.matiello 0 Denunciar post Postado Maio 1, 2010 Olá, gostaria que analisassem este log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:41:53, on 01/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\Arquivos de programas\Intel\IDU\iptray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Intel\IDU\awServ.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Hijack\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O1 - Hosts: 209.59.210.202 bradesco.com.br O1 - Hosts: 209.59.210.202 w.bradesco.com.br O1 - Hosts: 209.59.210.202 ww.bradesco.com.br O1 - Hosts: 209.59.210.202 www.bradesco.com.br O1 - Hosts: 209.59.210.202 wwww.bradesco.com.br O1 - Hosts: 209.59.210.202 bancobradesco.com.br O1 - Hosts: 209.59.210.202 w.bancobradesco.com.br O1 - Hosts: 209.59.210.202 ww.bancobradesco.com.br O1 - Hosts: 209.59.210.202 www.bancobradesco.com.br O1 - Hosts: 209.59.210.202 wwww.bancobradesco.com.br O1 - Hosts: 67.223.236.23 bb.com.br O1 - Hosts: 67.223.236.23 w.bb.com.br O1 - Hosts: 67.223.236.23 ww.bb.com.br O1 - Hosts: 67.223.236.23 www.bb.com.br O1 - Hosts: 67.223.236.23 wwww.bb.com.br O1 - Hosts: 67.223.236.23 bancodobrasil.com.br O1 - Hosts: 67.223.236.23 w.bancodobrasil.com.br O1 - Hosts: 67.223.236.23 ww.bancodobrasil.com.br O1 - Hosts: 67.223.236.23 www.bancodobrasil.com.br O1 - Hosts: 67.223.236.23 wwww.bancodobrasil.com.br O1 - Hosts: 67.223.236.23 bancodobrasil.com.br O1 - Hosts: 209.40.202.122 w.itau.com.br O1 - Hosts: 209.40.202.122 ww.itau.com.br O1 - Hosts: 209.40.202.122 www.itau.com.br O1 - Hosts: 209.40.202.122 wwww.itau.com.br O1 - Hosts: 209.40.202.122 ibankline.itau.com.br O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe" O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file) O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe -- End of file - 12825 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 7, 2010 Boa Tarde! .matiello <@> Baixe: < RHosts > (...by SiRi ) <@> Salve-o no desktop! <@> Ps: Execute-o e,à seguir,clique em "Restore original Hosts". <@> Reinicie o computador! 0000000000000000000000 oooooooooooooooooooooo <@> Baixe: < Malwarebytes' Anti-Malware > <@> Link - 2: < > <@> Ps: Salve ou imprima estas instruções: - Dê um duplo-clique no mbam-setup.exe;escolha a linguagem e,na instalação,aceite todas as opções padrão.- Verifique se as caixas: "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware" estão marcadas. - Clique,à seguir,em Concluir - Ps: Se houver atualizações a serem feitas,serão baixadas e instaladas. - Ao final da atualização,com o programa aberto, marque: Verificação Rápida - Clique no botão Verificar. - Começará então o exame. -> Aguarde,pois pode demorar! - Concluindo,clique em OK e depois no botão "Mostrar Resultados",para dispormos do relatório. - Ps: Se houver ítens encontrados,marque-os e clique no botão "Remover". - Ps: Ao final da desinfecção,abrir-se-á o Bloco de notas contendo o relatório. - Ps: O log será armazenado,automáticamente,pela ferramenta. - Ps: Obtenha-o clicando na aba "Logs" na janela principal do Programa. <@> Ps: Caso o MBAM encontre arquivos que não consiga remover,poderá ter de reiniciar o PC. Talvez mais de uma vez! <@> Ps: Faça isso imediatamente,ao ser perguntado se quer reiniciar. 0000000000000000000 <!> Selecione, copie e cole o conteúdo do log do MBAM,na sua próxima resposta. <!> Poste,também,HijackThis atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 23, 2010 Boa tarde! DigRam Desculpe por estar respondendo apenas hoje. Eu já tenho o Malwarebytes de outra análise, e no dia 22 fiz uma verificação completa nele. Malwarebytes' Anti-Malware 1.44 Versão do banco de dados: 3510 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/05/2010 03:57:46 mbam-log-2010-05-22 (03-57-46).txt Tipo de Verificação: Completa (C:\|) Objetos verificados: 285260 Tempo decorrido: 1 hour(s), 37 minute(s), 57 second(s) Processos da Memória infectados: 0 Módulos de Memória Infectados: 0 Chaves do Registro infectadas: 0 Valores do Registro infectados: 0 Ítens do Registro infectados: 0 Pastas infectadas: 0 Arquivos infectados: 0 Processos da Memória infectados: (Nenhum ítem malicioso foi detectado) Módulos de Memória Infectados: (Nenhum ítem malicioso foi detectado) Chaves do Registro infectadas: (Nenhum ítem malicioso foi detectado) Valores do Registro infectados: (Nenhum ítem malicioso foi detectado) Ítens do Registro infectados: (Nenhum ítem malicioso foi detectado) Pastas infectadas: (Nenhum ítem malicioso foi detectado) Arquivos infectados: (Nenhum ítem malicioso foi detectado) Hijack atualizado Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:17:31, on 23/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\Arquivos de programas\Intel\IDU\iptray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Intel\IDU\awServ.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\STacSV.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Hijack\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe" O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file) O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe -- End of file - 11481 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 23, 2010 Boa Tarde! .matiello <@> Baixe: < OTL > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Clique duplo em: < > <@> Ps: Sigamos,agora,com sua configuração! <!> 1 - Em "Saída",deixe marcado o botão "Resumida". <!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit! <!> 3 - Processos: Usar SafeList <-- Marque! <!> 4 - Módulos: Usar SafeList <-- Marque! <!> 5 - Serviços: Usar SafeList <-- Marque! <!> 6 - Drivers: Usar SafeList <-- Marque! <!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque! <!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque! <!> 9 - Verificação de Arquivos: <!> Data de Criação >> Escolha: 14 dias <!> Marque: Usar WhiteList para Nomes de Companhias <!> Marque: Ignorar Arquivos Microsoft <!> 10 - Arquivos Criados Desde: <!> Marque: Data de Criação <!> 11 - Arquivos Modificados Desde: <!> Marque: Data de Criação <!> Marque as caixas: [] Verificar Lop [] Verificar Purity <@> Ps: Sugiro que imprima estas orientações,para posterior leitura. netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\cngaudit.dll /s /md5%SYSTEMDRIVE%\sceclt.dll /s /md5%SYSTEMDRIVE%\ntelogon.dll /s /md5%SYSTEMDRIVE%\logevent.dll /s /md5%SYSTEMDRIVE%\iaStor.sys /s /md5%SYSTEMDRIVE%\nvstor.sys /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5%SYSTEMDRIVE%\IdeChnDr.sys /s /md5%SYSTEMDRIVE%\viasraid.sys /s /md5 <@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções <@> Clique em: Verificar --> Aguarde! <@> Concluindo,poste: <!> <1> OTL.txt <-- <!> <2> Extra.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 23, 2010 OTL Extras logfile created on: 23/05/2010 17:36:02 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Marcus\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 149,04 Gb Total Space | 44,68 Gb Free Space | 29,98% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARCUS Current User Name: Marcus Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) https [open] -- Reg Error: Value error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [mega] -- "C:\Arquivos de programas\Megacubo\megacubo.exe" "%1" (www.megacubo.net ) Directory [mega2] -- Reg Error: Value error. Directory [OneNote.Open] -- C:\ARQUIV~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "56458:TCP" = 56458:TCP:*:Enabled:Pando Media Booster "56458:UDP" = 56458:UDP:*:Enabled:Pando Media Booster "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "56911:TCP" = 56911:TCP:*:Enabled:Pando Media Booster "56911:UDP" = 56911:UDP:*:Enabled:Pando Media Booster ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Console de gerenciamento Microsoft -- (Microsoft Corporation) "C:\Arquivos de programas\LimeWire\LimeWire.exe" = C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Arquivos de programas\uTorrent\uTorrent.exe" = C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon) "C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.) "C:\Arquivos de programas\Mozilla Firefox\firefox.exe" = C:\Arquivos de programas\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Arquivos de programas\MegaJogos\jre\jre\bin\javaw.exe" = C:\Arquivos de programas\MegaJogos\jre\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.) "C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Arquivos de programas\iTunes\iTunes.exe" = C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Arquivos de programas\Megacubo\megacubo.exe" = C:\Arquivos de programas\Megacubo\megacubo.exe:*:Enabled:MegaCubo -- (www.megacubo.net ) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000416-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0621e6f6-d92f-4e86-80c0-827a41d6d5eb}" = Activation (Nero BackItUp 4) "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{0b442a96-9827-468c-aa60-01e99d8a7267}" = Activation (Gracenote Plug-in) "{0ba710c6-8c7b-4dbe-97fc-ea858dc8070d}" = "{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos "{0db7db85-f544-4931-a34e-9e82a92766f2}" = "{10db0b19-88d7-4265-80bf-0acbd0b1fd19}" = "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{12E876C2-E000-476B-8BD2-588F34DA91B5}" = LG PC Suite II "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{15552ad0-df14-4d23-837d-08b4fde36754}" = Blu-ray/HD DVD Video Plug-in "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{20BCD471-7897-481D-ACF2-CB9BABF6A6CF}" = Nokia Software Updater "{20c0d8cf-2ac8-46ab-add5-76cd78b3dd59}" = "{218e3808-cf3c-479c-a8c5-a1505c0469cc}" = "{22262b0a-3b10-4357-926a-a3ebf032553b}" = DTS Plug-in "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 20 "{27e43871-ff08-4836-a26b-15eb22798b97}" = "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{30cef77b-6787-4f78-983a-f91a8a596fc7}" = "{31605b54-7199-4e7e-b352-2839da91c1c8}" = "{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Kit de Instalação Automatizada do Windows "{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call "{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36820BCA-FC55-452E-9085-6E6F1F55508D}" = TD74 USB2.0 PC Camera "{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}" = Assistente de Conexão do Windows Live "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel "{3b196ff6-49d7-4db4-87af-18159e48356c}" = "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{4252ce53-7f37-4890-adea-0493e19cb3f9}" = Blu-ray Disc Authoring Plug-in "{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A "{43773997-8869-41b0-ac9f-611e31fc0b54}" = Activation (Nero 9 HD) "{43d50f2b-ae3d-4bf0-9c2a-4e59e2815e99}" = "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4ce4bbe0-917f-4bd7-8e41-1c05e1b366ea}" = "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{51882fcb-43e5-4215-843a-9f32718b5194}" = Gracenote Plug-in "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{595dd4d2-249e-4703-9295-20f2d7debbbe}" = "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5b61eb87-bc8c-4e3b-911c-494e00fbe8d9}" = Activation (Nero 9) "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{5ee0ab1b-b292-4493-a136-7e551af39932}" = "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher "{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver "{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution "{60adec32-dd16-4750-8694-733cfa673f45}" = SecurDisc Viewer "{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar "{66373617-adac-41fc-9f25-1f40a3252c7c}" = Activation (Blu-ray Video Plug-in) "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.0.5 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6e7cf15a-c34a-465f-b920-7a8e95c536ba}" = "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72FBAFB6-74AD-4F70-932D-5E67DA728430}" = PS TO PC CONVERTER "{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{7a47cc9c-4a7d-45df-9a6c-e4327f844fbf}" = mp3PRO Plug-in "{7d171aa6-b3f1-40b3-9d94-f462253a4908}" = "{7d55bd62-d8bf-4780-b590-2663668150bd}" = "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{7f47f1cf-231a-42a8-8cda-b18f492c291e}" = Blu-ray/HD DVD Video Plug-in "{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes "{826bb56e-9380-45aa-87ea-ed481ab5f447}" = "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}" = Windows Live Messenger "{8f8fda1f-642e-4fb7-951d-baff9ac0a6d6}" = mp3PRO Plug-in "{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12 "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007 "{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 "{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 "{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 "{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 "{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007 "{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 "{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 "{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 "{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 "{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR "{91316bf4-e575-4bf6-9ac9-d5e39688b527}" = Activation (Nero Move it) "{91e73029-e85c-4452-8bae-571147c08073}" = "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{94C65B81-1CCE-3D93-95B5-853B1A3DA539}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTB "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0416-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = você 9.0 Runtime "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{a5ff89e8-1be4-4776-ae12-dc540cbe0c1e}" = "{a6827757-19db-4bed-84b1-86cdc81d4dab}" = Nero 9 "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{a89ed966-fb96-443b-8e10-5620c0c7042d}" = SecurDisc Viewer "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA6E423F-CBDF-3608-AC30-0CF08D7C9A07}" = Microsoft .NET Framework 3.5 Language Pack - ptb "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{ab77dc0c-d938-485f-86b5-0ff46a937e91}" = Nero InCD-Reader "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{AD13F3C0-44D5-40F1-8210-A5672082B0DC}" = Gerenciador Sistema Auto Bradesco "{adeefec8-ca78-4595-9c05-9103a05df1ed}" = "{AE98861E-5D55-4787-9E18-6A054783D124}" = Windows XP Creativity Fun Packs - Windows Media Player 9 Series "{aec8b462-fdb1-4943-ab91-0dcdd40a4aa8}" = Activation (Nero 9) "{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B53F4598-B3D9-41DF-911E-523FA91EE464}" = Nokia Software Launcher "{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{bd6e6050-48f5-425c-9ca1-ee7fe3701d5d}" = Activation (Nero MediaHome 4) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{c8001efd-0ced-4866-96a0-daf77d83a263}" = "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{d08a04e7-3b50-4c13-bba6-4050a58e7811}" = Nero InCD-Reader "{d2bbd42d-db76-4c0a-9333-8d7dc897b80c}" = DTS Plug-in "{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker "{d7ac9e3e-fb31-4f37-a93d-206f5b1a445b}" = Activation (Blu-ray Disc Authoring Plug-in) "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{da4ae073-d3b5-45a4-8e7b-b16c63de00e2}" = "{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322 "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{e61cf311-aa14-4de4-bcd6-aedb5df3e452}" = "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5 "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights "{eb9a5ab7-7c00-4517-aa9f-c074dd34361c}" = "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EDA9F30A-8B65-3E6F-B353-CCA1C9241471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTB "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1932E56-8A95-40E0-A15B-E06B45969845}" = Nokia NSeries System Utilities "{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}" = ICatch (VI) PC Camera "{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "{F5982296-84CC-4D5B-B791-B03650F3380E}" = Intel® Desktop Utilities "{F6B23E59-1240-4C20-AE0B-70658A91976A}" = Intel® PRO Network Connections "{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier "{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player "{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III "{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro "{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer "219b3bb94d71729d119ee9ce52d76000" = Receitanet Java 2008.01a "2B45FB5A391CCFACD6A011BC0ECA0A4DC67D8AC7" = Windows Driver Package - Active Development Co., Ltd. (3xHybrid) MEDIA (03/24/2007 1.3.3.2) "7-Zip" = 7-Zip 4.65 "Add/Remove Cleaner (v2.3)" = Add/Remove Cleaner (v2.3) "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced SystemCare 3_is1" = Advanced SystemCare 3 "Agnitum Outpost Firewall_is1" = Outpost Firewall 2009 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Combat Arms" = Combat Arms "CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Discador Velox_is1" = Discador Velox 0.98 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00 "F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) "FASoft Compressor v0.8" = FASoft Compressor v0.8 "Game Booster_is1" = Game Booster "Garena" = Garena "Google Chrome" = Google Chrome "Hamachi" = Hamachi 1.0.3.0 "HDMI" = Intel® Graphics Media Accelerator Driver "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "Informações Velox_is1" = Informações Velox "InstallShield_{F5982296-84CC-4D5B-B791-B03650F3380E}" = Intel® Desktop Utilities "InstallShield_{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III "IRPF2008 - Declaração de Ajuste Anual" = IRPF2008 - Declaração de Ajuste Anual "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "LimeWire" = LimeWire 5.1.2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Megacubo_is1" = Megacubo 7.3.5 "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 3.5 Language Pack - ptb" = Microsoft .NET Framework 3.5 Language Pack - ptb "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MV AntiSpy 4.0_is1" = MV AntiSpy 4.0 "MV RegClean 5.5_is1" = MV RegClean 5.5 "NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Patch Brazukas Evolution 2009 v1.3 + Konami 1.3 ~0B162870_is1" = Brazukas Evolution 20090 v.1.3 "PluginPac" = DebugMode PluginPac (remove only) "PokerStars" = PokerStars "Programador de Modem Velox_is1" = Programador de Modem Velox 2.0 "proXPN" = proXPN 2.0.1 "Revo Uninstaller" = Revo Uninstaller 1.83 "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Seven Remix XP" = Seven Remix XP 2.2 "SMBus" = Intel® SMBus "Spyware Doctor" = Spyware Doctor 6.0 "SpywareBlaster_is1" = SpywareBlaster 4.2 "ST6UNST #1" = SubSync "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 5" = TeamViewer 5 "The KMPlayer" = The KMPlayer (remove only) "Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition "VobSub" = VobSub v2.23 (Remove Only) "WebPost" = Microsoft Web Publishing Wizard 1.53 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = Arquivo do WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Aion Private Patch - Versão 1.1" = Aion Private Patch - Versão 1.1 "e3b16aab256db613" = Scrim Spot Anti-Cheat "NCsoft-Aion" = Aion "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/03/2010 19:45:33 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 13/03/2010 05:28:53 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 13/03/2010 06:19:03 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 13/03/2010 11:05:46 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 14/03/2010 10:18:13 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 14/03/2010 17:23:15 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 15/03/2010 09:44:50 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 15/03/2010 20:00:33 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 16/03/2010 09:30:57 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 16/03/2010 11:17:16 | Computer Name = MARCUS | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho do servidor não serão retornados. O código de erro retornado está no dado DWORD 0. [ OSession Events ] Error - 27/06/2009 18:57:02 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 83 seconds with 0 seconds of active time. This session ended with a crash. Error - 23/07/2009 18:38:50 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash. Error - 29/09/2009 09:44:32 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 60 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 22/05/2010 08:49:00 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao seguinte erro: %%3 Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2 Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro: %%2 Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao seguinte erro: %%3 Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2 Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro: %%2 Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao seguinte erro: %%3 Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2 Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro: %%2 Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao seguinte erro: %%3 < End of report > OTL logfile created on: 23/05/2010 17:36:02 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Marcus\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 149,04 Gb Total Space | 44,68 Gb Free Space | 29,98% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARCUS Current User Name: Marcus Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Marcus\desktop\OTL.exe (OldTimer Tools) PRC - C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\WINDOWS\system32\snmp.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Arquivos de programas\Intel\IDU\iptray.exe (OSA Technologies Inc., An Avocent Company) PRC - C:\Arquivos de programas\Intel\IDU\awServ.exe (OSA Technologies Inc., An Avocent Company) PRC - C:\WINDOWS\system32\stacsv.exe (SigmaTel, Inc.) PRC - C:\WINDOWS\sttray.exe (SigmaTel, Inc.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Marcus\desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Visual Studio Analyzer RPC bridge) -- File not found SRV - (npggsvc) -- File not found SRV - (NOD32krn) -- File not found SRV - (OpenVPNService) -- C:\Arquivos de programas\proXPN\bin\openvpnserv.exe () SRV - (Apple Mobile Device) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (AntiVirService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (acssrv) -- C:\Arquivos de programas\Agnitum\Outpost Firewall\acs.exe (Agnitum Ltd.) SRV - (sdCoreService) -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (SNMP) -- C:\WINDOWS\system32\snmp.exe (Microsoft Corporation) SRV - (WLSetupSvc) -- C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (usnjsvc) -- C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (AWService) -- C:\Arquivos de programas\Intel\IDU\awServ.exe (OSA Technologies Inc., An Avocent Company) SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (STacSV) -- C:\WINDOWS\system32\stacsv.exe (SigmaTel, Inc.) SRV - (IDriverT) -- C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (SandBox) -- C:\WINDOWS\system32\drivers\SandBox.sys (Agnitum Ltd.) DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET) DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET) DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET) DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET) DRV - (afw) -- C:\WINDOWS\system32\drivers\afw.sys (Agnitum Ltd.) DRV - (avgio) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (afwcore) -- C:\WINDOWS\system32\drivers\afwcore.sys (Agnitum Ltd.) