpl.ico

[2009/06/10 18:16:56 | 000,002,233 | ---- | M] () -- C:\Windows\System32\12520850.cpx

[2009/06/10 18:16:56 | 000,002,151 | ---- | M] () -- C:\Windows\System32\12520437.cpx

[2009/06/10 18:16:38 | 000,002,727 | ---- | M] () -- C:\Windows\System32\locationnotificationsview.xml

[2009/06/10 18:15:19 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat

[2009/06/10 18:15:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat

[2009/06/10 18:15:06 | 000,076,060 | ---- | M] () -- C:\Windows\System32\xpsrchvw.xml

[2009/06/10 18:14:45 | 000,051,867 | ---- | M] () -- C:\Windows\Ultimate.xml

[2009/06/10 18:14:45 | 000,048,201 | ---- | M] () -- C:\Windows\Starter.xml

[2009/06/10 18:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\System32\drivers\gm.dls

[2009/05/11 11:49:28 | 000,051,992 | ---- | M] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2009/05/11 11:49:28 | 000,017,016 | ---- | M] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) -- C:\Windows\NIRCMD.exe

[2009/01/19 10:30:02 | 000,068,608 | ---- | M] (VIA Technologies,Inc.) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll

[2009/01/19 10:29:58 | 000,181,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\ViaMicArrayAPO.dll

[2009/01/08 23:53:44 | 000,205,824 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll

[2007/12/04 00:28:00 | 000,076,288 | ---- | M] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll

[2007/12/04 00:28:00 | 000,071,680 | ---- | M] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll

[2006/03/17 14:49:46 | 000,368,640 | ---- | M] (Pegasus Imaging Corporation) -- C:\Windows\System32\TwnLib4.dll

[2006/03/17 11:45:54 | 000,802,816 | ---- | M] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXRA7.dll

[2006/03/17 11:45:54 | 000,497,296 | ---- | M] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXpr7.dll

[2006/03/17 11:45:54 | 000,258,048 | ---- | M] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXR7.dll

[2006/03/17 11:45:52 | 001,757,184 | ---- | M] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagX7.dll

[2005/07/26 14:04:00 | 000,034,816 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\Users\Lucas\Ambiente de rede\Desktop\IBProcMan.exe

[2005/03/11 18:37:10 | 001,986,560 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll

[2005/03/10 17:00:30 | 000,454,656 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll

[2005/02/24 16:21:12 | 000,458,752 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll

[2005/02/24 13:11:56 | 000,479,232 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll

[2005/02/24 13:11:06 | 001,212,416 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll

[2005/02/24 13:10:30 | 000,417,792 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll

[2005/02/24 13:10:10 | 002,084,864 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll

[2005/01/10 13:54:42 | 000,116,296 | ---- | M] () -- C:\Windows\System32\NCTWMAProfiles.prx

[2004/08/13 09:56:20 | 000,005,810 | ---- | M] () -- C:\Windows\System32\drivers\ASACPI.sys

[2000/08/31 08:00:00 | 000,212,480 | ---- | M] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2000/08/31 08:00:00 | 000,161,792 | ---- | M] (SteelWerX) -- C:\Windows\SWREG.exe

[2000/08/31 08:00:00 | 000,136,704 | ---- | M] (SteelWerX) -- C:\Windows\SWSC.exe

[2000/08/31 08:00:00 | 000,098,816 | ---- | M] () -- C:\Windows\sed.exe

[2000/08/31 08:00:00 | 000,080,412 | ---- | M] () -- C:\Windows\grep.exe

[2000/08/31 08:00:00 | 000,068,096 | ---- | M] () -- C:\Windows\zip.exe

[1999/01/08 10:19:42 | 000,025,360 | ---- | M] () -- C:\Windows\System32\VBAPTB32.OLB

[1997/04/18 11:53:26 | 000,298,496 | ---- | M] (InstallShield Corporation, Inc.) -- C:\Windows\unin0416.exe

 

========== Files Created - No Company Name ==========

 

[2010/04/27 17:35:20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010/04/27 17:35:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010/04/27 17:35:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010/04/27 17:35:20 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010/04/27 17:35:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010/04/26 20:01:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2010/04/23 17:20:16 | 000,000,000 | -H-- | C] () -- C:\Users\Lucas\Documents\Default.rdp

[2010/04/21 00:52:48 | 000,007,620 | ---- | C] () -- C:\Users\Lucas\AppData\Local\Resmon.ResmonCfg

[2010/04/20 00:27:20 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx

[2010/03/27 13:01:27 | 000,000,792 | RHS- | C] () -- C:\Users\Lucas\ntuser.pol

[2010/03/27 12:59:35 | 000,000,792 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/03/27 12:52:41 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/03/27 12:52:40 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/03/27 12:34:30 | 000,000,092 | ---- | C] () -- C:\Windows\lexstat.ini

[2010/03/27 11:14:44 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2010/03/27 11:14:44 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2010/03/26 15:44:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010/03/26 13:19:10 | 000,000,020 | -HS- | C] () -- C:\Users\Lucas\ntuser.ini

[2010/03/26 13:19:09 | 001,835,008 | -HS- | C] () -- C:\Users\Lucas\NTUSER.DAT

[2010/03/26 13:19:09 | 000,524,288 | -HS- | C] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/03/26 13:19:09 | 000,524,288 | -HS- | C] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/03/26 13:19:09 | 000,262,144 | -HS- | C] () -- C:\Users\Lucas\ntuser.dat.LOG1

[2010/03/26 13:19:09 | 000,065,536 | -HS- | C] () -- C:\Users\Lucas\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/03/26 13:19:09 | 000,000,000 | -HS- | C] () -- C:\Users\Lucas\ntuser.dat.LOG2

[2010/03/26 13:15:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/03/26 13:13:30 | 1602,887,680 | -HS- | C] () -- C:\hiberfil.sys

[2009/07/14 05:55:15 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml

[2009/07/14 05:31:12 | 000,657,176 | ---- | C] () -- C:\Windows\System32\prfh0416.dat

[2009/07/14 05:31:12 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat

[2009/07/14 05:31:12 | 000,125,568 | ---- | C] () -- C:\Windows\System32\prfc0416.dat

[2009/07/14 05:31:12 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat

[2009/07/14 01:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 01:48:09 | 000,048,201 | ---- | C] () -- C:\Windows\Starter.xml

[2009/07/14 01:46:52 | 000,051,953 | ---- | C] () -- C:\Windows\System32\license.rtf

[2009/07/14 01:42:29 | 000,001,244 | ---- | C] () -- C:\Windows\System32\migwiz.lnk

[2009/07/14 01:42:26 | 000,000,535 | ---- | C] () -- C:\Windows\System32\mapisvc.inf

[2009/07/14 01:41:57 | 000,000,749 | RH-- | C] () -- C:\Windows\WindowsShell.Manifest

[2009/07/14 01:34:15 | 000,009,584 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2009/07/14 01:34:15 | 000,009,584 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2009/07/14 01:34:00 | 000,021,504 | ---- | C] () -- C:\Windows\System32\umstartup.etl

[2009/07/14 01:34:00 | 000,009,216 | ---- | C] () -- C:\Windows\System32\umstartup000.etl

[2009/07/14 01:33:53 | 000,413,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/13 23:05:48 | 000,609,896 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/13 23:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/13 23:05:48 | 000,104,214 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/13 23:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/13 23:05:05 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex

[2009/07/13 23:05:05 | 000,001,696 | ---- | C] () -- C:\Windows\System32\NOISE.CHT

[2009/07/13 23:05:05 | 000,001,696 | ---- | C] () -- C:\Windows\System32\NOISE.CHS

[2009/07/13 23:05:05 | 000,001,486 | ---- | C] () -- C:\Windows\System32\noise.kor

[2009/07/13 23:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/13 23:05:05 | 000,000,697 | ---- | C] () -- C:\Windows\System32\NOISE.THA

[2009/07/13 23:05:03 | 000,003,683 | ---- | C] () -- C:\Windows\System32\drivers\etc\lmhosts.sam

[2009/07/13 23:04:17 | 000,017,463 | ---- | C] () -- C:\Windows\System32\drivers\etc\services

[2009/07/13 23:04:17 | 000,001,358 | ---- | C] () -- C:\Windows\System32\drivers\etc\protocol

[2009/07/13 23:04:17 | 000,000,822 | ---- | C] () -- C:\Windows\System32\drivers\etc\hosts