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company) DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (usbaudio) Driver de áudio USB (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV - (WimFltr) -- C:\WINDOWS\system32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (lgmcmdm) -- C:\WINDOWS\system32\drivers\lgmcmdm.sys (MCCI Corporation) DRV - (lgmcobex) -- C:\WINDOWS\system32\drivers\lgmcobex.sys (MCCI Corporation) DRV - (lgmcmdfl) -- C:\WINDOWS\system32\drivers\lgmcmdfl.sys (MCCI Corporation) DRV - (lgmcbus) LGE Mobile driver (WDM) -- C:\WINDOWS\system32\drivers\lgmcbus.sys (MCCI Corporation) DRV - (AMON) -- C:\WINDOWS\system32\drivers\amon.sys (Eset ) DRV - (Cap7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors) DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors) DRV - (hid8101) -- C:\WINDOWS\system32\drivers\hid8101.sys (Compuware Corporation) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia) DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia) DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia) DRV - (smbusp) Intel® -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation) DRV - (NCPro) -- C:\WINDOWS\system32\drivers\MTictwl.sys () DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys () DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc) DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI) DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI) DRV - (exdisk) -- C:\WINDOWS\system32\drivers\exdisk.sys () DRV - (SMBios) Intel ® -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation) DRV - (CA561) ICatch (VI) -- C:\WINDOWS\system32\drivers\SPCA561.SYS (SP) DRV - (RMSPPPOE) WAN Miniport (PPP over Ethernet Protocol) -- C:\WINDOWS\system32\drivers\RMSPPPOE.SYS (Robert Schlabbach) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A B1 BB 11 14 45 CA 01 [binary data] IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://thefreevpn.com/home.php" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..keyword.URL: "http://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=" FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/04/19 16:49:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/05/07 13:55:51 | 000,000,000 | ---D | M] [2009/03/22 22:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Extensions [2009/03/22 22:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Extensions\mozswing@mozswing.org [2010/04/19 12:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions [2009/09/04 19:17:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/12/19 10:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009/12/19 10:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com [2009/10/24 11:59:58 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\daemon-search.xml [2009/03/24 20:47:09 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\live-search.xml [2009/04/09 15:25:29 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\yahoo.xml [2010/05/07 13:55:52 | 000,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions [2010/05/07 13:55:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll [2009/07/02 23:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2009/09/01 03:33:42 | 000,177,304 | ---- | M] (MGame) -- C:\Arquivos de programas\Mozilla Firefox\plugins\NPMFireLauncher.dll [2009/05/10 21:35:00 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npPandoWebInst.dll [2009/11/02 23:03:59 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml [2009/11/02 23:03:59 | 000,001,135 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml [2009/11/02 23:03:59 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml [2009/11/02 23:03:59 | 000,000,648 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2010/05/23 13:56:33 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found O4 - HKLM..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ipTray.exe] C:\Arquivos de programas\Intel\IDU\iptray.exe (OSA Technologies Inc., An Avocent Company) O4 - HKLM..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [OutpostFeedBack] C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Arquivos de programas\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit\532.5_(KHTML,_like_Gecko)_Chrome\4.1.249.1045_Safari\532.5 - File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0 O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Value error. File not found O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O12 - Plugin for: .spop - C:\Arquivos de programas\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda) O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/05/21 18:12:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/01/17 12:54:54 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2007/05/21 19:50:50 | 000,000,874 | ---- | M] () - C:\AutoSetup.log -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/05/23 19:12:50 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk - Reg Error: Value error. - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk - Reg Error: Value error. - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation) MsConfig - StartUpReg: Advanced SystemCare 3 - hkey= - key= - C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe (IObit) MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe (Macrovision Corporation) MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: itype - hkey= - key= - C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation) MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: Openwares LiveUpdate - hkey= - key= - C:\Program Files\LIVEUPDATE\LiveUpdate.exe (Openwares) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Arquivos de programas\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: TkBellExe - hkey= - key= - Reg Error: Value error. File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootMin: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootNet: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error. ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Processamento de gráficos vetoriais (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error. ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error. ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ligação de dados de HTML dinâmico para Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Cancelar inscrição ActiveX: {423290D4-DC50-48FA-9871-9D61FCAD7C13} - .NET Framework ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Criação avançada ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation para Java ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Agendador de tarefas ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EDA9F30A-8B65-3E6F-B353-CCA1C9241471} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.iac2 - C:\\WINDOWS\\system32\\iac25_32.ax () Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com) Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) ========== Files/Folders - Created Within 14 Days ========== [2010/05/23 16:09:12 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcus\Desktop\OTL.exe [2010/05/23 14:39:22 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\TD74 Corporation [2010/05/23 14:39:16 | 000,049,152 | ---- | C] (Vimicro) -- C:\WINDOWS\Domino.exe [2010/05/23 14:39:15 | 000,257,408 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbvm323.sys [2010/05/23 14:39:15 | 000,253,952 | ---- | C] (vimicro) -- C:\WINDOWS\System32\vmprp323.ax [2010/05/23 14:39:15 | 000,098,304 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\VMCtrl323.ax [2010/05/23 14:39:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot [2010/05/22 09:52:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marcus\Recent [2010/05/21 22:49:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Pryme [2010/05/21 22:47:33 | 000,000,000 | ---D | C] -- C:\cmos [2010/05/21 22:25:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\STV [2010/05/09 20:09:36 | 000,053,248 | ---- | C] (Sunplus) -- C:\WINDOWS\ap561.exe [2010/05/09 20:09:35 | 000,119,798 | ---- | C] (SP) -- C:\WINDOWS\System32\drivers\SPCA561.SYS [2010/05/09 20:09:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Setup2K [2008/08/25 19:40:00 | 000,122,880 | ---- | C] ( ) -- C:\WINDOWS\System32\sbcrreag.dll ========== Files - Modified Within 14 Days ========== [2010/05/23 17:08:00 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/05/23 16:12:48 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Marcus\Desktop\RUIDOS_SUBARU.xls [2010/05/23 16:09:28 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcus\Desktop\OTL.exe [2010/05/23 14:42:45 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job [2010/05/23 14:42:38 | 000,244,206 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/05/23 14:42:35 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/05/23 14:42:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/23 14:42:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/23 14:41:28 | 009,519,104 | ---- | M] () -- C:\Documents and Settings\Marcus\ntuser.dat [2010/05/23 14:41:28 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Marcus\ntuser.ini [2010/05/23 14:41:25 | 020,601,538 | -H-- | M] () -- C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\IconCache.db [2010/05/23 14:39:24 | 000,001,087 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIMICROCAM VC0323.lnk [2010/05/23 13:42:03 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/22 10:17:07 | 067,736,831 | ---- | M] () -- C:\Documents and Settings\Marcus\Desktop\windowsxp.zip [2010/05/21 22:59:42 | 000,001,354 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/17 15:34:13 | 000,206,848 | ---- | M] () -- C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/11 22:36:33 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2010/05/23 16:12:48 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Marcus\Desktop\RUIDOS_SUBARU.xls [2010/05/23 14:39:16 | 000,212,992 | ---- | C] () -- C:\WINDOWS\VMSnap23.exe [2010/05/23 14:39:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\VMCap323.exe [2010/05/23 14:39:15 | 000,001,087 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIMICROCAM VC0323.lnk [2010/05/22 10:04:29 | 067,736,831 | ---- | C] () -- C:\Documents and Settings\Marcus\Desktop\windowsxp.zip [2010/05/18 10:18:50 | 009,519,104 | ---- | C] () -- C:\Documents and Settings\Marcus\ntuser.dat [2010/05/09 20:09:35 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe [2010/05/09 20:09:35 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini [2010/05/09 20:09:35 | 000,007,431 | ---- | C] () -- C:\WINDOWS\Tw561a.src [2010/05/09 20:09:35 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini [2010/04/19 16:50:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010/04/19 16:50:17 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/04/19 16:50:17 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/04/19 16:50:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010/04/19 16:50:15 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/12/03 09:46:55 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/10/06 17:22:23 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI [2009/10/06 15:58:45 | 000,000,156 | ---- | C] () -- C:\WINDOWS\cavscan.INI [2009/09/21 19:41:16 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI [2009/08/18 23:22:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/08/12 21:28:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2009/06/11 23:25:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/05/21 01:24:48 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009/04/30 23:27:41 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2008/12/08 14:20:14 | 000,000,030 | ---- | C] () -- C:\WINDOWS\RefreshLock.ini [2008/11/20 11:26:36 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008/11/11 23:11:56 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008/03/13 20:50:34 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\MSJCE.dll [2008/02/15 05:55:28 | 000,000,184 | ---- | C] () -- C:\WINDOWS\3DHOME.INI [2007/10/04 15:33:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2007/09/30 08:13:43 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys [2007/08/28 20:55:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll [2007/08/18 15:40:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2007/08/18 14:21:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007/08/18 14:19:13 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2007/06/10 10:53:10 | 000,000,009 | ---- | C] () -- C:\WINDOWS\WINHLP32.INI [2007/06/10 07:41:12 | 000,000,185 | ---- | C] () -- C:\WINDOWS\mdm.ini [2007/06/07 06:28:44 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2007/06/05 21:18:19 | 000,007,604 | ---- | C] () -- C:\WINDOWS\UEDIT32.INI [2007/05/21 20:34:23 | 000,001,241 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/05/21 19:50:50 | 000,033,249 | R--- | C] () -- C:\WINDOWS\System32\drivers\RITFSD.sys [2007/05/21 19:50:50 | 000,014,074 | R--- | C] () -- C:\WINDOWS\System32\drivers\exdisk.sys [2007/05/21 19:50:44 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\RitShell.dll [2007/05/21 19:40:53 | 000,348,880 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2007/05/21 19:40:53 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4624.dll [2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2007/01/23 22:39:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007/01/23 22:39:56 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007/01/23 22:39:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007/01/23 22:39:54 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007/01/23 22:39:54 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2007/01/23 22:39:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2002/10/15 19:54:04 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL [1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI [1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI [1997/01/12 00:00:00 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\DTCTRACE.DLL [1996/11/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL ========== LOP Check ========== [2009/05/10 17:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spyware Terminator [2009/11/03 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Agnitum [2008/07/12 07:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avocent AdminWorks [2009/01/03 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET [2008/08/30 14:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft [2010/03/01 15:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IObit [2010/01/06 20:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IsolatedStorage [2009/02/25 11:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\KONAMI [2010/01/31 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus! [2010/05/09 19:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NCH Swift Sound [2009/10/28 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nexon [2010/05/22 09:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS [2008/10/11 08:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia [2008/10/11 08:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite [2009/09/16 22:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pinnacle [2009/05/11 09:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files [2009/10/06 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit [2009/05/09 11:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sports Interactive [2010/05/22 07:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP [2010/01/21 13:33:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk [2009/04/02 12:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2010/01/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/11/24 17:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Actecom [2009/11/03 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Auslogics [2008/11/20 11:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\DAEMON Tools [2009/10/07 20:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\DMCache [2009/01/03 17:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ESET [2009/09/16 22:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\GlarySoft [2009/10/06 13:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\GrabPro [2009/10/30 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ijjigame [2009/11/11 12:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\IObit [2008/10/30 20:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Kernel for Outlook [2008/11/27 21:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LG Electronics [2007/08/28 20:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LGSync [2010/05/11 22:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LimeWire [2010/05/09 19:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\NCH Swift Sound [2008/10/11 08:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Nokia [2010/04/28 11:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Nokia Multimedia Player [2008/10/11 09:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\NSeries [2010/01/11 09:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Orbit [2008/10/11 08:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\PC Suite [2010/01/11 08:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ProxyCap [2009/09/16 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Publish Providers [2008/10/30 19:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\RecoveryFIX for Outlook (Evaluation version - 4.05.01) [2009/09/17 21:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Sony [2008/11/20 11:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Sports Interactive [2010/01/20 14:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\TeamViewer [2010/05/01 02:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\TS3Client [2010/05/22 09:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\uTorrent [2010/02/10 16:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Vso [2010/05/23 14:42:45 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [2004/07/09 04:08:36 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\dxsetup.exe < %SYSTEMDRIVE%\eventlog.dll /s /md5 > [2004/08/04 04:45:22 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=BD18C87A4E1EA136C44D374296B981DC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll < %SYSTEMDRIVE%\scecli.dll /s /md5 > [2004/08/04 04:45:26 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=E95230A31F912E07B19F8335D4DFF110 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll < %SYSTEMDRIVE%\sfcfiles.dll /s /md5 > [2004/08/04 04:45:28 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=1DD4FC7EEE3A45257528A34FDF7BC689 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll [2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll [2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll [2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\system32\sfcfiles.dll < %SYSTEMDRIVE%\netlogon.dll /s /md5 > [2004/08/04 04:45:26 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=82777C1BE8E9F0B1574DAC5BC29C7D6F -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > [2004/08/04 02:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > ========== Alternate Data Streams ========== @Alternate Data Stream - 518 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34 @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86 @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120 < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 23, 2010 Boa Noite! .matiello <@> Execute o OTL.exe. <@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções :filesC:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini :otl O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found @Alternate Data Stream - 518 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34 @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86 @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120 :commands [purity] [emptyflash] [emptytemp] [Reboot] <@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar! <@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 23, 2010 All processes killed ========== FILES ========== C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34 deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5 deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2 deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86 deleted successfully. ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120 deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrador User: All Users User: Default User User: LocalService User: Marcus ->Flash cache emptied: 4630 bytes User: NetworkService Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrador ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33239 bytes User: Marcus ->Temp folder emptied: 94096663 bytes ->Temporary Internet Files folder emptied: 2695515 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 46992647 bytes ->Google Chrome cache emptied: 102619276 bytes ->Flash cache emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 147456 bytes RecycleBin emptied: 380207 bytes Total Files Cleaned = 236,00 mb OTL by OldTimer - Version 3.2.5.0 log created on 05232010_200526 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 23, 2010 Boa Noite! .matiello <@> Baixe: < ToolBar S&D > <@> Salve-o no Disco Local-C,em uma pasta própria. <@> Reinicie o computador,em Modo de Segurança. <-- Importante! <@> Execute o programa,e à seguir,aperte o "p" --> Enter --> Ok. <@> Digite o dois! ( 2 ) --> Aperte Enter --> Aguarde! <@> Terminando,poste o relatório. ( C:\ToolBar SD\TB_1.txt ) <-- 00000000000000000000000 ooooooooooooooooooooooo <@> Baixe: < > ( ...by sUBs ) <!> Link-2 --> < ForoSpyware > <!> Link-3 --> < GeeksToGo > <@> Salve-o no desktop! <@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! ) <@> Feche todas as janelas e execute a ferramenta! <@> Ps: A execução,por comando,também é possível: <@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall <@> Clique em Ok. <@> Na janela: "Contrato de garantia de software" --> Clique em Sim! <@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo! <@> Terminando,clique Sim ou Yes. --> Aguarde! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download. <!> Salve-a no desktop,renomeada como: Kombo.exe <!> Ps: Nomeie durante o salvamento,e não após salvá-la! <!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link! <!> Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação: <!> Ps: Anote essas detecções,e dê o OK. <!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde! <!> Ps: Evite executar,voluntariamente,esta ferramenta! <!> Ps: Para evitar problemas,siga todas as recomendações propostas. <!> Ps: ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <@> Abrir-se-á a janela Auto Scan. --> Aguarde! <@> Para finalizar remoções,o ComboFix poderá reiniciar o computador. <@> Se houver necessidade,digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão! <@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante! <@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter! <@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 24, 2010 -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6420 @ 2.13GHz ) BIOS : Default System BIOS USER : Marcus ( Administrator ) BOOT : Fail-safe with network boot Antivirus : ESET Smart Security 3.0 3.0 (Activated) Firewall : Firewall pessoal do ESET 4.0.417.0 (Not Activated) C:\ (Local Disk) - NTFS - Total:149 Go (Free:44 Go) D:\ (CD or DVD) E:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 24/05/2010|11:35 ) -----------\\ REMOVIDOS Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\FirefoxDTT Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\Resources Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\uninst.exe Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\_DTLite.xml Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar -----------\\ Procura por Arquivos / Ficheiros ... -----------\\ Extensions (Marcus) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Marcus) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page Redirect Cache"="http://br.msn.com/?ocid=iehp" "Start Page"="http://thefreevpn.com/home.php"'>http://thefreevpn.com/home.php" "Url"="http://go.microsoft.com/fwlink/?LinkId=75723" "Url"="http://go.microsoft.com/fwlink/?LinkId=75724" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "SearchAssistant"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "CustomizeSearch"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" --------------------\\ Procurando por outras infecções --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Marcus\Dados de aplicativos\Microsoft\Office\Recente\crack LFD2.LNK C:\DOCUME~1\Marcus\Favoritos\Download - Football Manager 2009 + Tradu‡Æo - Patch - Crack - Baixe Turbo.URL C:\DOCUME~1\Marcus\Meus documentos\N.