[2009/07/13 23:04:17 | 000,000,407 | ---- | C] () -- C:\Windows\System32\drivers\etc\networks

[2009/07/13 23:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/13 23:04:04 | 000,002,577 | ---- | C] () -- C:\Windows\System32\config.nt

[2009/07/13 23:04:04 | 000,001,688 | ---- | C] () -- C:\Windows\System32\autoexec.nt

[2009/07/13 23:04:04 | 000,000,024 | ---- | C] () -- C:\autoexec.bat

[2009/07/13 23:04:04 | 000,000,010 | ---- | C] () -- C:\config.sys

[2009/07/13 23:03:57 | 000,008,798 | ---- | C] () -- C:\Windows\System32\icrav03.rat

[2009/07/13 23:03:57 | 000,001,988 | ---- | C] () -- C:\Windows\System32\ticrf.rat

[2009/07/13 21:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2009/07/13 20:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 20:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/07/13 20:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\System32\winver.exe

[2009/07/13 20:41:24 | 000,093,702 | ---- | C] () -- C:\Windows\System32\SubRange.uce

[2009/07/13 20:41:24 | 000,060,458 | ---- | C] () -- C:\Windows\System32\ideograf.uce

[2009/07/13 20:41:24 | 000,024,006 | ---- | C] () -- C:\Windows\System32\gb2312.uce

[2009/07/13 20:41:24 | 000,016,740 | ---- | C] () -- C:\Windows\System32\ShiftJIS.uce

[2009/07/13 20:41:24 | 000,012,876 | ---- | C] () -- C:\Windows\System32\korean.uce

[2009/07/13 20:41:24 | 000,008,484 | ---- | C] () -- C:\Windows\System32\kanji_2.uce

[2009/07/13 20:41:24 | 000,006,948 | ---- | C] () -- C:\Windows\System32\kanji_1.uce

[2009/07/13 20:11:57 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf

[2009/07/13 20:08:01 | 000,003,577 | ---- | C] () -- C:\Windows\System32\sysprtj.sep

[2009/07/13 20:08:01 | 000,000,114 | ---- | C] () -- C:\Windows\System32\pcl.sep

[2009/07/13 20:08:01 | 000,000,051 | ---- | C] () -- C:\Windows\System32\pscript.sep

[2009/07/13 20:06:14 | 000,004,453 | ---- | C] () -- C:\Windows\System32\odbcconf.rsp

[2009/07/13 19:53:38 | 000,146,389 | ---- | C] () -- C:\Windows\System32\printmanagement.msc

[2009/07/13 19:41:10 | 000,002,233 | ---- | C] () -- C:\Windows\System32\12520850.cpx

[2009/07/13 19:38:23 | 000,071,951 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2009/07/13 19:13:45 | 000,146,036 | ---- | C] () -- C:\Windows\System32\drivers\VSTProf.cty

[2009/07/13 19:12:16 | 000,063,411 | ---- | C] () -- C:\Windows\System32\NAPCLCFG.MSC

[2009/07/13 19:11:17 | 000,115,091 | ---- | C] () -- C:\Windows\System32\WF.msc

[2009/07/13 19:10:48 | 000,021,812 | ---- | C] () -- C:\Windows\System32\NetTrace.PLA.Diagnostics.xml

[2009/07/13 19:09:20 | 002,584,543 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa

[2009/07/13 19:09:20 | 000,060,072 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp

[2009/07/13 19:09:20 | 000,059,105 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp

[2009/07/13 19:09:20 | 000,058,952 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp

[2009/07/13 19:09:20 | 000,039,292 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp

[2009/07/13 19:09:20 | 000,001,073 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp

[2009/07/13 19:06:29 | 000,201,034 | ---- | C] () -- C:\Windows\System32\winrm.vbs

[2009/07/13 19:06:29 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml

[2009/07/13 19:06:29 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl

[2009/07/13 19:06:29 | 000,001,559 | ---- | C] () -- C:\Windows\System32\WsmPty.xsl

[2009/07/13 19:01:40 | 000,124,118 | ---- | C] () -- C:\Windows\System32\comexp.msc

[2009/07/13 18:55:47 | 000,144,998 | ---- | C] () -- C:\Windows\System32\lusrmgr.msc

[2009/07/13 18:53:23 | 000,147,439 | ---- | C] () -- C:\Windows\System32\gpedit.msc

[2009/07/13 18:53:23 | 000,043,566 | ---- | C] () -- C:\Windows\System32\rsop.msc

[2009/07/13 18:47:53 | 000,063,070 | ---- | C] () -- C:\Windows\System32\certmgr.msc

[2009/07/13 18:46:10 | 000,145,127 | ---- | C] () -- C:\Windows\System32\eventvwr.msc

[2009/07/13 18:46:10 | 000,017,935 | ---- | C] () -- C:\Windows\System32\EventViewer_EventDetails.xsl

[2009/07/13 18:46:09 | 000,145,059 | ---- | C] () -- C:\Windows\System32\taskschd.msc

[2009/07/13 18:46:01 | 000,144,673 | ---- | C] () -- C:\Windows\System32\WmiMgmt.msc

[2009/07/13 18:44:25 | 000,120,458 | ---- | C] () -- C:\Windows\System32\secpol.msc

[2009/07/13 18:44:22 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc

[2009/07/13 18:44:22 | 000,113,256 | ---- | C] () -- C:\Windows\System32\compmgmt.msc

[2009/07/13 18:44:22 | 000,092,745 | ---- | C] () -- C:\Windows\System32\services.msc

[2009/07/13 18:44:22 | 000,041,587 | ---- | C] () -- C:\Windows\System32\azman.msc

[2009/07/13 18:41:56 | 000,053,552 | ---- | C] () -- C:\Windows\System32\dosx.exe

[2009/07/13 18:41:05 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe

[2009/07/13 18:41:04 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe

[2009/07/13 18:41:02 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe

[2009/07/13 18:41:02 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe

[2009/07/13 18:41:01 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM

[2009/07/13 18:40:59 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM

[2009/07/13 18:40:57 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe

[2009/07/13 18:40:57 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM

[2009/07/13 18:40:56 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe

[2009/07/13 18:40:54 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe

[2009/07/13 18:40:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe

[2009/07/13 18:40:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe

[2009/07/13 18:40:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe

[2009/07/13 18:40:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe

[2009/07/13 18:40:48 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM

[2009/07/13 18:38:38 | 000,024,114 | ---- | C] () -- C:\Windows\System32\lcptr.tbl

[2009/07/13 18:38:33 | 000,000,610 | ---- | C] () -- C:\Windows\System32\WdsUnattendTemplate.xml

[2009/07/13 18:34:35 | 000,047,679 | ---- | C] () -- C:\Windows\System32\diskmgmt.msc

[2009/07/13 18:33:45 | 000,000,714 | ---- | C] () -- C:\Windows\System32\RestartManager.mof

[2009/07/13 18:33:45 | 000,000,176 | ---- | C] () -- C:\Windows\System32\RestartManagerUninstall.mof

[2009/07/13 18:30:30 | 000,000,707 | ---- | C] () -- C:\Windows\_default.pif

[2009/07/13 18:30:26 | 000,018,832 | ---- | C] () -- C:\Windows\System32\v7vga.rom

[2009/07/13 18:30:26 | 000,008,191 | ---- | C] () -- C:\Windows\System32\bios4.rom

[2009/07/13 18:28:41 | 000,145,519 | ---- | C] () -- C:\Windows\System32\perfmon.msc

[2009/07/13 18:23:44 | 000,145,640 | ---- | C] () -- C:\Windows\System32\devmgmt.msc

[2009/07/13 18:23:03 | 000,067,808 | ---- | C] () -- C:\Windows\System32\normnfkc.nls

[2009/07/13 18:23:03 | 000,061,718 | ---- | C] () -- C:\Windows\System32\normnfkd.nls

[2009/07/13 18:23:03 | 000,047,076 | ---- | C] () -- C:\Windows\System32\normnfc.nls

[2009/07/13 18:23:03 | 000,040,566 | ---- | C] () -- C:\Windows\System32\normnfd.nls

[2009/07/13 18:23:02 | 000,419,952 | ---- | C] () -- C:\Windows\System32\locale.nls