+Funcionando+-+crackeado+by+baixedetudo.net.rar C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\ArtBlendsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\ArtEffectsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\D3DExplosionsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\D3DTransformationsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\FilmEffectsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\MotionBlendsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\MotionEffectsVegas.dll C:\DOCUME~1\Marcus\Meus documentos\Meus arquivos recebidos\Ale Links-COD4-e-crack.txt 1 - "C:\ToolBar SD\TB_1.txt" - 24/05/2010|11:36 - Option : [2] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:08:27, on 24/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Intel\IDU\awServ.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Hijack\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe" O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file) O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe -- End of file - 10994 bytes ComboFix 10-05-23.07 - Marcus 24/05/2010 11:50:37.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1556 [GMT -3:00] Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: ESET Smart Security 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Firewall pessoal do ESET *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD} * AV residente está ativo . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Marcus\Dados de aplicativos\inst.exe c:\documents and settings\Marcus\port32.log c:\windows\system\VI30AUT.DLL c:\windows\system32\szxfis.exe . (((((((((((((((( Arquivos/Ficheiros criados de 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))) . 2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD 2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb 2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL 2010-05-23 17:48 . 2008-04-13 14:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation 2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe 2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe 2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe 2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot 2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys 2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll 2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll 2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll 2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll 2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll 2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository 2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme 2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos 2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV 2010-05-09 23:09 . 2002-08-13 21:01 53248 ----a-w- c:\windows\ap561.exe 2010-05-09 23:09 . 2010-05-09 23:09 -------- d-----w- c:\windows\Setup2K 2010-05-09 23:09 . 2002-11-22 18:56 118784 ----a-w- c:\windows\ShowBmp.exe 2010-05-09 23:09 . 2002-10-01 17:43 119798 ----a-w- c:\windows\system32\drivers\SPCA561.SYS 2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound 2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software 2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound 2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT 2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat 2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client 2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client 2010-05-01 02:15 . 2010-05-01 02:15 -------- d-----w- c:\arquivos de programas\proXPN 2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia 2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite 2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution 2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys 2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys 2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys 2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys 2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-24 14:30 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-22 12:46 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent 2010-05-22 12:46 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent 2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS 2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP 2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker 2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire 2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live 2010-05-09 23:09 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield 2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java 2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner 2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player 2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II 2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia 2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack 2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-04-08 19:20 . 2009-03-31 00:39 -------- d-----w- c:\arquivos de programas\PokerStars 2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat 2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll 2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll 2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll 2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll 2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll 2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll 2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat 2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat 2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-02 04:19 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys 2010-02-26 15:05 . 2010-02-26 15:05 72488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-25 06:17 . 2004-08-04 07:45 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2004-08-04 06:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab 2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll . ------- Sigcheck ------- [7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [7] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . 873E9E5B23D206BE443ABD3CF597C2E8 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [7] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2009-10-12 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll [7] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . B5782EE6EAFE3C218236F79F1A27B747 . 578048 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . 7FFBCF1B94E6929DEECE06670C2407D6 . 577536 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [7] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . DCCBF18E94D651393A3FFA060F88E0A0 . 1035264 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [7] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe [7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [7] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624] "ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328] "nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464] "OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032] "avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792] "AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 1 (0x1) "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk] backup=c:\windows\pss\Orbit.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk] backup=c:\windows\pss\hamachi.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk] backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3] 2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:20 40448 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate] 2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"= "c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms\\NMService.exe"= "c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"= "c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"= "c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Arquivos de programas\\iTunes\\iTunes.exe"= "c:\\Arquivos de programas\\Megacubo\\megacubo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "56458:TCP"= 56458:TCP:Pando Media Booster "56458:UDP"= 56458:UDP:Pando Media Booster "56911:TCP"= 56911:TCP:Pando Media Booster "56911:UDP"= 56911:UDP:Pando Media Booster R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936] R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384] R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296] S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104] S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?] S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074] S3 GarenaPEngine;GarenaPEngine; [x] S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908] S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584] S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976] S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464] S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480] S3 npggsvc;nProtect GameGuard Service; [x] S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?] S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064] S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088] . Conteúdo da pasta 'Tarefas Agendadas' 2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34] 2010-05-24 c:\windows\Tasks\AWC AutoSweep.job - c:\arquivos de programas\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-09-02 17:11] 2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-03 12:41] 2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-03 12:41] . . ------- Scan Suplementar ------- . uStart Page = hxxp://thefreevpn.com/home.php mWindow Title = uInternet Settings,ProxyOverride = local IE: &Clean Traces IE: &Download with &DAP IE: Download &all with DAP IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: w2pxdrv.dll TCP: {F6ED63BF-48EA-49FF-B3BF-A0E98B62947B} = 156.154.70.25,156.154.71.25 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p= FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 9666 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 9050 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 9666 FF - prefs.js: network.proxy.type - 1 FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\NPMFireLauncher.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\npNxGameUS.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-24 11:57 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar0] "BarID"=dword:0000e81b "Bars"=dword:00000003 "Bar#0"=dword:00000000 "Bar#1"=dword:0000e800 "Bar#2"=dword:00000000 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar1] "BarID"=dword:0000e81c "Bars"=dword:00000004 "Bar#0"=dword:00000000 "Bar#1"=dword:0000e807 "Bar#2"=dword:0000e806 "Bar#3"=dword:00000000 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar2] "BarID"=dword:0000e800 "XPos"=dword:fffffffe "YPos"=dword:fffffffe "Docking"=dword:00000001 "MRUDockID"=dword:00000000 "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:fffffffe "MRUDockRightPos"=dword:000001f5 "MRUDockBottomPos"=dword:00000036 "MRUFloatStyle"=dword:00002000 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar3] "BarID"=dword:0000e806 "XPos"=dword:fffffffe "YPos"=dword:00000141 "Docking"=dword:00000001 "MRUDockID"=dword:0000e81c "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:00000141 "MRUDockRightPos"=dword:000000c6 "MRUDockBottomPos"=dword:00000287 "MRUFloatStyle"=dword:00002004 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar4] "BarID"=dword:0000e807 "XPos"=dword:fffffffe "YPos"=dword:fffffffe "Docking"=dword:00000001 "MRUDockID"=dword:00000000 "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:fffffffe "MRUDockRightPos"=dword:000000c6 "MRUDockBottomPos"=dword:00000143 "MRUFloatStyle"=dword:00002004 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Summary] "Bars"=dword:00000005 "ScreenCX"=dword:00000400 "ScreenCY"=dword:00000300 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Settings] "FirstRun"=dword:00000000 "xScreen"=dword:00000400 "yScreen"=dword:000002c4 "floats"="1.000000 0.500000 0.500000 120 120" "skin"="ISR_10Moons.dll" [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\WNDSTATUS] "FLAG"=dword:00000000 "SHOWCMD"=dword:00000001 "LEFT"=dword:fffffffc "TOP"=dword:fffffffc "RIGHT"=dword:00000404 "BOTTOM"=dword:000002e2 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10f_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10f_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(1532) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1588) c:\windows\system32\setupapi.dll . Tempo para conclusão: 2010-05-24 11:59:43 ComboFix-quarantined-files.txt 2010-05-24 14:59 Pré-execução: 51 pasta(s) 48.102.797.312 bytes disponíveis Pós execução: 52 pasta(s) 48.057.511.936 bytes disponíveis Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - A5CEF2D062B80B81AB6093963402802F Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 24, 2010 Boa Tarde! .matiello ------- Sigcheck ------- [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . 873E9E5B23D206BE443ABD3CF597C2E8 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2009-10-12 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . B5782EE6EAFE3C218236F79F1A27B747 . 578048 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . 7FFBCF1B94E6929DEECE06670C2407D6 . 577536 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . DCCBF18E94D651393A3FFA060F88E0A0 . 1035264 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe <!> Estudando algumas assinaturas digitais de ficheiros,no log do OTL,detectei a não-validade de alguns. Corroborado,à seguir,pelo relatório do ComboFix. <!> Podem ter sido alterados por malwares ou instalados,na origem,pelo CD-ROM do Windows-XP. 000000000000000000000 ooooooooooooooooooooo <@> Estando em "Modo Normal",vá em Iniciar --> Executar --> Digite: sfc /scannow --> Clique OK. < > <@> Será pedido a colocação do CD-ROM,do Windows XP,no drive. <@> Será,portanto,acionada a "Proteção de arquivo do Windows". <@> Aguarde a conclusão do reparo! 000000000000000000000 ooooooooooooooooooooo <@> Baixe: < MGADiag > <@> Salve-o no desktop! <@> Duplo-clique no ícone < > <@> Clique,à seguir,em Continue :seta: Copy. <@> Abra o Bloco de Notas --> Tecle: ctrl+v <-- Colar! <@> Ps: Poste seu conteúdo. ( Diagnostic Report (1.9.0027.0) ) <- <@> Clique OK para fechar a ferramenta! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 24, 2010 Não tenho o cd-rom do windows xp. O que devo fazer? Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 24, 2010 Não tenho o cd-rom do windows xp. O que devo fazer? //////////\\\\\\\\\\ Opa! .matiello <!> O sistema está fragilizado e o uso do PC,para acessar online banking,temerário. <!> Recomendo,portanto,a formatação e aquisição de um sistema operacional original,descartando as cópias piratas ou downloads dos mesmos. <!> Ps: Caso queira postar o relatório do MGADiag,como confirmação desse fato,pode faze-lo! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 24, 2010 Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Status: Geographically blocked PID Validation Code: 13 Cached Validation Code: N/A Windows Product Key: *****-*****-FRVF4-VPF7Y-38JV3 Windows Product Key Hash: NIpQw7rwVuJX1OvyiqXGOpU8tbE= Windows Product ID: 55274-640-0187892-23389 Windows Product ID Type: 1 Windows License Type: Volume Windows OS version: 5.1.2600.2.00010100.3.0.pro ID: {AB3F84F0-128B-4EBF-8BB1-D356E3E6F04F}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: Registered, 1.7.36.0 Signed By: Microsoft Product Name: N/A Architecture: N/A Build lab: N/A TTS Error: N/A Validation Diagnostic: 025D1FF3-230-1 Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A Version: N/A Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 103 Blocked VLK Microsoft Office Enterprise 2007 - 103 Blocked VLK OGA Version: Registered, 1.6.21.0 Signed By: Microsoft Office Diagnostics: 025D1FF3-230-1 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Arquivos de programas\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\WINDOWS\system32\winlogon.exe[5.1.2600.5512], Hr = 0x800b0100 File Mismatch: C:\WINDOWS\system32\setupapi.dll[5.1.2600.5512], Hr = 0x800b0100 File Mismatch: C:\WINDOWS\system32\syssetup.dll[5.1.2600.5512], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{AB3F84F0-128B-4EBF-8BB1-D356E3E6F04F}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-38JV3</PKey><PID>55274-640-0187892-23389</PID><PIDType>1</PIDType><SID>S-1-5-21-1078081533-1409082233-725345543</SID><SYSTEM><Manufacturer>INTEL_</Manufacturer><Model>D946GZIS</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>TS94610J.86A.0047.2006.0911.0110</Version><SMBIOSVersion major="2" minor="4"/><Date>20060911000000.000000+000</Date></BIOS><HWID>106132FF0184E07A</HWID><UserLCID>0416</UserLCID><SystemLCID>0416</SystemLCID><TimeZone>Hora oficial do Brasil(GMT-03:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>NiwradSoft</name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>103</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>103</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>ACD7202654E586</Val><Hash>fFic3JgCreGGRxyF8uMWB4R4Jcg=</Hash><Pid>89388-707-1528066-65481</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="103"/><App Id="16" Version="12" Result="103"/><App Id="18" Version="12" Result="103"/><App Id="19" Version="12" Result="103"/><App Id="1A" Version="12" Result="103"/><App Id="1B" Version="12" Result="103"/><App Id="44" Version="12" Result="103"/><App Id="A1" Version="12" Result="103"/><App Id="BA" Version="12" Result="103"/></Applications></Office></Software></GenuineResults> Licensing Data--> N/A Windows Activation Technologies--> N/A HWID Data--> N/A OEM Activation 1.0 Data--> BIOS string matches: no Marker string from BIOS: N/A Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005 OEM Activation 2.0 Data--> N/A Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 25, 2010 Boa Noite! .matiello <!> A cópia não passou pela validação da WGA. <!> Validation Status: Geographically blocked PID <!> Uma quantidade menor de arquivos,não passaram na validação digital. Contrariando à indicação em ComboFix.txt,que não podemos descartar. 0000000000000000000000 oooooooooooooooooooooo <@> Submeta estes ficheiros,abaixo,à uma análise em: < VirSCAN.org > C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\setupapi.dll C:\WINDOWS\system32\syssetup.dll c:\windows\system32\ctfmon.exe c:\windows\explorer.exe <@> Clique em "Enviar arquivo...". <@> Localizado os ficheiros,em seu PC,clique em "Upload" --> Aguarde! <@> Na mensagem,clique em: "Verificar novamente" <@> Concluindo,copie e envie-nos o link aos relatórios. <@> Ps: Faça a análise de um por vez! <@> Exemplo: Foi verificado o arquivo NodeRefresh.dll,cujo link ao relatório segue abaixo: <@> Link: --> < > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 25, 2010 http://virscan.org/report/cc6322c4697ea23fe5b041829a4aedae.html http://virscan.org/report/ac961e249583e127b88653319192d319.html http://virscan.org/report/002a03a93775b9e16e388387209c7a05.html http://virscan.org/report/78c45406fa412331576a6425045e1065.html http://virscan.org/report/b8439d898896847a2fc73d956f898002.html Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 25, 2010 Bom Dia! .matiello <!> A investigação dos ficheiros,em VirSCAN.org,não revelou códigos maliciosos. O que não implica/desabilita a indicação da ferramenta MGADiag em relação às suas assinaturas digitais. 0000000000000000000000 oooooooooooooooooooooo <!> Desinstale: C:\Arquivos de programas\PokerStars <-- <!> Após desinstalar,utilize CCleaner para limpeza ao registro. 0000000000000000000000 oooooooooooooooooooooo <@> Baixe: < PureRa15Binary.zip > ( ...by Paul McLain & Fred de Vries ) <!> Link - 2 < > <@> Salve-o no desktop! <-- Tire-o do zip! <@> Execute: PureRa.exe --> Clique em Clean. <@> Marque a opção: "Check All" < > <@> Clique no botão Clean Selected --> Aguarde! <@> Terminando ( Finished ),clique em Exit. <@> Poste o relatório: PureRa.txt <-- 0000000000000000000000 oooooooooooooooooooooo <@> Baixe: < lspfix > <@> Salve-o no Desktop! <@> Feche o seu navegador e programas que estejam abertos. <@> Execute o LSP-Fix! <@> Marque a caixa "I know what I'm doing". <@> Procure referências ao ficheiro: w2pxdrv.dll <@> Mova essa referência da caixa Keep,para a Remove. <@> Clique em Finish,para concluir! 0000000000000000000000 oooooooooooooooooooooo <@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas. <@> Salve-o,no Desktop,com o nome: CFScript.txt RegLock::[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar0] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar1] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar2] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar3] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar4] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Summary] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Settings] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\WNDSTATUS] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] Driver:: "NOD32krn" "npggsvc" <@> Ps: É recomendável que esteja desconectado,ao rodar o script. <@> Ps: Desabilite,temporariamente,seu antivírus. <@> Ps: Não utilizem este script em outra máquina! <@> Arraste,o CFScript.txt para o ícone/interior do ComboFix. <@> Veja a demonstração! <@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix. <@> Ps: Faça o arraste,até surgir essa solicitação! ( janela ) <@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 25, 2010 Boa noite! DigRam Não consegui baixar o lspfix. RaProducts' PureRa v1.5 Log created at 23:42 on 25/05/2010 (Marcus) C:\Config.MSI emptied. C:\WINDOWS\system32\FNTCACHE.DAT <- O sistema não pode encontrar o arquivo especificado. Recycle bin emptied. C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied. C:\WINDOWS\SoftwareDistribution\Download emptied. C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied. C:\WINDOWS\SoftwareDistribution\WuRedir emptied. C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- O arquivo já está sendo usado por outro processo. C:\DOCUME~1\Marcus\CONFIG~1\Temp emptied. C:\WINDOWS\TEMP