[2009/07/13 18:20:44 | 000,144,862 | ---- | C] () -- C:\Windows\System32\tpm.msc

[2009/07/13 17:31:17 | 000,127,213 | ---- | C] () -- C:\Windows\System32\ega.cpi

[2009/07/13 17:30:24 | 000,000,843 | ---- | C] () -- C:\Windows\System32\onlinesetup.cmd

[2009/07/13 17:22:42 | 000,195,618 | ---- | C] () -- C:\Windows\System32\C_10002.NLS

[2009/07/13 17:22:42 | 000,189,986 | ---- | C] () -- C:\Windows\System32\C_1361.NLS

[2009/07/13 17:22:42 | 000,187,938 | ---- | C] () -- C:\Windows\System32\C_20005.NLS

[2009/07/13 17:22:42 | 000,186,402 | ---- | C] () -- C:\Windows\System32\C_20001.NLS

[2009/07/13 17:22:42 | 000,185,378 | ---- | C] () -- C:\Windows\System32\C_20003.NLS

[2009/07/13 17:22:42 | 000,180,258 | ---- | C] () -- C:\Windows\System32\C_20004.NLS

[2009/07/13 17:22:42 | 000,180,258 | ---- | C] () -- C:\Windows\System32\C_20000.NLS

[2009/07/13 17:22:42 | 000,177,698 | ---- | C] () -- C:\Windows\System32\C_10003.NLS

[2009/07/13 17:22:42 | 000,173,602 | ---- | C] () -- C:\Windows\System32\C_20002.NLS

[2009/07/13 17:22:42 | 000,173,602 | ---- | C] () -- C:\Windows\System32\C_10008.NLS

[2009/07/13 17:22:42 | 000,162,850 | ---- | C] () -- C:\Windows\System32\C_10001.NLS

[2009/07/13 17:22:42 | 000,139,810 | ---- | C] () -- C:\Windows\System32\C_20261.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_869.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_866.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_865.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_864.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_863.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_862.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_861.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_860.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_858.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_857.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_855.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_852.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_850.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_775.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_737.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_720.NLS

[2009/07/13 17:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_437.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_875.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_870.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_708.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_500.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28605.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\c_28603.nls

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28599.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28598.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28597.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28596.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28595.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28594.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28593.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28592.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_28591.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_21866.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_21027.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_21025.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20924.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20905.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20880.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20871.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20866.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20838.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20833.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20424.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20423.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20420.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20297.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20290.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20269.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20127.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20108.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20107.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20106.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20105.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10082.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10081.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10079.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10029.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10021.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10017.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10010.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10007.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10006.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10005.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10004.NLS

[2009/07/13 17:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_10000.NLS

[2009/07/13 17:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\System32\C_950.NLS

[2009/07/13 17:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\System32\C_949.NLS

[2009/07/13 17:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\System32\C_936.NLS

[2009/07/13 17:22:41 | 000,180,770 | ---- | C] () -- C:\Windows\System32\C_20932.NLS

[2009/07/13 17:22:41 | 000,177,698 | ---- | C] () -- C:\Windows\System32\C_20949.NLS

[2009/07/13 17:22:41 | 000,173,602 | ---- | C] () -- C:\Windows\System32\C_20936.NLS

[2009/07/13 17:22:41 | 000,162,850 | ---- | C] () -- C:\Windows\System32\C_932.NLS

[2009/07/13 17:22:41 | 000,066,594 | ---- | C] () -- C:\Windows\System32\C_874.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20285.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20284.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20280.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20278.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20277.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_20273.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1258.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1257.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1256.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1255.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1254.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1253.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1252.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1251.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1149.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1148.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1147.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1146.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1145.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1144.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1143.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1142.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1141.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1140.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1047.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1026.NLS

[2009/07/13 17:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_037.NLS

[2009/07/13 17:22:04 | 000,000,874 | ---- | C] () -- C:\Windows\System32\manage-bde.wsf

[2009/06/10 18:48:27 | 000,009,958 | ---- | C] () -- C:\Windows\System32\l_intl.nls

[2009/06/10 18:48:26 | 000,059,342 | ---- | C] () -- C:\Windows\System32\normidna.nls

[2009/06/10 18:48:14 | 000,066,082 | ---- | C] () -- C:\Windows\System32\C_1250.NLS

[2009/06/10 18:46:53 | 000,008,280 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man

[2009/06/10 18:46:40 | 000,152,516 | ---- | C] () -- C:\Windows\System32\systemsf.ebd

[2009/06/10 18:46:28 | 000,105,371 | ---- | C] () -- C:\Windows\System32\RacRules.xml

[2009/06/10 18:44:34 | 003,170,304 | ---- | C] () -- C:\Windows\System32\boot.sdi

[2009/06/10 18:42:54 | 000,028,420 | ---- | C] () -- C:\Windows\System32\bios1.rom

[2009/06/10 18:42:32 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com

[2009/06/10 18:42:32 | 000,021,232 | ---- | C] () -- C:\Windows\System32\graphics.pro

[2009/06/10 18:42:32 | 000,010,790 | ---- | C] () -- C:\Windows\System32\EDIT.HLP

[2009/06/10 18:42:07 | 000,004,041 | ---- | C] () -- C:\Windows\System32\xwizard.dtd

[2009/06/10 18:41:29 | 000,211,938 | ---- | C] () -- C:\Windows\System32\lcphrase.tbl

[2009/06/10 18:40:47 | 000,000,035 | ---- | C] () -- C:\Windows\System32\winrm.cmd

[2009/06/10 18:39:59 | 000,001,041 | ---- | C] () -- C:\Windows\System32\tcpbidi.xml

[2009/06/10 18:39:54 | 000,003,214 | ---- | C] () -- C:\Windows\System32\sysprint.sep

[2009/06/10 18:39:18 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h

[2009/06/10 18:38:48 | 000,113,543 | ---- | C] () -- C:\Windows\System32\slmgr.vbs

[2009/06/10 18:34:23 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx

[2009/06/10 18:32:07 | 000,002,060 | ---- | C] () -- C:\Windows\System32\noise.jpn

[2009/06/10 18:30:14 | 000,022,984 | ---- | C] () -- C:\Windows\System32\bopomofo.uce

[2009/06/10 18:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2009/06/10 18:19:05 | 000,040,552 | ---- | C] () -- C:\Windows\System32\gatherNetworkInfo.vbs

[2009/06/10 18:18:29 | 000,000,565 | ---- | C] () -- C:\Windows\System32\NdfEventView.xml

[2009/06/10 18:17:19 | 000,116,288 | ---- | C] () -- C:\Windows\System32\PerfCenterCpl.ico

[2009/06/10 18:16:56 | 000,002,151 | ---- | C] () -- C:\Windows\System32\12520437.cpx

[2009/06/10 18:16:38 | 000,002,727 | ---- | C] () -- C:\Windows\System32\locationnotificationsview.xml

[2009/06/10 18:15:06 | 000,076,060 | ---- | C] () -- C:\Windows\System32\xpsrchvw.xml

[2009/06/10 18:14:28 | 003,440,660 | ---- | C] () -- C:\Windows\System32\drivers\gm.dls

[2004/08/13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[1999/01/08 10:19:42 | 000,025,360 | ---- | C] () -- C:\Windows\System32\VBAPTB32.OLB

 

========== LOP Check ==========

 

[2010/04/24 10:58:45 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\CheckPoint

[2010/04/20 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\FreeAudioPack

[2010/04/21 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\GetRightToGo

[2010/04/20 00:38:53 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\NCH Swift Sound

[2010/04/18 10:27:56 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

 

< %SYSTEMDRIVE%\scecli.dll /s /md5 >

[2009/07/13 22:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll

[2009/07/13 22:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll

[2009/07/13 22:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

 

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >

[2009/07/13 22:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll

[2009/07/13 22:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll

[2009/07/13 22:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

 

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

[2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll

[2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

 

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

 

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

 

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

 

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

 

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

[2009/07/13 22:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys

[2009/07/13 22:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/13 22:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

 

< %SYSTEMDRIVE%\atapi.sys /s /md5 >

[2009/07/13 22:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys

[2009/07/13 22:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/13 22:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys

[2009/07/13 22:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

 

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

 

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

 

 

 

OTL Extras logfile created on: 02/05/2010 15:36:09 - Run 1

OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Lucas\Ambiente de rede\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 97,56 Gb Total Space | 84,30 Gb Free Space | 86,41% Space Free | Partition Type: NTFS

Drive D: | 200,43 Gb Total Space | 200,09 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LUCAS-PC