emptied. C:\WINDOWS\$NtUninstallKB901017$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB901214$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB902400$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB904706$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB904942$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB905414$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB905749$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB908519$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB908531$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB910437$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911280$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911562$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911564$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911927$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB913580$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914388$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914389$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914440$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB915800$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB915865$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB916595$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917344$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917422$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917734_WMP9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917953$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB918118$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB918439$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB919007$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920213$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920670$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920683$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920685$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920872$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB921503$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922582$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922819$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923191$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923414$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923561$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923689$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923694$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923980$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924191$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924270$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924496$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924667$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925398_WMP64$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925902$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926239$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926247$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926255$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926436$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927779$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927802$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927891$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB928255$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB928843$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929123$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929399$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929969$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB930178$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB930916$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931261$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931768$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931784$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931836$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB932168$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB932823-v3$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB933360$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB933729$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB935839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB935840$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936021$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936357$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936782_WMP11$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB937894$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938464$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938828$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938829$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB939683$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941202$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941568$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941569$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941644$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941693$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB942763$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943055$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943460$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943485$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB944653$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB945553$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946026$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB948590$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB948881$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950749$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950760$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951072-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951978$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952004$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952069_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954_1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954_2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB953155$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB953839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954154_WM11$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954155_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954211$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954459$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954600$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955069$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955759$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956391$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956572$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956744$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956802$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956803$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956841$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956844$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB957095$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB957097$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958644$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958687$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958690$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958869$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB959426$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB959772_WM11$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960225$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960715$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960803$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960859$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961118$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961371-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961373$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961501$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961503$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB967715$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968389$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968537$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968816_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969059$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969898$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969947$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970238$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970430$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970653-v3$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971468$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971486$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971557$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971633$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971657$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971737$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB972270$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973346$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973354$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973507$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973525$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973540_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973687$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973815$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973869$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973904$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974112$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974318$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974392$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974571$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975025$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975467$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975560$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975561$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975713$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB976098-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977165$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977816$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977914$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978037$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978251$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978262$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978338$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978601$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978706$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979306$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979309$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979683$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB980232$ <- Successfully deleted. C:\WINDOWS\$NtUninstallMSCompPackV1$ <- Successfully deleted. C:\WINDOWS\$NtUninstallWMFDist11$ <- Successfully deleted. C:\WINDOWS\$NtUninstallwmp11$ <- Successfully deleted. C:\WINDOWS\$NtUninstallWudf01000$ <- Successfully deleted. C:\WINDOWS\$NtUninstallWudf01005$ <- Successfully deleted. C:\WINDOWS\$NtUninstallXPSEPSCLP$ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\FrameWork.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemcore.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemess.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemprox.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wmiprov.log <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Bradesco\Marcus\Nelson Meiga\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Bradesco\Marcus\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Bradesco\mEIGA\Nelson Meiga\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Bradesco\mEIGA\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Marcus\Nelson Meiga\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\Marcus\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\mEIGA\Nelson Meiga\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Apresentacoes\mEIGA\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted. C:\AAAtividades Diversas\Escritório de Projetos\Kit do Líder de Projetos\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\GarenaTV\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\shop\items\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\Skin\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\Skin\Flags\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\web\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\web\cache\ROM\config\images\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Garena\web\cache\ROM\images\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Ani\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\ani\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\number\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\Photo\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_bluetooth\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_music\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_usb\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\Photo\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\PhotoEditor\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\test\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\unconnect\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\unconnect_rolling\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\SkinDlg\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\LG PC Suite II\res\SkinDlg2\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\NCSoft\Aion\L10N\ENU\textures\loading\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\NCSoft\Launcher\Skins\NCsoft_plaync_001\NCLauncherCustom\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\NCSoft\Launcher\Skins\web\error404\images\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Nero\Nero 9\Nero Recode\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Nero\Nero 9\Nero SoundTrax\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Nero\Nero 9\Nero StartSmart\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Nero\Nero 9\Nero WaveEditor\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted. C:\Arquivos de programas\Spyware Doctor\avdb\temp\MANUAL PARA ACELERAR SUA CONEXÆO DA INTERNET IINFALIVEL.RAR685\Manual para Acelerar sua conexÆo da Internet Iinfalivel\Veja Tamb‚m\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db <- Successfully deleted. C:\Documents and Settings\All Users\Documentos\Minhas imagens\Amostras de imagens\Thumbs.db <- Successfully deleted. C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog00.sqm <- Successfully deleted. C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog01.sqm <- Successfully deleted. C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog02.sqm <- Successfully deleted. C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog03.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\IconCache.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc00.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc01.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc02.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_1024.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_256.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_32.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_96.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_idx.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_sr.db <- Successfully deleted. C:\Documents and Settings\Marcus\Configurações locais\Temporary Internet Files\Sqm\iesqmdata0.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Dados de aplicativos\Microsoft\MSN Messenger\sqmnoopt00.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Dados de aplicativos\Microsoft\MSN Messenger\sqmnoopt01.sqm <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\CA\fergoooo\theme\Default\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Busca ImplacavelTaken.DVDRip.XviD.AC3-DEViSE\CD1\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Busca ImplacavelTaken.DVDRip.XviD.AC3-DEViSE\CD2\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Compressed\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Documents\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Invincible.DVDRip.XviD-DiAMOND.[www.torrentfive.com]\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\fernanda paes leme\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\PB.cacau\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\Playboy – Juliana Salimenim (Pânico) – Janeiro 2010\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Observe And Report.2009.DvdScr.Xvid {1337x}-Noir\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Downloads\Programs\Brazukas Evolution 2009 v1.3\Extras\Ballpacks\Ballpack Oficial Evolution by Joatan Show Man\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Meus arquivos recebidos\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\demotivados\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\Nova pasta\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\air race\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\fotos da festa\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\fts sampa\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\Henry\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\italia\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\vasco\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\Milan\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - 4\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Bloco Do Eu Sozinho\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Los Hermanos\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Ventura\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\My Videos\Thumbs.db <- Successfully deleted. C:\Documents and Settings\Marcus\Meus documentos\seriados\Thumbs.db <- Successfully deleted. C:\downloads\Thumbs.db <- Successfully deleted. C:\Fotos\Roca Sales\Thumbs.db <- Successfully deleted. C:\Fotos\Seminario BSeguros\Ade\Thumbs.db <- Successfully deleted. C:\Fotos\Seminario BSeguros\Ana\Thumbs.db <- Successfully deleted. C:\Fotos\Seminario BSeguros\Ideal\Thumbs.db <- Successfully deleted. C:\Fotos\Seminario BSeguros\Renato_Diniz\Thumbs.db <- Successfully deleted. C:\WINDOWS\network diagnostic\Sqm\NetDiag00.sqm <- Successfully deleted. C:\WINDOWS\network diagnostic\Sqm\NetDiag01.sqm <- Successfully deleted. C:\WINDOWS\network diagnostic\Sqm\NetDiag02.sqm <- Successfully deleted. C:\WINDOWS\network diagnostic\Sqm\NetDiag03.sqm <- Successfully deleted. C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Cursors\Thumbs.db <- Successfully deleted. C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Shell\NormalColor\Thumbs.db <- Successfully deleted. C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Wallpaper\Thumbs.db <- Successfully deleted. C:\WINDOWS\Resources\Themes\NGX\NeoGeniX Compact\Shell\NormalColor\Thumbs.db <- Successfully deleted. Total space cleaned: 505774741 bytes -=E.O.F=- Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 26, 2010 Bom Dia! .matiello Boa noite! DigRamNão consegui baixar o lspfix <!> Tente agora! <!> Poste,também,ComboFix.txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
.matiello 0 Denunciar post Postado Maio 26, 2010 Bom dia! DigRam ComboFix 10-05-23.07 - Marcus 26/05/2010 10:40:42.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1569 [GMT -3:00] Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe Comandos utilizados :: c:\documents and settings\Marcus\Desktop\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: ESET Smart Security 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Firewall pessoal do ESET *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD} * AV residente está ativo . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NOD32KRN -------\Service_NOD32krn -------\Service_npggsvc (((((((((((((((( Arquivos/Ficheiros criados de 2010-04-26 to 2010-05-26 )))))))))))))))))))))))))))) . 2010-05-26 00:38 . 2010-05-26 00:45 -------- d-----w- c:\arquivos de programas\cFosSpeed 2010-05-26 00:38 . 2009-10-30 15:25 288472 ------w- c:\windows\system32\cfosspeed.dll 2010-05-24 23:07 . 2008-04-13 22:20 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-05-24 23:06 . 2001-09-06 02:50 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2010-05-24 23:05 . 2001-09-06 02:49 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll 2010-05-24 23:04 . 2001-09-06 02:49 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2010-05-24 23:03 . 2008-04-13 14:41 17664 -c--a-w- c:\windows\system32\dllcache\ppa3.sys 2010-05-24 23:02 . 2001-09-06 02:49 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll 2010-05-24 23:01 . 2001-08-18 00:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys 2010-05-24 23:00 . 2008-04-13 22:18 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll 2010-05-24 22:59 . 2001-08-18 00:28 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys 2010-05-24 22:58 . 2001-09-06 02:50 46080 -c--a-w- c:\windows\system32\dllcache\esunib.dll 2010-05-24 22:57 . 2001-09-06 02:50 28672 -c--a-w- c:\windows\system32\dllcache\cyycoins.dll 2010-05-24 22:56 . 2001-09-06 02:12 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys 2010-05-24 22:55 . 2001-09-06 02:50 61952 -c--a-w- c:\windows\system32\dllcache\acerscad.dll 2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD 2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb 2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL 2010-05-23 17:48 . 2008-04-13 14:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation 2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe 2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe 2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe 2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot 2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys 2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll 2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll 2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll 2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll 2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll 2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository 2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme 2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos 2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV 2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound 2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software 2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound 2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT 2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat 2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client 2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client 2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia 2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite 2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution 2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys 2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys 2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys 2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys 2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 13:32 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent 2010-05-25 23:37 . 2007-05-21 21:11 -------- d-----w- c:\arquivos de programas\Serviços on-line 2010-05-25 12:11 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent 2010-05-25 01:55 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield 2010-05-24 14:30 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS 2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP 2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker 2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire 2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live 2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java 2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner 2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player 2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II 2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia 2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack 2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat 2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll 2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll 2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll 2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll 2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll 2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll 2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat 2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat 2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-02 04:19 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys 2010-02-26 15:05 . 2010-02-26 15:05 72488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab 2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll . ------- Sigcheck ------- [7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll [7] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe [-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe . ((((((((((((((((((((((((((((( SnapShot@2010-05-24_14.57.14 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 13:50 . 2010-05-26 13:50 16384 c:\windows\Temp\Perflib_Perfdata_7d8.dat + 2010-05-26 13:50 . 2010-05-26 13:50 16384 c:\windows\Temp\Perflib_Perfdata_2b4.dat + 2010-05-26 13:38 . 2010-05-26 13:38 16384 c:\windows\Temp\Perflib_Perfdata_264.dat + 2001-10-28 18:07 . 2001-10-28 18:07 32256 c:\windows\system32\wupdmgr.exe + 2007-05-21 21:09 . 2001-10-28 18:07 35328 c:\windows\system32\winchat.exe + 2004-08-04 00:45 . 