Current User Name: Lucas

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = All Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-884898081-2304259788-1949590216-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A31A5DFC-3439-48FC-99BB-5174168AE471}" = COMODO livePCsupport

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3.2 - Português

"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger

"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Ares" = Ares 2.1.5

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CCleaner" = CCleaner

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Fotosizer" = Fotosizer 1.27

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gerenciador de dispositivo de plataforma

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"Nero8Lite_is1" = Nero 8 Micro 8.3.2.1

"Switch" = Switch Sound File Converter

"Uninstall_is1" = Uninstall 1.0.0.1

"WavePad" = WavePad Sound Editor

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 01/05/2010 15:08:15 | Computer Name = Lucas-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x00000000.

 

Error - 01/05/2010 16:50:31 | Computer Name = Lucas-PC | Source = Software Protection Platform Service | ID = 8198

Description = Falha da Ativação de Licença (slui.exe) com o seguinte código de erro:

0x800401F9

 

Error - 01/05/2010 16:50:31 | Computer Name = Lucas-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x00000000.

 

Error - 01/05/2010 17:30:44 | Computer Name = Lucas-PC | Source = Software Protection Platform Service | ID = 8198

Description = Falha da Ativação de Licença (slui.exe) com o seguinte código de erro:

0x800401F9

 

Error - 01/05/2010 17:30:44 | Computer Name = Lucas-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x00000000.

 

Error - 01/05/2010 21:52:53 | Computer Name = Lucas-PC | Source = Software Protection Platform Service | ID = 8198

Description = Falha da Ativação de Licença (slui.exe) com o seguinte código de erro:

0x800401F9

 

Error - 01/05/2010 21:52:53 | Computer Name = Lucas-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x00000000.

 

Error - 01/05/2010 21:53:51 | Computer Name = Lucas-PC | Source = SideBySide | ID = 16842785

Description = Falha na geração de contexto de ativação para "C:\Windows\System32\systemcpl.dll".

Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"

não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

 

Error - 02/05/2010 14:25:59 | Computer Name = Lucas-PC | Source = Software Protection Platform Service | ID = 8198

Description = Falha da Ativação de Licença (slui.exe) com o seguinte código de erro:

0x800401F9

 

Error - 02/05/2010 14:25:59 | Computer Name = Lucas-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x00000000.

 

[ System Events ]

Error - 21/04/2010 20:36:50 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7030

Description = O serviço PEVSystemStart está marcado como um serviço interativo.

No entanto, o sistema está configurado para não permitir serviços interativos. Esse

serviço pode não funcionar corretamente.

 

Error - 21/04/2010 21:53:16 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7030

Description = O serviço PEVSystemStart está marcado como um serviço interativo.

No entanto, o sistema está configurado para não permitir serviços interativos. Esse

serviço pode não funcionar corretamente.

 

Error - 21/04/2010 21:57:51 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7030

Description = O serviço PEVSystemStart está marcado como um serviço interativo.

No entanto, o sistema está configurado para não permitir serviços interativos. Esse

serviço pode não funcionar corretamente.

 

Error - 25/04/2010 14:40:00 | Computer Name = Lucas-PC | Source = DCOM | ID = 10005

Description =

 

Error - 25/04/2010 14:40:00 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7038

Description = O serviço upnphost não pôde fazer logon como NT AUTHORITY\LocalService

com a senha configurada atualmente devido ao seguinte erro: %%1352 Para verificar

se o serviço está configurado corretamente, use o snap-in de Serviços do Console

de Gerenciamento Microsoft.

 

Error - 25/04/2010 14:40:00 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Host de dispositivo UPnP devido

ao seguinte erro: %%1069

 

Error - 27/04/2010 16:35:48 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7030

Description = O serviço PEVSystemStart está marcado como um serviço interativo.

No entanto, o sistema está configurado para não permitir serviços interativos. Esse

serviço pode não funcionar corretamente.

 

Error - 27/04/2010 16:42:45 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7030

Description = O serviço PEVSystemStart está marcado como um serviço interativo.

No entanto, o sistema está configurado para não permitir serviços interativos. Esse

serviço pode não funcionar corretamente.