2008-04-13 22:20 76288 c:\windows\system32\usbui.dll - 2007-01-29 08:58 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe + 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe + 2001-10-28 18:07 . 2001-10-28 18:07 83968 c:\windows\system32\tapiui.dll + 2001-10-28 18:07 . 2001-10-28 18:07 37376 c:\windows\system32\syskey.exe + 2007-05-21 21:09 . 2001-10-28 18:07 57344 c:\windows\system32\sol.exe + 2010-05-26 00:17 . 2005-12-03 00:38 41728 c:\windows\system32\ReinstallBackups\0022\DriverFiles\sfng32.sys + 2010-05-26 00:17 . 2008-04-14 02:21 23552 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\wdmaud.drv + 2010-05-26 00:17 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\stream.sys + 2010-05-26 00:17 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\drmk.sys + 2001-10-28 18:07 . 2001-10-28 18:07 35328 c:\windows\system32\pifmgr.dll + 2001-10-28 18:07 . 2001-10-28 18:07 31744 c:\windows\system32\ntsd.exe + 2001-10-28 18:07 . 2001-10-28 18:07 14848 c:\windows\system32\ntlanui2.dll + 2004-08-04 07:45 . 2008-04-13 22:21 70144 c:\windows\system32\notepad.exe - 2004-08-04 07:45 . 2008-04-14 02:21 70144 c:\windows\system32\notepad.exe + 2001-10-28 18:07 . 2001-10-28 18:07 90112 c:\windows\system32\mycomput.dll + 2008-04-14 01:57 . 2008-04-14 01:57 80896 c:\windows\system32\msshavmsg.dll + 2001-10-28 18:07 . 2001-10-28 18:07 62976 c:\windows\system32\msratelc.dll + 2001-10-28 18:07 . 2001-10-28 18:07 15872 c:\windows\system32\msidntld.dll + 2001-10-28 18:07 . 2001-10-28 18:07 47104 c:\windows\system32\mprui.dll + 2001-10-28 18:06 . 2001-10-28 18:06 48464 c:\windows\system32\jobexec.dll + 2007-05-23 22:03 . 2001-10-28 18:06 13312 c:\windows\system32\irclass.dll + 2001-10-28 18:06 . 2001-10-28 18:06 55808 c:\windows\system32\icmui.dll + 2001-09-05 23:50 . 2001-09-06 02:50 57344 c:\windows\system32\dvdplay.exe + 2001-10-28 18:06 . 2001-10-28 18:06 47104 c:\windows\system32\drwtsn32.exe + 2004-08-03 23:08 . 2004-07-09 07:27 48512 c:\windows\system32\drivers\stream.sys + 2004-08-03 23:08 . 2008-04-13 14:45 60160 c:\windows\system32\drivers\drmk.sys - 2004-08-03 23:08 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys + 2009-10-17 10:23 . 2002-12-12 03:14 77824 c:\windows\system32\dpmodemx.dll + 2010-05-24 23:07 . 2001-09-06 02:50 23040 c:\windows\system32\dllcache\xrxwbtmp.dll + 2010-05-24 23:07 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\xrxftplt.exe + 2007-05-21 21:09 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\xolehlp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 50176 c:\windows\system32\dllcache\xmlprovi.dll + 2010-05-24 23:07 . 2001-09-06 02:50 99865 c:\windows\system32\dllcache\xlog.exe + 2010-05-24 23:07 . 2001-08-17 23:11 16970 c:\windows\system32\dllcache\xem336n5.sys + 2004-08-04 07:45 . 2008-04-14 02:21 30720 c:\windows\system32\dllcache\xcopy.exe + 2004-08-04 07:45 . 2008-04-14 02:20 91648 c:\windows\system32\dllcache\xactsrv.dll + 2004-08-04 00:45 . 2008-04-14 02:20 52736 c:\windows\system32\dllcache\wzcsapi.dll + 2010-05-24 23:07 . 2008-04-13 12:34 19455 c:\windows\system32\dllcache\wvchntxx.sys + 2001-10-28 18:07 . 2001-10-28 18:07 32256 c:\windows\system32\dllcache\wupdmgr.exe + 2004-08-04 07:45 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\wtsapi32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 51200 c:\windows\system32\dllcache\wstdecod.dll + 2007-08-18 17:22 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys + 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\wsock32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 41984 c:\windows\system32\dllcache\wsnmp32.dll + 2010-05-24 23:07 . 2008-04-13 12:34 12063 c:\windows\system32\dllcache\wsiintxx.sys + 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\wshtcpip.dll + 2004-08-04 07:45 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\wshrm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\wship6.dll + 2004-08-04 07:45 . 2008-05-09 10:55 90112 c:\windows\system32\dllcache\wshext.dll - 2008-08-31 09:44 . 2008-05-09 10:55 90112 c:\windows\system32\dllcache\wshext.dll + 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\wshcon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 80896 c:\windows\system32\dllcache\wscsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\wscntfy.exe + 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\ws2help.dll + 2004-08-04 07:45 . 2008-04-14 02:20 82432 c:\windows\system32\dllcache\ws2_32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 11776 c:\windows\system32\dllcache\wpnpinst.exe + 2001-09-05 23:50 . 2001-10-28 18:06 14336 c:\windows\system32\dllcache\wowfaxui.dll + 2007-05-21 21:10 . 2004-08-04 07:45 73728 c:\windows\system32\dllcache\wmplayer.exe + 2007-05-21 21:09 . 2008-04-14 02:20 97792 c:\windows\system32\dllcache\wmiutils.dll + 2007-05-21 21:09 . 2008-04-14 02:20 41472 c:\windows\system32\dllcache\wmipsess.dll + 2007-05-21 21:09 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\wmipjobj.dll + 2007-05-21 21:09 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\wmipiprt.dll + 2007-05-21 21:09 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\wmicookr.dll + 2007-05-21 21:09 . 2008-04-14 02:20 88576 c:\windows\system32\dllcache\wmiaprpl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 93184 c:\windows\system32\dllcache\wlnotify.dll + 2010-05-24 23:07 . 2001-09-06 02:22 34890 c:\windows\system32\dllcache\wlandrv2.sys + 2008-04-14 02:20 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\wlanapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 53760 c:\windows\system32\dllcache\winsta.dll + 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\winshfhc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 99840 c:\windows\system32\dllcache\winscard.dll + 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\winrnr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 32256 c:\windows\system32\dllcache\winipsec.dll + 2007-05-21 21:09 . 2001-10-28 18:07 35328 c:\windows\system32\dllcache\winchat.exe + 2004-08-04 07:45 . 2008-04-14 02:20 75776 c:\windows\system32\dllcache\wiascr.dll + 2010-05-24 23:06 . 2001-09-06 02:50 54272 c:\windows\system32\dllcache\wiamsmud.dll + 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\webclnt.dll + 2004-08-03 23:15 . 2008-04-13 19:17 83072 c:\windows\system32\dllcache\wdmaud.sys + 2004-08-04 00:45 . 2008-04-14 02:21 23552 c:\windows\system32\dllcache\wdmaud.drv - 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll + 2004-08-04 07:45 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll + 2010-05-24 23:06 . 2008-04-13 12:34 23615 c:\windows\system32\dllcache\wch7xxnt.sys + 2010-05-24 23:06 . 2008-04-13 21:53 32000 c:\windows\system32\dllcache\wceusbsh.sys + 2010-05-24 23:06 . 2001-08-17 23:10 35871 c:\windows\system32\dllcache\wbfirdma.sys + 2007-05-21 21:09 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\wbemsvc.dll + 2007-05-21 21:09 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\wbemprox.dll + 2004-08-04 07:45 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\wbemperf.dll + 2007-05-21 21:09 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\wbemcons.dll + 2008-08-30 19:21 . 2004-08-04 01:29 25471 c:\windows\system32\dllcache\watv10nt.sys + 2008-08-30 19:21 . 2004-08-04 01:29 22271 c:\windows\system32\dllcache\watv06nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 33599 c:\windows\system32\dllcache\watv04nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 19551 c:\windows\system32\dllcache\watv02nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 29311 c:\windows\system32\dllcache\watv01nt.sys + 2004-08-04 06:07 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys + 2004-08-04 06:04 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys + 2008-04-14 02:20 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\wamreg51.dll + 2008-04-14 02:20 . 2008-04-14 02:20 78336 c:\windows\system32\dllcache\wam51.dll + 2008-08-30 19:21 . 2004-08-04 01:29 11935 c:\windows\system32\dllcache\wadv11nt.sys + 2008-08-30 19:21 . 2004-08-04 01:29 11871 c:\windows\system32\dllcache\wadv09nt.sys + 2008-08-30 19:21 . 2004-08-04 01:29 11295 c:\windows\system32\dllcache\wadv08nt.sys + 2008-08-30 19:21 . 2004-08-04 01:29 11807 c:\windows\system32\dllcache\wadv07nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 11775 c:\windows\system32\dllcache\wadv05nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 12127 c:\windows\system32\dllcache\wadv02nt.sys + 2010-05-24 23:06 . 2008-04-13 12:34 12415 c:\windows\system32\dllcache\wadv01nt.sys + 2008-04-13 18:43 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys + 2007-05-21 21:10 . 2008-04-14 02:21 30208 c:\windows\system32\dllcache\wabmig.exe + 2010-05-24 23:06 . 2001-08-17 23:13 16925 c:\windows\system32\dllcache\w940nd.sys + 2010-05-24 23:06 . 2001-08-17 23:13 19016 c:\windows\system32\dllcache\w926nd.sys + 2010-05-24 23:06 . 2001-08-17 23:13 19528 c:\windows\system32\dllcache\w840nd.sys + 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\w3ssl.dll + 2010-05-24 23:06 . 2001-08-18 00:28 64605 c:\windows\system32\dllcache\vvoice.sys + 2004-08-04 07:37 . 2008-04-14 01:53 53248 c:\windows\system32\dllcache\volsnap.sys + 2004-08-04 06:07 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys + 2010-05-24 23:06 . 2001-08-18 00:49 24576 c:\windows\system32\dllcache\viairda.sys + 2004-08-03 23:07 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys + 2004-08-04 06:07 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys + 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\version.dll + 2001-10-28 18:07 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\verifier.dll + 2004-08-04 07:45 . 2008-04-14 02:20 51712 c:\windows\system32\dllcache\vdmredir.dll + 2001-08-17 22:02 . 2001-10-28 18:06 58112 c:\windows\system32\dllcache\vdmindvd.sys + 2004-08-04 07:45 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\vdmdbg.dll + 2008-04-14 02:20 . 2008-04-14 02:20 11325 c:\windows\system32\dllcache\vchnt5.dll + 2004-08-04 07:45 . 2008-04-14 02:20 30749 c:\windows\system32\dllcache\vbajet32.dll + 2001-09-05 23:50 . 2001-10-28 18:06 49211 c:\windows\system32\dllcache\usrvpa.dll + 2001-09-05 23:50 . 2001-10-28 18:06 45116 c:\windows\system32\dllcache\usrvoica.dll + 2001-09-05 23:50 . 2001-10-28 18:06 49209 c:\windows\system32\dllcache\usrv80a.dll + 2001-09-05 23:50 . 2001-10-28 18:06 41019 c:\windows\system32\dllcache\usrsvpia.dll + 2001-09-05 23:50 . 2001-10-28 18:06 69700 c:\windows\system32\dllcache\usrshuta.exe + 2001-09-05 23:50 . 2001-10-28 18:06 49211 c:\windows\system32\dllcache\usrsdpia.dll + 2001-09-05 23:50 . 2001-10-28 18:06 77883 c:\windows\system32\dllcache\usrrtosa.dll + 2001-09-05 23:50 . 2001-10-28 18:06 61508 c:\windows\system32\dllcache\usrprbda.exe + 2001-09-05 23:50 . 2001-10-28 18:06 77891 c:\windows\system32\dllcache\usrmlnka.exe + 2001-09-05 23:50 . 2001-10-28 18:06 53305 c:\windows\system32\dllcache\usrlbva.dll + 2001-09-05 23:50 . 2001-10-28 18:06 86073 c:\windows\system32\dllcache\usrfaxa.dll + 2001-09-05 23:50 . 2001-10-28 18:06 77890 c:\windows\system32\dllcache\usrdpa.dll + 2001-09-05 23:50 . 2001-10-28 18:06 69699 c:\windows\system32\dllcache\usrcoina.dll + 2001-09-05 23:50 . 2001-10-28 18:06 61500 c:\windows\system32\dllcache\usrcntra.dll + 2004-08-04 07:45 . 2008-04-14 02:21 26112 c:\windows\system32\dllcache\userinit.exe + 2004-08-04 00:45 . 2008-04-13 22:20 76288 c:\windows\system32\dllcache\usbui.dll + 2004-08-04 06:08 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys + 2004-08-04 06:08 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys + 2010-05-24 23:06 . 2008-04-13 14:45 26112 c:\windows\system32\dllcache\usbser.sys + 2010-05-24 23:06 . 2008-04-13 14:45 15104 c:\windows\system32\dllcache\usbscan.sys + 2010-05-24 23:06 . 2008-04-13 14:47 25856 c:\windows\system32\dllcache\usbprint.sys + 2010-05-24 23:06 . 2008-04-13 14:45 17152 c:\windows\system32\dllcache\usbohci.sys + 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\usbmon.dll + 2004-08-03 23:08 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys + 2004-08-04 06:08 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys + 2004-08-04 06:08 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys + 2004-08-04 06:08 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys + 2001-08-17 22:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys + 2001-08-17 22:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys + 2008-04-13 18:56 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys + 2004-08-04 06:04 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys + 2010-05-24 23:06 . 2008-04-13 21:52 32384 c:\windows\system32\dllcache\usb101et.sys + 2004-08-04 07:45 . 2008-04-14 02:21 18432 c:\windows\system32\dllcache\ups.exe + 2004-08-04 07:45 . 2008-04-14 02:21 16896 c:\windows\system32\dllcache\upnpcont.exe + 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\uniplat.dll + 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\unimdmat.dll + 2010-05-24 23:06 . 2001-09-06 02:50 94720 c:\windows\system32\dllcache\umaxud32.dll + 2010-05-24 23:06 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\umaxu40.dll + 2010-05-24 23:06 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\umaxu22.dll + 2010-05-24 23:06 . 2001-09-06 02:50 69632 c:\windows\system32\dllcache\umaxu12.dll + 2010-05-24 23:06 . 2001-09-06 02:50 50688 c:\windows\system32\dllcache\umaxscan.dll + 2010-05-24 23:06 . 2001-08-18 00:58 22912 c:\windows\system32\dllcache\umaxpcls.sys + 2010-05-24 23:06 . 2001-09-06 02:50 50176 c:\windows\system32\dllcache\umaxp60.dll + 2010-05-24 23:06 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\umaxcam.dll + 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\umandlg.dll + 2010-05-24 23:06 . 2001-08-18 00:52 36736 c:\windows\system32\dllcache\ultra.sys + 2004-08-04 07:45 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\udhisapi.dll + 2004-08-04 06:00 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys + 2004-08-03 23:07 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys + 2010-05-24 23:06 . 2001-08-18 00:48 11520 c:\windows\system32\dllcache\twotrack.sys + 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\twext.dll + 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\twain_32.dll + 2004-08-03 23:03 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys + 2008-04-14 02:20 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\tspkg.dll + 2008-04-14 02:20 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\tsgqec.dll + 2004-08-04 07:45 . 2008-04-14 02:21 12168 c:\windows\system32\dllcache\tsddd.dll + 2007-05-21 21:09 . 2008-04-14 02:20 93696 c:\windows\system32\dllcache\tscfgwmi.dll + 2001-08-17 22:06 . 2001-10-28 18:06 21376 c:\windows\system32\dllcache\tsbvcap.sys + 2004-08-04 07:45 . 2008-04-14 02:20 90112 c:\windows\system32\dllcache\trkwks.dll + 2004-08-04 07:45 . 2008-04-14 02:21 12800 c:\windows\system32\dllcache\tracert.exe + 2010-05-24 23:06 . 2001-08-17 23:12 34375 c:\windows\system32\dllcache\tpro4.sys + 2010-05-24 23:06 . 2001-09-06 02:49 43008 c:\windows\system32\dllcache\tp4res.dll + 2010-05-24 23:06 . 2008-04-13 22:21 82944 c:\windows\system32\dllcache\tp4mon.exe + 2010-05-24 23:06 . 2001-09-06 02:50 31744 c:\windows\system32\dllcache\tp4.dll + 2001-08-17 22:01 . 2001-10-28 18:06 51712 c:\windows\system32\dllcache\tosdvd.sys + 2010-05-24 23:06 . 2001-08-17 23:10 28232 c:\windows\system32\dllcache\tos4mo.sys + 2008-04-14 02:20 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\tools.dll + 2004-08-04 07:45 . 2008-04-14 02:21 73728 c:\windows\system32\dllcache\tlntsvr.exe + 2004-08-04 07:45 . 2009-06-15 10:44 81408 c:\windows\system32\dllcache\tlntsess.exe - 2009-06-15 10:44 . 2009-06-15 10:44 81408 c:\windows\system32\dllcache\tlntsess.exe + 2004-08-04 07:45 . 2008-04-14 02:21 62976 c:\windows\system32\dllcache\tlntadmn.exe + 2007-05-21 21:09 . 2008-04-14 02:21 40840 c:\windows\system32\dllcache\termdd.sys + 2004-08-04 07:45 . 2009-06-15 10:44 77824 c:\windows\system32\dllcache\telnet.exe - 2009-06-15 10:44 . 2009-06-15 10:44 77824 c:\windows\system32\dllcache\telnet.exe + 2007-05-21 21:09 . 2008-04-14 02:21 21896 c:\windows\system32\dllcache\tdtcp.sys + 2007-05-21 21:09 . 2008-04-14 02:21 12040 c:\windows\system32\dllcache\tdpipe.sys + 2010-05-24 23:05 . 2001-08-17 23:13 17129 c:\windows\system32\dllcache\tdkcd31.sys + 2010-05-24 23:05 . 2001-08-17 23:13 37961 c:\windows\system32\dllcache\tdk100b.sys + 2004-08-04 06:07 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys + 2007-05-21 21:12 . 2008-04-14 02:21 32827 c:\windows\system32\dllcache\tcptest.exe + 2004-08-04 07:45 . 2008-04-14 02:20 46080 c:\windows\system32\dllcache\tcpmon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14848 c:\windows\system32\dllcache\tcpmib.dll + 2010-05-24 23:05 . 2001-08-18 00:49 30464 c:\windows\system32\dllcache\tbatm155.sys + 2001-10-28 18:07 . 2008-04-14 02:21 78848 c:\windows\system32\dllcache\tasklist.exe + 2001-10-28 18:07 . 2008-04-14 02:21 77824 c:\windows\system32\dllcache\taskkill.exe + 2001-10-28 18:07 . 2001-10-28 18:07 83968 c:\windows\system32\dllcache\tapiui.dll + 2004-08-04 06:00 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys + 2004-08-04 07:45 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\tabletoc.dll + 2010-05-24 23:05 . 2001-08-17 23:50 36640 c:\windows\system32\dllcache\t2r4mini.sys + 2001-10-28 18:07 . 2001-10-28 18:07 37376 c:\windows\system32\dllcache\syskey.exe + 2001-10-28 18:07 . 2008-04-14 02:21 73216 c:\windows\system32\dllcache\sysinfo.exe + 2004-08-03 23:15 . 2008-04-13 19:15 60800 c:\windows\system32\dllcache\sysaudio.sys + 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\synceng.dll + 2010-05-24 23:05 . 2001-08-18 01:07 32640 c:\windows\system32\dllcache\symc8xx.sys + 2010-05-24 23:05 . 2001-08-18 01:07 16256 c:\windows\system32\dllcache\symc810.sys + 2010-05-24 23:05 . 2001-08-18 01:07 30688 c:\windows\system32\dllcache\sym_u3.sys + 2010-05-24 23:05 . 2001-08-18 01:07 28384 c:\windows\system32\dllcache\sym_hi.sys + 2010-05-24 23:05 . 2001-09-06 02:50 94293 c:\windows\system32\dllcache\sxports.dll + 2010-05-24 23:05 . 2001-09-06 02:50 10240 c:\windows\system32\dllcache\swpidflt.dll + 2010-05-24 23:05 . 2001-09-06 02:50 10240 c:\windows\system32\dllcache\swpdflt2.dll + 2001-08-17 22:00 . 2008-04-13 18:45 56576 c:\windows\system32\dllcache\swmidi.sys + 2010-05-24 23:05 . 2001-09-06 02:50 53760 c:\windows\system32\dllcache\sw_wheel.dll + 2010-05-24 23:05 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\sw_effct.dll + 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\svchost.exe + 2008-04-14 02:20 . 2008-04-14 02:20 46592 c:\windows\system32\dllcache\svcext51.dll - 2009-10-21 05:39 . 2009-10-21 05:39 75776 c:\windows\system32\dllcache\strmfilt.dll + 2004-08-04 07:45 . 2009-10-21 05:39 75776 c:\windows\system32\dllcache\strmfilt.dll + 2007-08-18 17:22 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys + 2004-08-03 23:08 . 2004-07-09 07:27 48512 c:\windows\system32\dllcache\stream.sys + 2007-05-21 17:18 . 2008-04-13 21:20 75776 c:\windows\system32\dllcache\storprop.dll + 2010-05-24 23:05 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\stlncoin.dll + 2007-05-21 21:09 . 2008-04-14 02:20 86528 c:\windows\system32\dllcache\stdprov.dll + 2010-05-24 23:05 . 2001-09-06 02:06 17024 c:\windows\system32\dllcache\stcusb.sys + 2007-05-21 21:09 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\stclient.dll + 2004-08-04 07:45 . 2008-04-14 02:20 33280 c:\windows\system32\dllcache\sstub.dll + 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\ssstars.scr + 2008-04-14 02:20 . 2008-04-14 02:20 46592 c:\windows\system32\dllcache\sspifilt.dll + 2004-08-04 07:45 . 2008-04-14 02:21 18944 c:\windows\system32\dllcache\ssmyst.scr + 2004-08-04 07:45 . 2008-04-14 02:21 47104 c:\windows\system32\dllcache\ssmypics.scr + 2004-08-04 07:45 . 2008-04-14 02:21 20992 c:\windows\system32\dllcache\ssmarque.scr + 2008-04-14 02:20 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\ssinc51.dll + 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\ssdpsrv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 34816 c:\windows\system32\dllcache\ssdpapi.dll + 2004-08-04 07:45 . 2008-04-14 02:21 19968 c:\windows\system32\dllcache\ssbezier.scr + 2010-05-24 23:05 . 2001-08-17 23:11 48736 c:\windows\system32\dllcache\srwlnd5.sys + 2004-08-04 07:45 . 2008-04-14 02:20 96768 c:\windows\system32\dllcache\srvsvc.dll + 2010-05-24 23:05 . 2001-09-06 02:50 99328 c:\windows\system32\dllcache\srusd.dll + 2007-05-21 21:10 . 2008-04-14 02:20 58434 c:\windows\system32\dllcache\srchctls.dll + 2007-05-21 21:10 . 2008-04-14 02:02 73472 c:\windows\system32\dllcache\sr.sys + 2010-05-24 23:05 . 2001-09-06 02:50 24660 c:\windows\system32\dllcache\spxupchk.dll + 2001-09-05 23:50 . 2001-10-28 18:06 72192 c:\windows\system32\dllcache\sprio800.dll + 2001-09-05 23:50 . 2001-10-28 18:06 70656 c:\windows\system32\dllcache\sprio600.dll + 2004-08-04 07:45 . 2008-04-14 02:21 57856 c:\windows\system32\dllcache\spoolsv.exe + 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\spoolss.dll + 2004-08-04 07:45 . 2008-04-13 22:21 11264 c:\windows\system32\dllcache\spnpinst.exe + 2001-09-05 23:50 . 2001-10-28 18:06 69632 c:\windows\system32\dllcache\spnike.dll + 2004-08-04 05:59 . 2008-04-13 18:43 12800 c:\windows\system32\dllcache\spiisupd.exe + 2004-08-04 07:44 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll + 2010-05-24 23:05 . 2001-08-18 00:51 61824 c:\windows\system32\dllcache\speed.sys + 2010-05-24 23:05 . 2001-08-18 01:07 19072 c:\windows\system32\dllcache\sparrow.sys + 2001-10-28 18:07 . 2008-04-14 02:21 25600 c:\windows\system32\dllcache\sort.exe + 2010-05-24 23:05 . 2001-08-17 23:51 37040 c:\windows\system32\dllcache\sonypi.sys + 2010-05-24 23:05 . 2001-08-17 23:51 20752 c:\windows\system32\dllcache\sonync.sys + 2004-08-03 23:09 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys + 2007-05-21 21:09 . 2001-10-28 18:07 57344 c:\windows\system32\dllcache\sol.exe + 2007-06-15 08:04 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\snmpthrd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\snmpapi.dll + 2007-06-15 08:04 . 2008-04-14 02:21 33280 c:\windows\system32\dllcache\snmp.exe + 2004-08-04 07:45 . 2008-04-14 02:20 34816 c:\windows\system32\dllcache\sniffpol.dll + 2008-04-14 02:20 . 2008-04-14 02:20 10752 c:\windows\system32\dllcache\smtpapi.dll + 2004-08-04 07:45 . 2008-04-14 02:21 50688 c:\windows\system32\dllcache\smss.exe + 2004-08-04 07:45 . 2008-04-14 02:21 90624 c:\windows\system32\dllcache\smlogsvc.exe + 2010-05-24 23:05 . 2001-08-17 23:51 58368 c:\windows\system32\dllcache\smiminib.sys + 2010-05-24 23:05 . 2001-08-17 23:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys + 2010-05-24 23:05 . 2001-09-06 02:29 36425 c:\windows\system32\dllcache\smcirda.sys + 2010-05-24 23:05 . 2001-08-17 23:12 24576 c:\windows\system32\dllcache\smc8000n.sys + 2010-05-24 23:05 . 2008-04-13 14:36 16000 c:\windows\system32\dllcache\smbbatt.sys + 2010-05-24 23:05 . 2001-09-06 02:50 45568 c:\windows\system32\dllcache\smb3w.dll + 2010-05-24 23:05 . 2001-09-06 02:50 33792 c:\windows\system32\dllcache\smb0w.dll + 2010-05-24 23:05 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\sma0w.dll + 2010-05-24 23:05 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\sm91w.dll + 2008-08-30 19:21 . 2004-08-04 01:41 13240 c:\windows\system32\dllcache\slwdmsup.sys + 2008-04-14 02:21 . 2008-04-14 02:21 73796 c:\windows\system32\dllcache\slserv.exe + 2008-04-14 02:21 . 2008-04-14 02:21 32866 c:\windows\system32\dllcache\slrundll.exe + 2008-08-30 19:21 . 2004-08-04 01:41 95424 c:\windows\system32\dllcache\slnthal.sys + 2007-08-18 17:22 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys + 2008-04-14 02:20 . 2008-04-14 02:20 73832 c:\windows\system32\dllcache\slcoinst.dll + 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\slbiop.dll + 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\slayerxp.dll + 2010-05-24 23:05 . 2008-04-13 12:35 63547 c:\windows\system32\dllcache\sla30nd5.sys + 2010-05-24 23:05 . 2001-08-17 23:12 91294 c:\windows\system32\dllcache\skfpwin.sys + 2004-08-04 07:45 . 2008-04-14 02:21 26112 c:\windows\system32\dllcache\skeys.exe + 2010-05-24 23:05 . 2001-09-06 02:29 94890 c:\windows\system32\dllcache\sk98xwin.sys + 2010-05-24 23:05 . 2001-08-17 23:50 50432 c:\windows\system32\dllcache\sisv.sys + 2010-05-24 23:05 . 2008-04-13 12:35 32768 c:\windows\system32\dllcache\sisnic.sys + 2004-08-03 23:07 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys + 2010-05-24 23:05 . 2001-08-17 23:50 68608 c:\windows\system32\dllcache\sis6306p.sys + 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\sigtab.dll + 2004-08-04 07:45 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\shutdown.exe + 2007-05-21 21:12 . 2008-04-14 02:21 16437 c:\windows\system32\dllcache\shtml.exe + 2007-05-21 21:12 . 2008-04-14 02:20 20536 c:\windows\system32\dllcache\shtml.dll + 2004-08-04 07:45 . 2008-04-14 02:21 45056 c:\windows\system32\dllcache\shmgrate.exe + 2004-08-04 07:45 . 2008-04-14 02:20 65024 c:\windows\system32\dllcache\shimeng.dll + 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\shgina.dll + 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\shfolder.dll + 2010-05-24 23:04 . 2001-07-22 01:29 18400 c:\windows\system32\dllcache\sgsmld.sys + 2010-05-24 23:04 . 2001-08-17 23:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys + 2010-05-24 23:04 . 2001-08-17 23:19 36480 c:\windows\system32\dllcache\sfmanm.sys + 2004-08-04 05:59 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys + 2004-08-04 05:59 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys + 2004-08-04 05:59 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys + 2008-04-14 02:21 . 2008-04-14 02:21 32768 c:\windows\system32\dllcache\setupn.exe + 2007-05-21 21:10 . 2008-04-14 02:21 73728 c:\windows\system32\dllcache\setup50.exe + 2004-08-04 07:45 . 2008-04-14 02:21 32768 c:\windows\system32\dllcache\sethc.exe + 2010-05-24 23:04 . 2001-09-06 02:27 18176 c:\windows\system32\dllcache\sermouse.sys + 2004-08-04 07:37 . 2008-04-14 01:55 65536 c:\windows\system32\dllcache\serial.sys + 2004-08-04 05:59 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys + 2004-08-04 07:45 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\sens.dll + 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\sendcmsg.dll - 2009-02-03 19:58 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll + 2004-08-04 07:45 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\seclogon.dll + 2004-08-04 07:45 . 2008-04-14 02:21 19456 c:\windows\system32\dllcache\secedit.exe + 2004-08-04 07:45 . 2008-04-14 02:20 29184 c:\windows\system32\dllcache\sdhcinst.dll + 2004-08-04 06:07 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys + 2004-08-04 07:45 . 2008-04-14 02:21 77824 c:\windows\system32\dllcache\sdbinst.exe + 2010-05-24 23:04 . 2008-04-13 14:45 11520 c:\windows\system32\dllcache\scsiscan.sys + 2010-05-24 23:04 . 2001-08-18 00:52 11648 c:\windows\system32\dllcache\scsiprnt.sys + 2004-08-04 05:59 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys + 2007-05-21 21:09 . 2008-04-14 02:21 36352 c:\windows\system32\dllcache\scrcons.exe + 2010-05-24 23:04 . 2001-09-06 02:27 17408 c:\windows\system32\dllcache\scr111.sys + 2010-05-24 23:04 . 2001-09-06 02:27 16768 c:\windows\system32\dllcache\scmstcs.sys + 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\sclgntfy.dll + 2010-05-24 23:04 . 2001-08-18 00:51 23936 c:\windows\system32\dllcache\sccmusbm.sys + 2010-05-24 23:04 . 2001-09-06 02:26 24064 c:\windows\system32\dllcache\sccmn50m.sys + 2004-08-04 07:45 . 2008-04-14 02:21 99328 c:\windows\system32\dllcache\scardsvr.exe + 2004-08-04 07:45 . 2008-04-14 02:20 69632 c:\windows\system32\dllcache\scarddlg.dll + 2010-05-24 23:04 . 2008-04-13 14:40 43904 c:\windows\system32\dllcache\sbp2port.sys + 2004-08-04 07:45 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\savedump.exe + 2004-08-04 07:45 . 2008-04-14 02:20 64000 c:\windows\system32\dllcache\samlib.dll + 2007-05-21 21:10 . 2008-04-14 02:20 45568 c:\windows\system32\dllcache\safrslv.dll + 2007-05-21 21:10 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\safrdm.dll + 2007-05-21 21:10 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\safrcdlg.dll + 2010-05-24 23:04 . 2001-08-17 23:50 75392 c:\windows\system32\dllcache\s3savmxm.sys + 2010-05-24 23:04 . 2001-08-17 23:50 77824 c:\windows\system32\dllcache\s3sav4m.sys + 2010-05-24 23:04 . 2001-08-17 23:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys + 2010-05-24 23:04 . 2001-09-06 02:49 62496 c:\windows\system32\dllcache\s3mtrio.dll + 2010-05-24 23:04 . 2001-08-17 23:50 41216 c:\windows\system32\dllcache\s3mt3d.sys + 2010-05-24 23:04 . 2001-08-18 00:57 65664 c:\windows\system32\dllcache\s3legacy.sys + 2010-05-24 22:55 . 2001-09-06 02:49 66048 c:\windows\system32\dllcache\s3legacy.dll + 2010-05-24 23:04 . 2001-09-06 02:50 83456 c:\windows\system32\dllcache\rwia450.dll + 2010-05-24 23:04 . 2001-09-06 02:50 80896 c:\windows\system32\dllcache\rwia430.dll + 2010-05-24 23:04 . 2008-04-13 22:20 29696 c:\windows\system32\dllcache\rw450ext.dll + 2010-05-24 23:04 . 2008-04-13 22:20 28160 c:\windows\system32\dllcache\rw430ext.dll + 2008-04-14 02:20 . 2008-04-14 02:20 29184 c:\windows\system32\dllcache\rw330ext.dll + 2008-04-14 02:20 . 2008-04-14 02:20 28160 c:\windows\system32\dllcache\rw001ext.dll + 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\runonce.exe + 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\rtutils.dll + 2010-05-24 23:04 . 2008-04-13 12:35 20992 c:\windows\system32\dllcache\rtl8139.sys + 2010-05-24 23:04 . 2001-08-17 23:12 19017 c:\windows\system32\dllcache\rtl8029.sys + 2004-08-04 07:45 . 2008-04-14 02:20 31744 c:\windows\system32\dllcache\rtipxmib.dll + 2010-05-24 23:04 . 2001-08-17 23:19 30720 c:\windows\system32\dllcache\rthwcls.sys + 2001-10-28 18:07 . 2008-04-14 02:20 92672 c:\windows\system32\dllcache\rsvpsp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\rsmps.dll + 2004-08-04 07:45 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\rshx32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 15872 c:\windows\system32\dllcache\rsh.exe + 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\rrcm.dll + 2010-05-24 23:04 . 2008-04-13 21:54 79360 c:\windows\system32\dllcache\rocket.sys + 2008-04-13 18:56 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys + 2004-08-04 06:04 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys + 2010-05-24 23:04 . 2001-08-17 23:12 37563 c:\windows\system32\dllcache\rlnet5.sys + 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\riodrv.sys + 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\rio8drv.sys + 2008-04-13 18:46 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys + 2004-08-04 07:45 . 2008-04-14 02:21 14848 c:\windows\system32\dllcache\rexec.exe + 2004-08-04 07:45 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\resutils.dll + 2010-05-24 23:04 . 2001-09-06 02:50 86097 c:\windows\system32\dllcache\reslog32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 11776 c:\windows\system32\dllcache\regsvr32.exe + 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\regsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 49664 c:\windows\system32\dllcache\regapi.dll + 2004-08-04 07:45 . 2008-04-14 02:21 51200 c:\windows\system32\dllcache\reg.exe + 2007-05-21 18:07 . 2008-04-14 01:53 58240 c:\windows\system32\dllcache\redbook.sys + 2008-08-30 19:21 . 2004-08-04 01:41 13776 c:\windows\system32\dllcache\recagent.sys + 2007-05-21 21:09 . 2008-04-14 02:21 67072 c:\windows\system32\dllcache\rdshost.exe + 2007-05-21 21:09 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\rdsaddin.exe + 2007-05-21 21:09 . 2008-04-14 02:21 87176 c:\windows\system32\dllcache\rdpwsx.dll + 2007-05-21 21:09 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\rdpsnd.dll + 2004-08-04 07:45 . 2008-04-14 02:21 92424 c:\windows\system32\dllcache\rdpdd.dll + 2007-05-21 21:09 . 2008-04-14 02:21 62976 c:\windows\system32\dllcache\rdpclip.exe + 2004-08-04 07:45 . 2008-04-14 02:21 23040 c:\windows\system32\dllcache\rcp.exe + 2010-05-24 23:04 . 2004-08-04 07:45 35840 c:\windows\system32\dllcache\rcimlby.exe + 2004-08-04 07:45 . 2008-04-14 02:20 58368 c:\windows\system32\dllcache\rastapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\rassapi.dll + 2008-04-14 02:20 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\rasqec.dll + 2004-08-04 06:14 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys + 2004-08-04 06:05 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys + 2004-08-04 07:45 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\rasman.dll + 2004-08-04 06:14 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys + 2010-05-24 23:04 . 2001-08-18 00:51 19584 c:\windows\system32\dllcache\rasirda.sys + 2004-08-04 07:45 . 2009-10-12 13:39 79872 c:\windows\system32\dllcache\raschap.dll - 2009-10-12 13:39 . 2009-10-12 13:39 79872 c:\windows\system32\dllcache\raschap.dll + 2004-08-04 07:45 . 2008-04-14 02:20 88576 c:\windows\system32\dllcache\rasauto.dll + 2008-04-13 18:41 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys + 2007-05-21 21:10 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\racpldlg.dll + 2010-05-24 23:04 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\qvusd.dll + 2008-04-14 02:20 . 2008-04-14 02:20 76800 c:\windows\system32\dllcache\qutil.dll + 2007-05-21 21:09 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\qprocess.exe + 2007-05-21 21:10 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\qmgrprxy.dll + 2010-05-24 23:04 . 2001-08-18 00:52 49024 c:\windows\system32\dllcache\ql1280.sys + 2010-05-24 23:04 . 2001-08-18 00:52 40448 c:\windows\system32\dllcache\ql1240.sys + 2010-05-24 23:04 . 2001-08-18 00:52 45312 c:\windows\system32\dllcache\ql12160.sys + 2010-05-24 23:04 . 2001-08-18 00:52 33152 c:\windows\system32\dllcache\ql10wnt.sys + 2010-05-24 23:04 . 2001-08-18 00:52 40320 c:\windows\system32\dllcache\ql1080.sys + 2008-04-14 02:20 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\qcliprov.dll + 2004-08-04 07:45 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\pstorsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\pstorec.dll + 2010-05-24 23:04 . 2001-09-06 02:50 35328 c:\windows\system32\dllcache\psisload.dll + 2010-05-24 23:04 . 2001-09-06 02:21 16512 c:\windows\system32\dllcache\pscr.sys + 2004-08-04 06:04 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys + 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\psapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 27648 c:\windows\system32\dllcache\profmap.dll + 2004-08-04 00:35 . 2008-04-14 01:51 39936 c:\windows\system32\dllcache\processr.sys + 2010-05-24 23:03 . 2001-08-18 00:53 17792 c:\windows\system32\dllcache\ppa.sys + 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\powrprof.dll + 2004-08-04 07:45 . 2008-04-14 02:21 49152 c:\windows\system32\dllcache\powercfg.exe + 2007-05-21 21:09 . 2008-04-14 02:20 92672 c:\windows\system32\dllcache\policman.dll + 2004-08-04 07:45 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\pnrpnsp.dll + 2004-08-04 00:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\pjlmon.dll + 2004-08-04 07:45 . 2008-04-14 02:21 19456 c:\windows\system32\dllcache\ping.exe + 2001-10-28 18:07 . 2001-10-28 18:07 35328 c:\windows\system32\dllcache\pifmgr.dll - 2008-04-13 22:18 . 2008-04-13 22:18 24064 c:\windows\system32\dllcache\pidgen.dll + 2004-08-04 07:44 . 2008-04-14 02:18 24064 c:\windows\system32\dllcache\pidgen.dll + 2004-08-04 00:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\pid.dll + 2010-05-24 23:03 . 2001-08-18 01:07 19840 c:\windows\system32\dllcache\philtune.sys + 2010-05-24 23:03 . 2001-08-18 01:04 92416 c:\windows\system32\dllcache\phildec.sys + 2010-05-24 23:03 . 2001-08-18 01:04 75776 c:\windows\system32\dllcache\philcam1.sys + 2010-05-24 23:03 . 2001-09-06 02:50 16896 c:\windows\system32\dllcache\philcam1.dll + 2010-05-24 23:03 . 2008-04-13 14:44 28032 c:\windows\system32\dllcache\perm3.sys + 2010-05-24 23:03 . 2008-04-13 14:44 27904 c:\windows\system32\dllcache\perm2.sys + 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\perfproc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\perfos.dll + 2001-10-28 18:07 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\perfnet.dll + 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\perfdisk.dll + 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\perfctrs.dll + 2010-05-24 23:03 . 2001-08-18 01:07 27296 c:\windows\system32\dllcache\perc2.sys + 2010-05-24 23:03 . 2001-09-06 02:50 86016 c:\windows\system32\dllcache\pctspk.exe + 2010-05-24 23:03 . 2001-08-17 23:11 35328 c:\windows\system32\dllcache\pcntpci5.sys + 2010-05-24 23:03 . 2001-08-17 23:11 29769 c:\windows\system32\dllcache\pcntn5m.sys + 2010-05-24 23:03 . 2001-08-17 23:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys + 2010-05-24 23:03 . 2001-08-17 23:12 26153 c:\windows\system32\dllcache\pcmlm56.sys + 2004-08-04 05:59 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys + 2004-08-04 07:35 . 2008-04-14 02:02 68992 c:\windows\system32\dllcache\pci.sys + 2007-05-21 21:10 . 2008-04-14 02:20 38400 c:\windows\system32\dllcache\pchsvc.dll + 2010-05-24 23:03 . 2008-04-13 12:35 29502 c:\windows\system32\dllcache\pca200e.sys + 2010-05-24 23:03 . 2001-08-17 23:12 30495 c:\windows\system32\dllcache\pc100nds.sys + 2001-10-28 18:07 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys + 2004-08-04 00:35 . 2008-04-14 02:02 80384 c:\windows\system32\dllcache\parport.sys + 2004-08-04 00:34 . 2008-04-14 02:02 46848 c:\windows\system32\dllcache\p3.sys + 2010-05-24 23:03 . 2001-09-06 02:50 42496 c:\windows\system32\dllcache\ovui2rc.dll + 2010-05-24 23:03 . 2001-09-06 02:50 44544 c:\windows\system32\dllcache\ovui2.dll + 2010-05-24 23:03 . 2001-08-18 01:05 25216 c:\windows\system32\dllcache\ovsound2.sys + 2010-05-24 23:03 . 2001-09-06 02:50 39424 c:\windows\system32\dllcache\ovcoms.exe + 2010-05-24 23:03 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\ovcomc.dll + 2010-05-24 23:03 . 2001-08-18 01:05 31872 c:\windows\system32\dllcache\ovce.sys + 2010-05-24 23:03 . 2001-08-18 01:05 28032 c:\windows\system32\dllcache\ovcd.sys + 2010-05-24 23:03 . 2001-08-18 01:05 48000 c:\windows\system32\dllcache\ovcam2.sys + 2010-05-24 23:03 . 2001-08-18 01:05 25088 c:\windows\system32\dllcache\ovca.sys + 2010-05-24 23:03 . 2001-09-06 02:15 54698 c:\windows\system32\dllcache\otcsercb.sys + 2010-05-24 23:03 . 2001-09-06 02:15 44009 c:\windows\system32\dllcache\otceth5.sys + 2010-05-24 23:03 . 2001-08-17 23:12 27209 c:\windows\system32\dllcache\otc06x5.sys + 2004-08-04 07:45 . 2008-04-14 02:21 70144 c:\windows\system32\dllcache\opnfiles.exe + 2010-05-24 23:03 . 2001-08-17 23:20 54528 c:\windows\system32\dllcache\opl3sax.sys + 2007-05-21 21:10 . 2008-04-14 02:21 51712 c:\windows\system32\dllcache\oobebaln.exe + 2004-08-04 07:45 . 2008-04-14 02:20 84992 c:\windows\system32\dllcache\olepro32.dll + 2007-05-21 21:10 . 2008-04-14 02:20 69632 c:\windows\system32\dllcache\oledb32r.dll + 2001-10-28 18:07 . 2008-04-14 02:20 37376 c:\windows\system32\dllcache\olecnv32.dll + 2001-10-28 18:07 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\olecli32.dll + 2010-05-24 23:03 . 2008-04-13 14:46 61696 c:\windows\system32\dllcache\ohci1394.sys + 2007-05-21 21:10 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\oemiglib.dll + 2007-05-21 21:10 . 2008-04-14 02:21 60928 c:\windows\system32\dllcache\oemig50.exe + 2004-08-04 07:45 . 2008-04-14 02:20 20511 c:\windows\system32\dllcache\odtext32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odpdx32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odfox32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odexl32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 20511 c:\windows\system32\dllcache\oddbse32.dll + 2004-08-04 07:44 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll + 2004-08-04 07:44 . 2008-04-14 02:19 57375 c:\windows\system32\dllcache\odbcji32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\odbccu32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\odbccr32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 69632 c:\windows\system32\dllcache\odbcconf.exe + 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\odbc32gt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\ocmsn.dll + 2001-10-28 18:07 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\ocmanage.dll + 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\ocgen.dll + 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\nwwks.dll + 2004-08-04 06:03 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys + 2001-10-28 18:07 . 2008-04-14 02:20 64000 c:\windows\system32\dllcache\nwapi32.dll + 2001-10-28 18:07 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\ntvdmd.dll + 2001-10-28 18:07 . 2001-10-28 18:07 31744 c:\windows\system32\dllcache\ntsd.exe + 2004-08-04 07:45 . 2008-04-14 02:20 91648 c:\windows\system32\dllcache\ntprint.dll + 2004-08-04 07:45 . 2008-04-14 02:20 63488 c:\windows\system32\dllcache\ntoc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\ntmsapi.dll + 2001-10-28 18:07 . 2001-10-28 18:07 14848 c:\windows\system32\dllcache\ntlanui2.dll + 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\ntlanman.dll + 2010-05-24 23:03 . 2001-08-17 23:49 51552 c:\windows\system32\dllcache\ntgrip.sys + 2004-08-04 07:45 . 2008-04-14 02:20 67072 c:\windows\system32\dllcache\ntdsapi.dll + 2008-04-14 02:20 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\nsepm.dll + 2010-05-24 23:03 . 2008-04-13 14:54 28672 c:\windows\system32\dllcache\nscirda.sys + 2004-08-04 07:45 . 2008-04-14 02:20 55296 c:\windows\system32\dllcache\npptools.dll + 2004-08-04 07:45 . 2008-04-14 02:21 15360 c:\windows\system32\dllcache\nppagent.exe + 2004-08-04 06:00 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs.sys + 2004-08-04 07:45 . 2008-04-13 22:21 70144 c:\windows\system32\dllcache\notepad.exe + 2004-08-04 05:59 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys + 2007-05-21 21:10 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\nmmkcert.dll + 2007-05-21 21:10 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\nmcom.dll + 2007-05-21 21:10 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\nmchat.dll + 2007-05-21 21:10 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\nmasnt.dll + 2010-05-24 23:03 . 2001-08-17 23:20 87040 c:\windows\system32\dllcache\nm6wdm.sys + 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\nlhtml.dll + 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\nikedrv.sys + 2004-08-03 22:58 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys + 2010-05-24 23:03 . 2001-08-17 23:12 32840 c:\windows\system32\dllcache\ngrpci.sys + 2004-08-04 07:45 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\netui0.dll + 2004-08-04 07:45 . 2008-04-14 02:21 37376 c:\windows\system32\dllcache\netstat.exe + 2004-08-04 07:45 . 2008-04-14 02:21 87040 c:\windows\system32\dllcache\netsh.exe + 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\netrap.dll + 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\netoc.dll + 2010-05-24 23:03 . 2001-09-06 02:05 65918 c:\windows\system32\dllcache\netflx3.sys + 2004-08-04 06:03 . 2008-04-13 18:56 34688 c:\windows\system32\dllcache\netbios.sys + 2004-08-04 07:45 . 2008-04-14 02:21 42496 c:\windows\system32\dllcache\net.exe + 2010-05-24 23:02 . 2001-08-17 23:50 39264 c:\windows\system32\dllcache\neo20xx.sys + 2010-05-24 23:02 . 2001-08-18 00:49 15872 c:\windows\system32\dllcache\ne2000.sys + 2001-10-28 18:07 . 2008-04-13 18:57 40576 c:\windows\system32\dllcache\ndproxy.sys + 2004-08-04 06:14 . 2008-04-13 19:20 91520 c:\windows\system32\dllcache\ndiswan.sys + 2004-08-03 23:03 . 2008-04-13 18:55 14592 c:\windows\system32\dllcache\ndisuio.sys + 2001-10-28 18:07 . 2008-04-13 18:57 10112 c:\windows\system32\dllcache\ndistapi.sys + 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\ndisnpp.dll + 2007-08-18 17:22 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys + 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\nddenb32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\nddeapi.dll + 2007-05-21 21:09 . 2008-04-14 02:20 47104 c:\windows\system32\dllcache\ncprov.dll + 2004-08-04 07:45 . 2008-04-14 02:20 36352 c:\windows\system32\dllcache\ncobjapi.dll + 2004-08-04 07:45 . 2008-04-13 22:21 53760 c:\windows\system32\dllcache\narrator.exe + 2008-04-14 02:20 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\napipsec.dll + 2007-08-18 17:21 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys + 2010-05-24 23:02 . 2001-09-06 02:49 91488 c:\windows\system32\dllcache\n9i3disp.dll + 2010-05-24 23:02 . 2001-08-17 23:50 27936 c:\windows\system32\dllcache\n9i3d.sys + 2010-05-24 23:02 . 2001-08-17 23:50 33088 c:\windows\system32\dllcache\n9i128v2.sys + 2010-05-24 23:02 . 2001-09-06 02:49 59104 c:\windows\system32\dllcache\n9i128v2.dll + 2010-05-24 23:02 . 2001-08-17 23:50 13664 c:\windows\system32\dllcache\n9i128.sys + 2010-05-24 23:02 . 2001-09-06 02:49 35392 c:\windows\system32\dllcache\n9i128.dll + 2010-05-24 23:02 . 2001-09-06 02:28 52767 c:\windows\system32\dllcache\n1000nt5.sys + 2001-10-28 18:07 . 2001-10-28 18:07 90112 c:\windows\system32\dllcache\mycomput.dll + 2010-05-24 23:02 . 2001-09-06 02:27 76544 c:\windows\system32\dllcache\mxport.sys + 2010-05-24 23:02 . 2001-08-18 00:49 19968 c:\windows\system32\dllcache\mxnic.sys + 2010-05-24 23:02 . 2001-09-06 02:50 19968 c:\windows\system32\dllcache\mxicfg.dll + 2010-05-24 23:02 . 2001-09-06 02:27 22016 c:\windows\system32\dllcache\mxcard.sys + 2008-04-13 18:43 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys + 2007-05-21 21:09 . 2008-06-12 14:22 91648 c:\windows\system32\dllcache\mtxoci.dll - 2008-06-12 14:22 . 2008-06-12 14:22 91648 c:\windows\system32\dllcache\mtxoci.dll + 2007-05-21 21:09 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\mtxlegih.dll + 2007-05-21 21:09 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\mtxdm.dll + 2004-08-04 07:45 . 2008-06-12 14:22 66560 c:\windows\system32\dllcache\mtxclu.dll - 2008-06-12 14:22 . 2008-06-12 14:22 66560 c:\windows\system32\dllcache\mtxclu.dll + 2007-05-21 21:10 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\msxactps.dll - 2009-11-03 13:44 . 2008-08-28 07:47 74752 c:\windows\system32\dllcache\msw3prt.dll + 2004-08-04 07:45 . 2008-08-28 07:47 74752 c:\windows\system32\dllcache\msw3prt.dll + 2004-08-04 05:58 . 2008-04-13 18:30 61440 c:\windows\system32\dllcache\msvcrt40.dll + 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msvcirt.dll + 2007-05-21 21:10 . 2008-04-14 02:21 12288 c:\windows\system32\dllcache\mstinit.exe + 2010-05-24 23:02 . 2008-04-13 14:46 49024 c:\windows\system32\dllcache\mstape.sys + 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\mst123.dll + 2004-08-03 23:07 . 2008-04-13 18:36 15488 c:\windows\system32\dllcache\mssmbios.sys + 2008-04-14 01:57 . 2008-04-14 01:57 80896 c:\windows\system32\dllcache\msshamsg.dll + 2004-08-04 07:45 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll - 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll + 2010-05-24 23:02 . 2001-08-18 00:48 12416 c:\windows\system32\dllcache\msriffwv.sys + 2001-10-28 18:07 . 2001-10-28 18:07 62976 c:\windows\system32\dllcache\msratelc.dll + 2004-08-04 07:44 . 2008-04-13 16:23 48128 c:\windows\system32\dllcache\msprivs.dll + 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\mspatcha.dll + 2004-08-04 07:44 . 2007-03-28 12:54 24576 c:\windows\system32\dllcache\msorc32r.dll + 2007-05-21 21:10 . 2008-04-14 02:21 29184 c:\windows\system32\dllcache\msoobe.exe + 2007-05-21 21:10 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\msobweb.dll + 2007-05-21 21:10 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\msobshel.dll + 2007-05-21 21:10 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\msobdl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\mslwvtts.dll + 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\mslbui.dll + 2004-08-04 07:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\msisip.dll + 2004-08-04 07:45 . 2008-04-14 02:21 40960 c:\windows\system32\dllcache\msiregmv.exe + 2010-05-24 23:02 . 2008-04-13 14:54 22016 c:\windows\system32\dllcache\msircomm.sys + 2010-05-24 23:02 . 