 

Error - 27/04/2010 16:56:43 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7006

Description = A chamada ScRegSetValueExW falhou para Type com o seguinte erro: %%5

 

Error - 28/04/2010 22:44:04 | Computer Name = Lucas-PC | Source = DCOM | ID = 10010

Description =

 

 

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Armensen

 

<@> Execute o OTL.exe.

<@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções

 

:otl

O3 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

O3 - HKU\S-1-5-21-884898081-2304259788-1949590216-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1"=-

:commands

[purity]

[emptyflash]

[emptytemp]

[Reboot]

<@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar!

<@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-884898081-2304259788-1949590216-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.

Registry value HKEY_USERS\S-1-5-21-884898081-2304259788-1949590216-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.

ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.

========== REGISTRY ==========

Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\VistaSp1 scheduled to be deleted on reboot.

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Lucas

->Flash cache emptied: 1035 bytes

 

User: Public

 

User: Todos os Usuários

 

User: Usuário Padrão

 

Total Flash Files Cleaned = 0,00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Lucas

->Temp folder emptied: 972004 bytes

->Temporary Internet Files folder emptied: 32902 bytes

->FireFox cache emptied: 36237434 bytes

->Flash cache emptied: 0 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

User: Todos os Usuários

 

User: Usuário Padrão

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 36,00 mb

 

 

OTL by OldTimer - Version 3.2.4.0 log created on 05022010_180552

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\VistaSp1 scheduled to be deleted on reboot.

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:10:29, on 02/05/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O4 - HKLM\..\RunOnce: [OTL] "C:\Users\Lucas\Ambiente de rede\Desktop\OTL.exe"

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{AC1A1AEB-7F16-46B6-900B-F8512D651384}: NameServer = 10.14.96.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL

O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Update Service (gupdate1cacdbe85183cc9) (gupdate1cacdbe85183cc9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files\Scpad\scpVista.exe

 

--

End of file - 4935 bytes

 

 

Gostaria também de saber o que se referia aqueles itens que você pediu para excluir com o OTL :)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Armensen

 

Gostaria também de saber o que se referia aqueles itens que você pediu para excluir com o OTL

<!> Temporários e entradas ao registro,sem correspondência com algum arquivo.

0000000000000000000000000

<!> Desinstale:

 

<1> SUPERAntiSpyware

 

<2> COMODO Internet Security

0000000000000000000000000

0000000000000000000000000

<@> Abra o OTL.exe --> Clique em CleanUp.jpg ou Limpeza --> Aguarde!

<@> Na solicitação,clique OK --> Reinicie o computador!

0000000000000000000000000

0000000000000000000000000

<!> Seus logs estão limpos!

<!> Tudo Ok?

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Então, desinstalei o Superantispyware mas tenho três dúvidas: preciso desinstalar este anti-spyware pelo fato de já ter o Malware Bytes? e o Comodo? por que tenho que desinstalar o firewall? e em algum momento os log's apresentaram alguma infeccção?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Então, desinstalei o Superantispyware mas tenho três dúvidas: preciso desinstalar este anti-spyware pelo fato de já ter o Malware Bytes? e o Comodo? por que tenho que desinstalar o firewall? e em algum momento os log's apresentaram alguma infeccção?

/////////////\\\\\\\\\\\\\\

Boa Noite! Armensen

 

<!> Não encontrei infecções em sua máquina!

00000000000000

<!> Quanto às desinstalações,deveu-se à redução de conflitos que poderiam estar ocorrendo,devido à excesso de softwares de proteção.

Ps: Caso queira ficar com o Comodo,desinstale o Avira e o Malwarebytes.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

vixxe..mas não seria arriscado ficar sem um software anti-vírus? mas se eu optar desinstalar o Comodo o sistema não ficará vulnerável? eu optei por instalar apenas o firewall do Comodo e não o anti vírus que vem junto.

De qualquer forma agradeço a atenção!

Compartilhar este post


Link para o post
Compartilhar em outros sites

vixxe..mas não seria arriscado ficar sem um software anti-vírus? mas se eu optar desinstalar o Comodo o sistema não ficará vulnerável? eu optei por instalar apenas o firewall do Comodo e não o anti vírus que vem junto.

De qualquer forma agradeço a atenção!

////////////\\\\\\\\\\\\\

Bom Dia! Armensen

 

<!> Neste caso,pode ficar com a firewall Comodo,já que seu antivírus não foi ativado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.