2001-10-28 18:07 40448 c:\windows\system32\dllcache\msinfo32.exe + 2001-10-28 18:07 . 2001-10-28 18:07 15872 c:\windows\system32\dllcache\msidntld.dll + 2004-08-04 07:45 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\msgsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\msgrocm.dll + 2004-08-04 06:04 . 2008-04-13 18:56 35072 c:\windows\system32\dllcache\msgpc.sys + 2010-05-24 23:02 . 2001-08-18 01:02 35200 c:\windows\system32\dllcache\msgame.sys + 2004-08-04 06:00 . 2008-04-13 18:32 19072 c:\windows\system32\dllcache\msfs.sys + 2009-03-15 16:05 . 2008-04-13 14:46 51200 c:\windows\system32\dllcache\msdv.sys + 2001-10-28 18:07 . 2008-04-14 02:20 90112 c:\windows\system32\dllcache\msdtcstp.dll - 2008-06-12 14:22 . 2008-06-12 14:22 58880 c:\windows\system32\dllcache\msdtclog.dll + 2007-05-21 21:09 . 2008-06-12 14:22 58880 c:\windows\system32\dllcache\msdtclog.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\msdmo.dll + 2007-05-21 21:10 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\msdfmap.dll + 2007-05-21 21:10 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\msdatt.dll + 2007-05-21 21:10 . 2008-04-14 02:20 94208 c:\windows\system32\dllcache\msdatl3.dll + 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdasqlr.dll + 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdaremr.dll + 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdaprsr.dll + 2007-05-21 21:10 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\msdaosp.dll + 2007-05-21 21:10 . 2007-03-28 12:54 20480 c:\windows\system32\dllcache\msdaorar.dll + 2004-08-04 07:45 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\msctfp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\mscpxl32.dll + 2004-08-04 07:44 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\mscpx32r.dll + 2004-08-04 07:45 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll - 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll + 2004-08-04 07:45 . 2009-09-04 21:04 58880 c:\windows\system32\dllcache\msasn1.dll - 2009-09-04 21:04 . 2009-09-04 21:04 58880 c:\windows\system32\dllcache\msasn1.dll + 2004-08-04 07:45 . 2008-04-14 02:20 86016 c:\windows\system32\dllcache\msapsspc.dll + 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msadrh15.dll + 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msador15.dll + 2007-05-21 21:10 . 2007-03-28 12:54 28672 c:\windows\system32\dllcache\msader15.dll + 2007-05-21 21:10 . 2007-03-28 12:54 24576 c:\windows\system32\dllcache\msaddsr.dll + 2007-05-21 21:10 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\msadcs.dll + 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msadcor.dll + 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msadcfr.dll + 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\msadcf.dll + 2007-05-21 21:10 . 2007-03-28 12:54 20480 c:\windows\system32\dllcache\msadcer.dll + 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\msacm32.dll + 2010-05-24 23:02 . 2001-08-18 00:52 17280 c:\windows\system32\dllcache\mraid35x.sys + 2004-08-04 07:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\mqupgrd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 95744 c:\windows\system32\dllcache\mqsec.dll + 2004-08-04 07:45 . 2008-04-14 02:20 89088 c:\windows\system32\dllcache\mqlogmgr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\mqise.dll + 2004-08-04 07:45 . 2008-04-14 02:20 47616 c:\windows\system32\dllcache\mqdscli.dll + 2004-08-04 07:45 . 2008-04-14 02:21 19968 c:\windows\system32\dllcache\mqbkup.exe + 2004-08-04 05:58 . 2008-04-13 18:39 92544 c:\windows\system32\dllcache\mqac.sys + 2001-10-28 18:07 . 2001-10-28 18:07 47104 c:\windows\system32\dllcache\mprui.dll + 2001-10-28 18:07 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\mprdim.dll + 2004-08-04 07:45 . 2008-04-14 02:20 87040 c:\windows\system32\dllcache\mprapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\mpr.dll + 2007-08-18 17:22 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\mpe.sys + 2004-08-04 05:58 . 2008-04-13 18:39 42368 c:\windows\system32\dllcache\mountmgr.sys + 2004-08-04 00:35 . 2008-04-14 01:50 23552 c:\windows\system32\dllcache\mouclass.sys + 2007-05-21 21:09 . 2008-04-14 02:21 16384 c:\windows\system32\dllcache\mofcomp.exe + 2010-05-24 23:02 . 2001-08-18 00:57 16128 c:\windows\system32\dllcache\modemcsa.sys + 2004-08-04 00:35 . 2008-04-14 01:50 30336 c:\windows\system32\dllcache\modem.sys + 2007-05-21 21:10 . 2008-04-14 02:20 34560 c:\windows\system32\dllcache\mnmdd.dll + 2007-05-21 21:09 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\mmfutil.dll + 2008-04-14 02:21 . 2008-04-14 02:21 34304 c:\windows\system32\dllcache\mmcperf.exe + 2001-10-28 18:06 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\mimefilt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\miglibnt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\midimap.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14848 c:\windows\system32\dllcache\mgmtapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 22528 c:\windows\system32\dllcache\mfcsubs.dll + 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\mf3216.dll + 2004-08-03 23:07 . 2008-04-13 18:36 63744 c:\windows\system32\dllcache\mf.sys + 2008-04-14 02:20 . 2008-04-14 02:20 86016 c:\windows\system32\dllcache\metada51.dll + 2010-05-24 23:01 . 2008-04-13 14:41 26112 c:\windows\system32\dllcache\memstpci.sys + 2010-05-24 23:01 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\memgrp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\medctroc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 37888 c:\windows\system32\dllcache\md5filt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\mciwave.dll + 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\mciseq.dll + 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\mciqtz32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 85504 c:\windows\system32\dllcache\mciavi32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\mcastmib.dll + 2004-08-04 07:45 . 2008-04-14 02:21 57344 c:\windows\system32\dllcache\makecab.exe + 2010-05-24 23:01 . 2001-08-17 23:19 48768 c:\windows\system32\dllcache\maestro.sys + 2010-05-24 23:01 . 2001-09-06 02:50 59392 c:\windows\system32\dllcache\m3092dc.dll + 2010-05-24 23:01 . 2001-09-06 02:50 58880 c:\windows\system32\dllcache\m3091dc.dll + 2010-05-24 23:01 . 2001-08-17 23:49 22848 c:\windows\system32\dllcache\lwusbhid.sys + 2010-05-24 23:01 . 2008-04-13 12:39 20864 c:\windows\system32\dllcache\lwadihid.sys + 2004-08-04 07:45 . 2008-04-14 02:21 13312 c:\windows\system32\dllcache\lsass.exe + 2008-04-14 02:20 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\lprmon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 10240 c:\windows\system32\dllcache\lprhelp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 22016 c:\windows\system32\dllcache\lpk.dll + 2008-04-14 02:20 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\lpdsvc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\lonsint.dll + 2004-08-04 07:45 . 2008-04-14 02:21 60928 c:\windows\system32\dllcache\logman.exe + 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\log.dll + 2004-08-04 07:45 . 2008-04-14 02:21 75264 c:\windows\system32\dllcache\locator.exe + 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\localui.dll + 2010-05-24 23:01 . 2001-08-17 23:12 70730 c:\windows\system32\dllcache\lne100tx.sys + 2010-05-24 23:01 . 2001-08-17 23:12 20573 c:\windows\system32\dllcache\lne100.sys + 2010-05-24 23:01 . 2001-08-17 23:11 25065 c:\windows\system32\dllcache\lmndis3.sys + 2007-06-15 08:04 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\lmmib2.dll + 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\lmhsvc.dll + 2010-05-24 23:01 . 2001-09-06 02:11 16128 c:\windows\system32\dllcache\lit220p.sys + 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\linkinfo.dll + 2007-05-21 21:09 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\licwmi.dll + 2010-05-24 23:01 . 2008-04-13 14:40 34688 c:\windows\system32\dllcache\lbrtfdc.sys + 2010-05-24 23:01 . 2001-09-06 02:10 26634 c:\windows\system32\dllcache\lanepic5.sys + 2008-04-14 02:20 . 2008-04-14 02:20 37376 c:\windows\system32\dllcache\l2store.dll + 2010-05-24 23:01 . 2001-08-17 23:12 19016 c:\windows\system32\dllcache\ktc111.sys + 2004-08-04 05:59 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys - 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys + 2007-05-21 21:09 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\krnlprov.dll + 2010-05-24 23:01 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\kousd.dll + 2008-04-14 02:20 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\kmsvc.dll + 2010-05-24 23:01 . 2008-04-13 22:20 49152 c:\windows\system32\dllcache\kdsui.dll + 2004-08-04 07:39 . 2008-04-14 01:58 14720 c:\windows\system32\dllcache\kbdhid.sys + 2004-08-04 07:39 . 2008-04-14 01:58 25088 c:\windows\system32\dllcache\kbdclass.sys + 2001-10-28 18:06 . 2001-10-28 18:06 48464 c:\windows\system32\dllcache\jobexec.dll + 2004-08-04 07:45 . 2008-04-14 02:20 54784 c:\windows\system32\dllcache\ixsso.dll + 2007-05-21 21:10 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\isrdbg32.dll + 2008-04-14 02:20 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\iscomlog.dll + 2008-04-14 02:20 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\isatq.dll + 2001-10-28 18:06 . 2008-04-14 01:58 37632 c:\windows\system32\dllcache\isapnp.sys + 2010-05-24 23:00 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\irstusb.sys + 2010-05-24 23:00 . 2001-08-18 00:51 18688 c:\windows\system32\dllcache\irsir.sys + 2010-05-24 23:00 . 2008-04-13 22:20 28672 c:\windows\system32\dllcache\irmon.dll + 2010-05-24 23:00 . 2001-08-18 00:49 23552 c:\windows\system32\dllcache\irmk7.sys + 2007-05-21 17:18 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys + 2010-05-24 23:00 . 2008-04-13 14:54 88192 c:\windows\system32\dllcache\irda.sys + 2007-05-23 22:03 . 2001-10-28 18:06 13312 c:\windows\system32\dllcache\irclass.dll + 2008-04-13 18:45 . 2008-04-13 18:45 46592 c:\windows\system32\dllcache\irbus.sys + 2001-10-28 18:06 . 2008-04-14 02:20 22016 c:\windows\system32\dllcache\ipxwan.dll + 2004-08-04 07:45 . 2008-04-14 02:21 24064 c:\windows\system32\dllcache\ipxroute.exe + 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\ipv6mon.dll + 2004-08-04 07:45 . 2008-04-14 02:21 53760 c:\windows\system32\dllcache\ipv6.exe + 2004-08-04 06:14 . 2008-04-13 19:19 75264 c:\windows\system32\dllcache\ipsec.sys + 2008-04-14 02:20 . 2008-04-14 02:20 35840 c:\windows\system32\dllcache\iprip.dll + 2004-08-04 06:04 . 2008-04-13 18:57 20864 c:\windows\system32\dllcache\ipinip.sys + 2004-08-04 07:45 . 2008-04-14 02:20 95744 c:\windows\system32\dllcache\iphlpapi.dll + 2004-08-04 07:45 . 2008-04-14 02:21 56832 c:\windows\system32\dllcache\ipconfig.exe + 2004-08-04 06:00 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\ip6fw.sys + 2010-05-24 23:00 . 2001-08-17 23:12 45632 c:\windows\system32\dllcache\ip5515.sys + 2010-05-24 23:00 . 2001-09-06 02:50 90200 c:\windows\system32\dllcache\io8ports.dll + 2010-05-24 23:00 . 2001-08-18 00:50 38784 c:\windows\system32\dllcache\io8.sys + 2004-08-04 07:38 . 2008-04-14 01:57 40448 c:\windows\system32\dllcache\intelppm.sys + 2010-05-24 23:00 . 2001-09-06 02:05 13568 c:\windows\system32\dllcache\inport.sys + 2010-05-24 23:00 . 2001-08-18 00:52 16000 c:\windows\system32\dllcache\ini910u.sys + 2008-04-14 02:20 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\infoadmn.dll + 2007-05-21 21:10 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\inetwiz.exe + 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\inetpp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\inetmib1.dll + 2008-04-14 02:21 . 2008-04-14 02:21 15872 c:\windows\system32\dllcache\inetin51.exe + 2004-08-04 07:45 . 2008-04-14 02:20 36921 c:\windows\system32\dllcache\imeshare.dll + 2004-08-04 06:00 . 2008-04-13 18:40 42112 c:\windows\system32\dllcache\imapi.sys + 2007-05-21 21:10 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\ils.dll + 2008-04-14 02:21 . 2008-04-14 02:21 31232 c:\windows\system32\dllcache\iisrstas.exe + 2008-04-14 02:20 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\iismap.dll + 2008-04-14 02:20 . 2008-04-14 02:20 79872 c:\windows\system32\dllcache\iislog51.dll + 2008-04-14 02:20 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\iisext51.dll + 2008-04-14 02:20 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\iisadmin.dll + 2009-08-14 15:42 . 2008-04-13 22:20 81920 c:\windows\system32\dllcache\ieencode.dll + 2007-05-21 21:10 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\icwutil.dll + 2007-05-21 21:10 . 2008-04-14 02:21 24576 c:\windows\system32\dllcache\icwrmind.exe + 2007-05-21 21:10 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\icwphbk.dll + 2007-05-21 21:10 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\icwdl.dll + 2007-05-21 21:10 . 2008-04-14 02:21 86016 c:\windows\system32\dllcache\icwconn2.exe + 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\icwconn.dll + 2001-10-28 18:06 . 2001-10-28 18:06 55808 c:\windows\system32\dllcache\icmui.dll + 2010-05-24 23:00 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\icam5ext.dll + 2010-05-24 23:00 . 2001-09-06 02:50 45056 c:\windows\system32\dllcache\icam5com.dll + 2010-05-24 23:00 . 2001-09-06 02:50 62976 c:\windows\system32\dllcache\icam4ext.dll + 2010-05-24 23:00 . 2001-09-06 02:50 91648 c:\windows\system32\dllcache\icam4com.dll + 2010-05-24 23:00 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\icam3ext.dll + 2007-05-21 21:09 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\icaapi.dll + 2010-05-24 23:00 . 2001-08-18 01:06 38528 c:\windows\system32\dllcache\ibmvcap.sys + 2010-05-24 23:00 . 2001-08-17 23:11 28700 c:\windows\system32\dllcache\ibmexmp.sys + 2004-08-04 07:37 . 2008-04-14 01:55 53504 c:\windows\system32\dllcache\i8042prt.sys + 2010-05-24 23:00 . 2001-08-17 23:49 58592 c:\windows\system32\dllcache\i740nt5.sys + 2010-05-24 23:00 . 2008-04-13 14:41 18560 c:\windows\system32\dllcache\i2omp.sys + 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\htui.dll + 2008-04-14 02:20 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\httpod51.dll - 2009-10-21 05:39 . 2009-10-21 05:39 25088 c:\windows\system32\dllcache\httpapi.dll + 2004-08-04 07:45 . 2009-10-21 05:39 25088 c:\windows\system32\dllcache\httpapi.dll + 2008-04-14 02:20 . 2008-04-14 02:20 32285 c:\windows\system32\dllcache\hsfcisp2.dll + 2010-05-24 22:59 . 2001-08-18 00:28 50751 c:\windows\system32\dllcache\hsf_tone.sys + 2010-05-24 22:59 . 2001-08-18 00:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys + 2010-05-24 22:59 . 2001-08-18 00:28 44863 c:\windows\system32\dllcache\hsf_soar.sys + 2010-05-24 22:59 . 2001-08-18 00:28 57471 c:\windows\system32\dllcache\hsf_samp.sys + 2010-05-24 22:59 . 2001-08-18 00:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys + 2010-05-24 22:59 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\hr1w.dll + 2010-05-24 22:59 . 2001-09-06 02:50 13312 c:\windows\system32\dllcache\hpsjmcro.dll + 2010-05-24 22:59 . 2001-08-18 01:07 25952 c:\windows\system32\dllcache\hpn.sys + 2010-05-24 22:59 . 2001-09-06 02:50 32768 c:\windows\system32\dllcache\hpgtmcro.dll + 2010-05-24 22:59 . 2001-09-06 02:50 68608 c:\windows\system32\dllcache\hpgt53tk.dll + 2010-05-24 22:59 . 2001-09-06 02:50 31232 c:\windows\system32\dllcache\hpgt42tk.dll + 2010-05-24 22:59 . 2001-09-06 02:50 93696 c:\windows\system32\dllcache\hpgt42.dll + 2010-05-24 22:59 . 2001-09-06 02:50 48128 c:\windows\system32\dllcache\hpgt33tk.dll + 2010-05-24 22:59 . 2001-09-06 02:50 89088 c:\windows\system32\dllcache\hpgt33.dll + 2010-05-24 22:59 . 2001-09-06 02:50 83968 c:\windows\system32\dllcache\hpgt21.dll + 2007-06-15 08:04 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\hostmib.dll + 2001-10-28 18:06 . 2008-04-14 02:20 72704 c:\windows\system32\dllcache\hlink.dll + 2001-10-28 18:06 . 2008-04-13 18:45 10368 c:\windows\system32\dllcache\hidusb.sys + 2004-08-04 00:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\hidserv.dll + 2004-08-04 06:08 . 2008-04-13 18:45 24960 c:\windows\system32\dllcache\hidparse.sys + 2008-04-13 18:45 . 2008-04-13 18:45 19200 c:\windows\system32\dllcache\hidir.sys + 2004-08-04 06:08 . 2008-04-13 18:45 36864 c:\windows\system32\dllcache\hidclass.sys + 2008-04-14 01:54 . 2008-04-14 01:54 25728 c:\windows\system32\dllcache\hidbth.sys + 2010-05-24 22:59 . 2008-04-13 14:36 20352 c:\windows\system32\dllcache\hidbatt.sys + 2004-08-04 00:45 . 2008-04-14 02:20 20992 c:\windows\system32\dllcache\hid.dll + 2004-08-04 07:45 . 2008-04-14 02:20 41472 c:\windows\system32\dllcache\hhsetup.dll + 2004-08-04 07:45 . 2008-04-14 02:21 10752 c:\windows\system32\dllcache\hh.exe + 2001-10-28 18:06 . 2008-04-14 02:21 16384 c:\windows\system32\dllcache\help.exe + 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\h323cc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 32256 c:\windows\system32\dllcache\gzip.dll + 2010-05-24 22:59 . 2008-04-13 21:54 28544 c:\windows\system32\dllcache\grserial.sys + 2010-05-24 22:59 . 2001-09-06 02:23 82432 c:\windows\system32\dllcache\grclass.sys + 2010-05-24 22:59 . 2001-09-06 02:22 17664 c:\windows\system32\dllcache\gpr400.sys + 2004-08-04 07:44 . 2008-04-14 01:54 10240 c:\windows\system32\dllcache\gpkrsrc.dll + 2001-10-28 18:06 . 2008-04-14 02:21 61440 c:\windows\system32\dllcache\getmac.exe + 2010-05-24 22:59 . 2008-04-13 14:45 59136 c:\windows\system32\dllcache\gckernel.sys + 2007-08-19 17:52 . 2008-04-13 18:45 10624 c:\windows\system32\dllcache\gameenum.sys + 2004-08-03 23:07 . 2008-04-13 18:36 46464 c:\windows\system32\dllcache\gagp30kx.sys + 2008-04-14 02:20 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\fxsmon.dll + 2008-04-14 02:20 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\fxsext32.dll + 2008-04-14 02:20 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\fxsevent.dll + 2008-04-14 02:20 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\fxsdrv.dll + 2008-04-14 02:20 . 2008-04-14 02:20 72192 c:\windows\system32\dllcache\fxscom.dll + 2004-08-04 07:45 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\fwcfg.dll + 2010-05-24 22:59 . 2001-09-06 02:50 92160 c:\windows\system32\dllcache\fuusd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\ftp.exe + 2001-09-05 23:20 . 2001-10-28 18:06 12416 c:\windows\system32\dllcache\fsvga.sys + 2007-05-21 21:12 . 2008-04-14 02:20 20538 c:\windows\system32\dllcache\fpremadm.exe + 2007-05-21 21:12 . 2008-04-14 02:20 20541 c:\windows\system32\dllcache\fpexedll.dll + 2007-05-21 21:12 . 2008-04-14 02:20 94208 c:\windows\system32\dllcache\fpencode.dll + 2008-04-14 02:20 . 2008-04-14 02:20 20541 c:\windows\system32\dllcache\fpadmdll.dll + 2008-04-14 02:20 . 2008-04-14 02:20 24632 c:\windows\system32\dllcache\fpadmcgi.exe + 2007-05-21 21:12 . 2008-04-14 02:20 15120 c:\windows\system32\dllcache\fp98sadm.exe + 2007-05-21 21:12 . 2008-04-14 02:20 49212 c:\windows\system32\dllcache\fp4awebs.dll + 2007-05-21 21:12 . 2008-04-14 02:20 32826 c:\windows\system32\dllcache\fp4avss.dll + 2007-05-21 21:12 . 2008-04-14 02:20 41020 c:\windows\system32\dllcache\fp4avnb.dll + 2007-05-21 21:12 . 2008-04-14 02:20 49210 c:\windows\system32\dllcache\fp4areg.dll + 2007-05-21 21:12 . 2008-04-14 02:20 82035 c:\windows\system32\dllcache\fp4anscp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 32828 c:\windows\system32\dllcache\fp40ext.dll + 2010-05-24 22:59 . 2008-04-13 12:35 34173 c:\windows\system32\dllcache\forehe.sys + 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\fontview.exe + 2001-10-28 18:06 . 2009-10-15 16:32 81920 c:\windows\system32\dllcache\fontsub.dll - 2009-07-29 04:36 . 2009-10-15 16:32 81920 c:\windows\system32\dllcache\fontsub.dll + 2010-05-24 22:59 . 2001-09-06 02:50 71680 c:\windows\system32\dllcache\fnfilter.dll + 2007-05-21 21:10 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\fltmc.exe + 2007-05-21 21:10 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\fltlib.dll + 2004-08-04 05:59 . 2008-04-13 18:40 20480 c:\windows\system32\dllcache\flpydisk.sys + 2001-10-28 18:06 . 2008-04-14 01:52 44672 c:\windows\system32\dllcache\fips.sys + 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\findstr.exe + 2010-05-24 22:59 . 2001-08-17 23:13 27165 c:\windows\system32\dllcache\fetnd5.sys + 2010-05-24 22:59 . 2001-08-17 23:10 22090 c:\windows\system32\dllcache\fem556n5.sys + 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\feclient.dll + 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\fdeploy.dll + 2004-08-04 05:59 . 2008-04-13 18:40 27392 c:\windows\system32\dllcache\fdc.sys + 2004-08-04 07:45 . 2008-04-14 02:20 80896 c:\windows\system32\dllcache\faultrep.dll + 2010-05-24 22:59 . 2001-08-17 23:12 24618 c:\windows\system32\dllcache\fa410nd5.sys + 2010-05-24 22:59 . 2001-08-17 23:12 16074 c:\windows\system32\dllcache\fa312nd5.sys + 2010-05-24 22:59 . 2001-08-17 23:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys + 2010-05-24 22:59 . 2001-08-17 23:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys + 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\extrac32.exe + 2008-04-14 02:20 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\exstrace.dll + 2010-05-24 22:59 . 2001-08-17 23:12 16998 c:\windows\system32\dllcache\ex10.sys + 2001-10-28 18:06 . 2008-04-14 02:20 84992 c:\windows\system32\dllcache\evtrig.exe + 2004-08-04 07:45 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\evtgprov.dll + 2007-06-15 08:04 . 2008-04-14 02:20 93696 c:\windows\system32\dllcache\evntwin.exe + 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\evntrprv.dll + 2007-06-15 08:04 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\evntcmd.exe + 2004-08-04 07:45 . 2008-04-14 02:20 56320 c:\windows\system32\dllcache\eventlog.dll + 2004-08-04 07:45 . 2008-04-14 02:20 52224 c:\windows\system32\dllcache\evcreate.exe + 2010-05-24 22:58 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esuni.dll + 2010-05-24 22:58 . 2001-09-06 02:50 34816 c:\windows\system32\dllcache\esuimg.dll + 2010-05-24 22:58 . 2001-09-06 02:50 43008 c:\windows\system32\dllcache\esucm.dll + 2010-05-24 22:58 . 2001-08-17 23:19 63360 c:\windows\system32\dllcache\ess.sys + 2010-05-24 22:58 . 2001-08-17 23:19 72192 c:\windows\system32\dllcache\es1969.sys + 2010-05-24 22:58 . 2001-08-17 23:19 40704 c:\windows\system32\dllcache\es1371mp.sys + 2010-05-24 22:58 . 2001-08-17 23:19 37120 c:\windows\system32\dllcache\es1370mp.sys + 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\ersvc.dll + 2010-05-24 22:58 . 2001-09-06 02:50 62464 c:\windows\system32\dllcache\eqnloop.exe + 2010-05-24 22:58 . 2001-09-06 02:50 51712 c:\windows\system32\dllcache\eqnlogr.exe + 2010-05-24 22:58 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\eqndiag.exe + 2010-05-24 22:58 . 2001-08-17 23:12 18503 c:\windows\system32\dllcache\epro4.sys + 2004-08-04 07:45 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\encapi.dll + 2010-05-24 22:58 . 2001-08-17 23:10 19996 c:\windows\system32\dllcache\em556n4.sys + 2010-05-24 22:58 . 2001-08-17 23:10 25159 c:\windows\system32\dllcache\elnk3.sys + 2010-05-24 22:58 . 2001-08-17 23:11 70174 c:\windows\system32\dllcache\el98xn5.sys + 2010-05-24 22:58 . 2001-08-17 23:11 66591 c:\windows\system32\dllcache\el90xbc5.sys + 2010-05-24 22:58 . 2001-08-17 23:11 77386 c:\windows\system32\dllcache\el656nd5.sys + 2010-05-24 22:58 . 2001-08-17 23:11 69194 c:\windows\system32\dllcache\el656cd5.sys + 2010-05-24 22:58 . 2001-08-17 23:10 26141 c:\windows\system32\dllcache\el589nd5.sys + 2010-05-24 22:58 . 2001-08-17 23:10 69692 c:\windows\system32\dllcache\el575nd5.sys + 2010-05-24 22:58 . 2001-08-17 23:10 24653 c:\windows\system32\dllcache\el574nd4.sys + 2010-05-24 22:58 . 2001-08-17 23:10 55999 c:\windows\system32\dllcache\el556nd5.sys + 2010-05-24 22:58 . 2001-09-06 02:11 44103 c:\windows\system32\dllcache\el515.sys + 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\efsadu.dll + 2008-04-14 02:20 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\eapsvc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\eapqec.dll + 2008-04-14 02:20 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\eappprxy.dll + 2008-04-14 02:20 . 2008-04-14 02:20 94720 c:\windows\system32\dllcache\eappgnui.dll + 2008-04-14 02:20 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\eapolqec.dll + 2010-05-24 22:58 . 2001-08-17 23:12 19594 c:\windows\system32\dllcache\e100isa4.sys + 2010-05-24 22:58 . 2001-09-06 02:10 51231 c:\windows\system32\dllcache\e1000nt5.sys + 2004-08-04 06:00 . 2008-04-13 18:38 71168 c:\windows\system32\dllcache\dxg.sys + 2004-08-04 07:45 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\dvdupgrd.exe + 2001-09-05 23:50 . 2001-09-06 02:50 57344 c:\windows\system32\dllcache\dvdplay.exe + 2004-08-04 07:45 . 2008-04-14 02:20 10752 c:\windows\system32\dllcache\dumprep.exe + 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\dswave.dll + 2004-08-04 07:45 . 2008-04-14 02:20 51712 c:\windows\system32\dllcache\dssec.dll + 2004-08-04 07:45 . 2008-04-14 02:20 93184 c:\windows\system32\dllcache\dskquota.dll + 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\dsdmoprp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\ds32gt.dll + 2001-10-28 18:06 . 2001-10-28 18:06 47104 c:\windows\system32\dllcache\drwtsn32.exe + 2001-10-28 18:06 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\drvqry.exe + 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\drprov.dll + 2004-08-03 23:08 . 2008-04-13 14:45 60160 c:\windows\system32\dllcache\drmk.sys + 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\dpwsockx.dll + 2004-08-04 07:45 . 2008-04-14 02:20 83456 c:\windows\system32\dllcache\dpvsetup.exe + 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\dpvacm.dll + 2010-05-24 22:58 . 2001-08-18 01:07 20192 c:\windows\system32\dllcache\dpti2o.sys + 2004-08-04 07:45 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\dpnsvr.exe + 2004-08-04 07:45 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\dpnhupnp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\dpnhpast.dll + 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\dplaysvr.exe + 2010-05-24 22:58 . 2001-08-17 23:12 28062 c:\windows\system32\dllcache\dp83820.sys + 2010-05-24 22:58 . 2001-09-06 02:06 24064 c:\windows\system32\dllcache\dot4usb.sys + 2010-05-24 22:58 . 2001-08-18 00:47 12928 c:\windows\system32\dllcache\dot4prt.sys + 2008-04-14 02:20 . 2008-04-14 02:20 56832 c:\windows\system32\dllcache\dot3msm.dll + 2008-04-14 02:20 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\dot3clnt.dll + 2008-04-14 02:20 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\dot3cfg.dll + 2008-04-14 02:20 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\dot3api.dll + 2004-08-04 07:45 . 2008-04-14 02:20 48640 c:\windows\system32\dllcache\docprop2.dll + 2004-08-04 07:45 . 2008-04-14 02:20 45568 c:\windows\system32\dllcache\dnsrslvr.dll + 2004-08-04 00:45 . 2008-04-14 02:20 55296 c:\windows\system32\dllcache\dmutil.dll + 2007-05-21 22:37 . 2008-04-13 18:45 52864 c:\windows\system32\dllcache\dmusic.sys + 2004-08-04 07:45 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\dmserver.dll + 2004-08-04 07:45 . 2008-04-14 02:20 82432 c:\windows\system32\dllcache\dmscript.dll + 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\dmremote.exe + 2004-08-04 07:45 . 2008-04-14 02:20 35840 c:\windows\system32\dllcache\dmloader.dll + 2004-08-04 07:45 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\dmcompos.dll + 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\dmband.dll + 2010-05-24 22:58 . 2001-08-17 23:11 29696 c:\windows\system32\dllcache\dm9pci5.sys + 2010-05-24 22:58 . 2001-08-17 23:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys + 2010-05-24 22:58 . 2001-09-06 02:50 29768 c:\windows\system32\dllcache\divasu.dll + 2010-05-24 22:58 . 2001-09-06 02:50 37962 c:\windows\system32\dllcache\divaprop.dll + 2010-05-24 22:58 . 2001-09-06 02:50 38985 c:\windows\system32\dllcache\disrvsu.dll + 2010-05-24 22:58 . 2001-09-06 02:50 31817 c:\windows\system32\dllcache\disrvpp.dll + 2001-10-28 18:06 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\dispex.dll + 2004-08-04 05:59 . 2008-04-13 18:40 14208 c:\windows\system32\dllcache\diskdump.sys + 2004-08-04 05:59 . 2008-04-13 18:40 36352 c:\windows\system32\dllcache\disk.sys + 2007-05-21 21:10 . 2008-04-14 02:20 86528 c:\windows\system32\dllcache\directdb.dll + 2008-04-14 02:20 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\dimsroam.dll + 2008-04-14 02:20 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\dimsntfy.dll + 2010-05-24 22:58 . 2001-08-17 23:13 91305 c:\windows\system32\dllcache\dimaint.sys + 2010-05-24 22:58 . 2001-09-06 02:04 42528 c:\windows\system32\dllcache\digirlpt.sys + 2010-05-24 22:58 . 2001-08-17 23:14 21606 c:\windows\system32\dllcache\digiisdn.sys + 2010-05-24 22:58 . 2001-09-06 02:50 41046 c:\windows\system32\dllcache\digiisdn.dll + 2010-05-24 22:58 . 2001-09-06 02:04 90717 c:\windows\system32\dllcache\digifep5.sys + 2010-05-24 22:58 . 2001-09-06 02:04 37895 c:\windows\system32\dllcache\digiasyn.sys + 2010-05-24 22:58 . 2001-09-06 02:50 65622 c:\windows\system32\dllcache\digiasyn.dll + 2010-05-24 22:57 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\diapi2NT.dll + 2004-08-04 07:45 . 2008-04-14 02:20 87040 c:\windows\system32\dllcache\diantz.exe + 2008-04-14 02:20 . 2008-04-14 02:20 48640 c:\windows\system32\dllcache\dhcpqec.dll + 2010-05-24 22:58 . 2001-09-06 02:27 29659 c:\windows\system32\dllcache\dgapci.sys + 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\dfsshlex.dll + 2004-08-04 07:45 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\dfrgsnap.dll + 2001-10-28 18:06 . 2001-10-28 18:06 54272 c:\windows\system32\dllcache\dfrgres.dll + 2004-08-04 07:45 . 2008-04-14 02:20 82944 c:\windows\system32\dllcache\dfrgfat.exe + 2010-05-24 22:58 . 2001-08-17 23:11 24649 c:\windows\system32\dllcache\dfe650d.sys + 2010-05-24 22:58 . 2001-08-17 23:11 24648 c:\windows\system32\dllcache\dfe650.sys + 2010-05-24 22:58 . 2001-09-06 02:50 24064 c:\windows\system32\dllcache\devldr32.exe + 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\devenum.dll + 2001-10-28 18:06 . 2001-10-28 18:06 18432 c:\windows\system32\dllcache\deskperf.dll + 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\dllcache\deskmon.dll + 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\dllcache\deskadp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\defrag.exe + 2010-05-24 22:58 . 2001-08-17 23:11 20928 c:\windows\system32\dllcache\defpa.sys + 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\ddrawex.dll + 2007-05-21 21:10 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\dcap32.dll + 2010-05-24 22:58 . 2001-09-06 02:50 86528 c:\windows\system32\dllcache\dc240usd.dll + 2010-05-24 22:58 . 2001-08-17 23:12 63208 c:\windows\system32\dllcache\dc21x4.sys + 2010-05-24 22:58 . 2001-09-06 02:50 81408 c:\windows\system32\dllcache\dc210usd.dll + 2010-05-24 22:58 . 2001-09-06 02:50 25600 c:\windows\system32\dllcache\dc210_32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\davclnt.dll + 2008-04-14 02:20 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\davcdata.exe + 2010-05-24 22:58 . 2001-08-18 00:52 14720 c:\windows\system32\dllcache\dac960nt.sys + 2010-05-24 22:58 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzports.dll + 2010-05-24 22:58 . 2001-09-06 02:25 50560 c:\windows\system32\dllcache\cyzport.sys + 2010-05-24 22:58 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzcoins.dll + 2010-05-24 22:58 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\cyyports.dll + 2010-05-24 22:57 . 2001-09-06 02:25 50816 c:\windows\system32\dllcache\cyyport.sys + 2010-05-24 22:57 . 2001-09-06 02:25 15104 c:\windows\system32\dllcache\cyclom-y.sys + 2010-05-24 22:57 . 2001-09-06 02:25 17408 c:\windows\system32\dllcache\cyclad-z.sys + 2010-05-24 22:57 . 2008-04-13 12:36 48640 c:\windows\system32\dllcache\cwrwdm.sys + 2010-05-24 22:57 . 2001-08-17 23:19 93952 c:\windows\system32\dllcache\cwcwdm.sys + 2010-05-24 22:57 . 2001-08-17 23:19 72832 c:\windows\system32\dllcache\cwbwdm.sys + 2007-05-21 21:10 . 2004-08-04 12:00 28672 c:\windows\system32\dllcache\custsat.dll + 2010-05-24 22:57 . 2001-08-17 23:19 96256 c:\windows\system32\dllcache\ctlsb16.sys + 2004-08-04 07:45 . 2009-12-14 07:09 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:09 . 2009-12-14 07:09 33280 c:\windows\system32\dllcache\csrsrv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\cryptsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\cryptnet.dll + 2004-08-04 07:45 . 2008-04-14 02:20 54784 c:\windows\system32\dllcache\cryptext.dll + 2004-08-04 07:45 . 2008-04-14 02:20 33280 c:\windows\system32\dllcache\cryptdll.dll + 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\cryptdlg.dll + 2004-08-04 00:38 . 2008-04-14 01:57 40832 c:\windows\system32\dllcache\crusoe.sys + 2010-05-24 22:57 . 2001-08-17 23:19 42112 c:\windows\system32\dllcache\crtaud.sys + 2008-04-14 02:20 . 2008-04-14 02:20 12800 c:\windows\system32\dllcache\credssp.dll + 2010-05-24 22:57 . 2001-09-06 02:23 61386 c:\windows\system32\dllcache\cpqtrnd5.sys + 2010-05-24 22:57 . 2001-09-06 02:23 21533 c:\windows\system32\dllcache\cpqndis5.sys + 2001-08-17 21:24 . 2001-10-28 18:06 11776 c:\windows\system32\dllcache\cpqdap01.sys + 2010-05-24 22:57 . 2001-08-18 00:52 14976 c:\windows\system32\dllcache\cpqarray.sys + 2004-08-04 07:45 . 2009-03-08 07:33 18944 c:\windows\system32\dllcache\corpol.dll - 2007-08-13 21:42 . 2009-03-08 07:33 18944 c:\windows\system32\dllcache\corpol.dll + 2001-10-28 18:06 . 2001-10-28 18:06 67072 c:\windows\system32\dllcache\console.dll + 2007-05-21 21:10 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\confmrsl.dll + 2007-05-21 21:09 . 2008-04-14 02:20 97792 c:\windows\system32\dllcache\comrepl.dll + 2008-04-14 02:20 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\compfilt.dll + 2010-05-24 22:57 . 2008-04-13 14:36 10240 c:\windows\system32\dllcache\compbatt.sys + 2007-05-21 21:09 . 2008-04-14 02:20 28160 c:\windows\system32\dllcache\comaddin.dll + 2007-05-21 21:09 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\colbact.dll + 2008-04-13 16:44 . 2008-04-13 16:44 17920 c:\windows\system32\dllcache\cobramsg.dll + 2008-04-14 02:20 . 2008-04-14 02:20 47104 c:\windows\system32\dllcache\coadmin.dll + 2010-05-24 22:57 . 2001-08-17 23:11 39936 c:\windows\system32\dllcache\cnxt1803.sys + 2010-05-24 22:57 . 2001-09-06 02:50 44032 c:\windows\system32\dllcache\cnusd.dll + 2004-08-04 00:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\cnbjmon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\cmutil.dll + 2004-08-04 07:45 . 2004-08-04 07:45 65024 c:\windows\system32\dllcache\cmstp.exe + 2004-08-04 07:45 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\cmsetacl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\cmcfg32.dll + 2010-05-24 22:57 . 2001-09-06 02:18 20864 c:\windows\system32\dllcache\cmbp0wdm.sys + 2010-05-24 22:57 . 2008-04-13 14:36 13952 c:\windows\system32\dllcache\cmbatt.sys + 2004-08-04 07:45 . 2008-04-14 02:20 58368 c:\windows\system32\dllcache\clusapi.dll + 2004-08-04 06:14 . 2008-04-13 19:16 49536 c:\windows\system32\dllcache\classpnp.sys + 2010-05-24 22:57 . 2001-08-18 00:57 45696 c:\windows\system32\dllcache\cirrus.sys + 2010-05-24 22:57 . 2001-09-06 02:49 91264 c:\windows\system32\dllcache\cirrus.dll + 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\cipher.exe + 2004-08-04 07:45 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\ciodm.dll + 2007-05-21 21:09 . 2001-10-28 18:06 80896 c:\windows\system32\dllcache\charmap.exe + 2008-04-14 02:20 . 2008-04-14 02:20 15423 c:\windows\system32\dllcache\ch7xxnt5.dll + 2004-08-04 07:44 . 2008-04-14 02:18 16896 c:\windows\system32\dllcache\cfgmgr32.dll + 2007-05-21 21:09 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\cfgbkend.dll + 2010-05-24 22:57 . 2001-09-06 02:15 49182 c:\windows\system32\dllcache\cem56n5.sys + 2010-05-24 22:57 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem33n5.sys + 2010-05-24 22:57 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem28n5.sys + 2010-05-24 22:57 . 2001-09-06 02:15 27164 c:\windows\system32\dllcache\ce3n5.sys + 2010-05-24 22:57 . 2001-09-06 02:15 21530 c:\windows\system32\dllcache\ce2n5.sys + 2004-08-04 05:59 . 2008-04-13 18:40 62976 c:\windows\system32\dllcache\cdrom.sys + 2004-08-04 06:14 . 2008-04-13 19:14 63744 c:\windows\system32\dllcache\cdfs.sys + 2001-08-17 21:52 . 2001-10-28 18:06 18688 c:\windows\system32\dllcache\cdaudio.sys + 2007-08-18 17:21 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys + 2001-10-28 18:06 . 2001-10-28 18:06 13952 c:\windows\system32\dllcache\cbidf2k.sys + 2010-05-24 22:57 . 2001-08-17 23:13 46108 c:\windows\system32\dllcache\cben5.sys + 2010-05-24 22:57 . 2001-08-17 23:12 39680 c:\windows\system32\dllcache\cb325.sys + 2010-05-24 22:57 . 2001-08-17 23:12 37916 c:\windows\system32\dllcache\cb102.sys + 2007-05-21 21:09 . 2008-04-14 02:20 85504 c:\windows\system32\dllcache\catsrvps.dll + 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\camocx.dll + 2010-05-24 22:57 . 2001-09-06 02:50 74240 c:\windows\system32\dllcache\camexo20.dll + 2001-10-28 18:06 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\cacls.exe + 2004-08-04 07:45 . 2010-01-13 14:01 86528 c:\windows\system32\dllcache\cabview.dll - 2010-01-13 14:01 . 2010-01-13 14:01 86528 c:\windows\system32\dllcache\cabview.dll + 2004-08-04 07:45 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\cabinet.dll + 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\btpanui.dll + 2008-04-13 18:46 . 2008-04-13 18:46 18944 c:\windows\system32\dllcache\bthusb.sys + 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\bthserv.dll + 2008-04-13 18:46 . 2008-04-13 18:46 36480 c:\windows\system32\dllcache\bthprint.sys + 2008-04-13 18:46 . 2008-04-13 18:46 37888 c:\windows\system32\dllcache\bthmodem.sys + 2008-04-13 18:46 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\bthenum.sys + 2004-08-04 07:45 . 2008-04-13 22:20 20992 c:\windows\system32\dllcache\bthci.dll + 2010-05-24 22:56 . 2001-08-17 23:11 31529 c:\windows\system32\dllcache\brzwlan.sys + 2010-05-24 22:56 . 2001-08-18 00:12 10368 c:\windows\system32\dllcache\brusbscn.sys + 2010-05-24 22:56 . 2001-08-18 00:12 11008 c:\windows\system32\dllcache\brusbmdm.sys + 2010-05-24 22:56 . 2001-08-18 00:12 60416 c:\windows\system32\dllcache\brserwdm.sys + 2010-05-24 22:56 . 2001-09-06 02:12 39680 c:\windows\system32\dllcache\brparwdm.sys + 2004-08-04 07:45 . 2008-04-14 02:20 78336 c:\windows\system32\dllcache\browsewm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\browser.dll + 2004-08-04 07:44 . 2008-04-14 01:53 67584 c:\windows\system32\dllcache\browselc.dll + 2010-05-24 22:56 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\brmfusb.dll + 2010-05-24 22:56 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\brmfrsmg.exe + 2010-05-24 22:56 . 2001-09-06 02:50 29696 c:\windows\system32\dllcache\brmflpt.dll + 2010-05-24 22:56 . 2001-09-06 02:50 81920 c:\windows\system32\dllcache\brmfcwia.dll + 2010-05-24 22:56 . 2001-09-06 02:50 15360 c:\windows\system32\dllcache\brmfbidi.dll + 2004-08-04 05:59 . 2008-04-13 18:53 71552 c:\windows\system32\dllcache\bridge.sys + 2010-05-24 22:56 . 2001-08-18 00:12 12160 c:\windows\system32\dllcache\brfiltlo.sys + 2010-05-24 22:56 . 2001-09-06 02:50 12800 c:\windows\system32\dllcache\brevif.dll + 2010-05-24 22:56 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\brbidiif.dll + 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\blastcln.exe + 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\bidispl.dll + 2007-08-18 17:21 . 2008-04-13 18:46 11776 c:\windows\system32\dllcache\bdasup.sys + 2010-05-24 22:56 . 2001-08-17 23:11 26568 c:\windows\system32\dllcache\bcm4e5.sys + 2010-05-24 22:56 . 2001-08-17 23:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys + 2010-05-24 22:56 . 2001-08-17 23:11 66557 c:\windows\system32\dllcache\bcm42u.sys + 2010-05-24 22:56 . 2008-04-13 14:36 14208 c:\windows\system32\dllcache\battc.sys + 2004-08-04 07:45 . 2008-04-14 02:20 52736 c:\windows\system32\dllcache\basesrv.dll + 2010-05-24 22:56 . 2001-08-17 23:48 36128 c:\windows\system32\dllcache\banshee.sys + 2010-05-24 22:56 . 2001-09-06 02:09 97184 c:\windows\system32\dllcache\b57xp32.sys + 2010-05-24 22:56 . 2001-08-17 23:13 89952 c:\windows\system32\dllcache\b1cbase.sys + 2010-05-24 22:56 . 2001-08-17 23:19 36992 c:\windows\system32\dllcache\aztw2320.sys + 2010-05-24 22:56 . 2001-08-17 23:13 37568 c:\windows\system32\dllcache\avmwan.sys + 2010-05-24 22:56 . 2001-09-06 02:50 87552 c:\windows\system32\dllcache\avmcoxp.dll - 2009-06-10 14:14 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll + 2004-08-04 07:45 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll + 2010-05-24 22:56 . 2008-04-13 14:46 13696 c:\windows\system32\dllcache\avcstrm.sys + 2010-05-24 22:56 . 2001-08-18 01:01 36096 c:\windows\system32\dllcache\avcaudio.sys + 2010-05-24 22:56 . 2008-04-13 14:46 38912 c:\windows\system32\dllcache\avc.sys + 2004-08-04 07:45 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\autolfn.exe + 2004-08-04 07:45 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\authz.dll + 2007-05-21 21:12 . 2008-04-14 02:20 16439 c:\windows\system32\dllcache\author.exe + 2007-05-21 21:12 . 2008-04-14 02:20 20540 c:\windows\system32\dllcache\author.dll + 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\auditusr.exe + 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\audiosrv.dll + 2008-04-14 02:20 . 2008-04-14 02:20 17279 c:\windows\system32\dllcache\atv10nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 14143 c:\windows\system32\dllcache\atv06nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 25471 c:\windows\system32\dllcache\atv04nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 11359 c:\windows\system32\dllcache\atv02nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 21183 c:\windows\system32\dllcache\atv01nt5.dll + 2001-10-28 18:06 . 2008-04-14 02:20 12288 c:\windows\system32\dllcache\attrib.exe + 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\atmlib.dll + 2004-08-04 05:58 . 2008-04-13 18:51 55808 c:\windows\system32\dllcache\atmlane.sys + 2004-08-04 05:58 . 2008-04-13 18:51 59904 c:\windows\system32\dllcache\atmarpc.sys + 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\atmadm.exe - 2009-07-17 19:03 . 2009-07-17 19:03 58880 c:\windows\system32\dllcache\atl.dll + 2004-08-04 07:45 . 2009-07-17 19:03 58880 c:\windows\system32\dllcache\atl.dll + 2010-05-24 22:56 . 2001-08-17 23:49 23552 c:\windows\system32\dllcache\atixbar.sys + 2010-05-24 22:56 . 2001-08-17 23:49 26624 c:\windows\system32\dllcache\ativxbar.sys + 2010-05-24 22:56 . 2001-08-17 23:49 19456 c:\windows\system32\dllcache\ativttxx.sys + 2008-04-14 02:20 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\ativtmxx.dll + 2010-05-24 22:56 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitvsnd.sys + 2010-05-24 22:56 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitunep.sys + 2010-05-24 22:56 . 2001-08-17 23:49 26880 c:\windows\system32\dllcache\atirtsnd.sys + 2010-05-24 22:56 . 2001-08-17 23:49 49920 c:\windows\system32\dllcache\atirtcap.sys + 2010-05-24 22:56 . 2001-09-06 02:08 70656 c:\windows\system32\dllcache\atiragem.sys + 2010-05-24 22:56 . 2001-08-17 23:49 10240 c:\windows\system32\dllcache\atipcxxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 63488 c:\windows\system32\dllcache\atinxsxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 31744 c:\windows\system32\dllcache\atinxbxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 73216 c:\windows\system32\dllcache\atintuxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 13824 c:\windows\system32\dllcache\atinttxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 28672 c:\windows\system32\dllcache\atinsnxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 52224 c:\windows\system32\dllcache\atinraxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 14336 c:\windows\system32\dllcache\atinpdxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 13824 c:\windows\system32\dllcache\atinmdxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 57856 c:\windows\system32\dllcache\atinbtxx.sys + 2010-05-24 22:56 . 2001-09-06 02:08 75264 c:\windows\system32\dllcache\atimpae.sys + 2010-05-24 22:56 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\atievxx.exe + 2010-05-24 22:56 . 2001-08-17 23:49 46464 c:\windows\system32\dllcache\atibt829.sys + 2008-08-30 19:20 . 2004-08-04 01:29 34735 c:\windows\system32\dllcache\ati1xsxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 29455 c:\windows\system32\dllcache\ati1xbxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 36463 c:\windows\system32\dllcache\ati1tuxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 21343 c:\windows\system32\dllcache\ati1ttxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 26367 c:\windows\system32\dllcache\ati1snxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 63663 c:\windows\system32\dllcache\ati1rvxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 30671 c:\windows\system32\dllcache\ati1raxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 12047 c:\windows\system32\dllcache\ati1pdxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 11615 c:\windows\system32\dllcache\ati1mdxx.sys + 2008-08-30 19:20 . 2004-08-04 01:29 56623 c:\windows\system32\dllcache\ati1btxx.sys + 2010-05-24 22:56 . 2001-09-06 02:08 77824 c:\windows\system32\dllcache\ati.sys + 2010-05-24 22:56 . 2001-09-06 02:49 96128 c:\windows\system32\dllcache\ati.dll + 2004-08-04 05:59 . 2008-04-13 18:40 96512 c:\windows\system32\dllcache\atapi.sys + 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\at.exe + 2004-08-04 06:05 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\asyncmac.sys + 2004-08-04 07:45 . 2008-04-14 02:20 65024 c:\windows\system32\dllcache\asycfilt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\asr_pfu.exe + 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\asr_fmt.exe + 2010-05-24 22:56 . 2001-08-17 23:12 97354 c:\windows\system32\dllcache\aspndis3.sys + 2010-05-24 22:56 . 2001-08-18 00:51 14848 c:\windows\system32\dllcache\asc3550.sys + 2010-05-24 22:56 . 2001-08-18 00:52 22400 c:\windows\system32\dllcache\asc3350p.sys + 2010-05-24 22:56 . 2001-08-18 00:52 26496 c:\windows\system32\dllcache\asc.sys + 2004-08-03 22:58 . 2008-04-13 18:51 60800 c:\windows\system32\dllcache\arp1394.sys + 2010-05-24 22:56 . 2008-04-13 12:35 36224 c:\windows\system32\dllcache\an983.sys + 2004-08-04 07:45 . 2008-04-14 02:20 70656 c:\windows\system32\dllcache\amstream.dll + 2010-05-24 22:56 . 2001-08-18 00:52 12032 c:\windows\system32\dllcache\amsint.sys + 2004-08-04 00:35 . 2008-04-14 01:51 41856 c:\windows\system32\dllcache\amdk7.sys + 2004-08-04 00:35 . 2008-04-14 01:51 41472 c:\windows\system32\dllcache\amdk6.sys + 2004-08-03 23:07 . 2008-04-13 18:36 43008 c:\windows\system32\dllcache\amdagp.sys + 2010-05-24 22:56 . 2001-08-17 23:11 16969 c:\windows\system32\dllcache\amb8002.sys + 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\alrsvc.dll + 2004-08-03 23:07 . 2008-04-13 18:36 42752 c:\windows\system32\dllcache\alim1541.sys + 2010-05-24 22:56 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\alifir.sys + 2010-05-24 22:56 . 2001-08-17 23:11 27678 c:\windows\system32\dllcache\ali5261.sys + 2004-08-04 07:45 . 2008-04-14 02:20 44544 c:\windows\system32\dllcache\alg.exe + 2010-05-24 22:56 . 2001-08-18 01:07 56960 c:\windows\system32\dllcache\aic78xx.sys + 2010-05-24 22:56 . 2001-08-18 01:07 55168 c:\windows\system32\dllcache\aic78u2.sys + 2010-05-24 22:56 . 2001-08-18 00:52 12800 c:\windows\system32\dllcache\aha154x.sys + 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agtintl.dll + 2001-10-28 18:06 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0c0a.dll + 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0816.dll + 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0804.dll + 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041f.dll + 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041d.dll + 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0419.dll + 2001-10-28 18:06 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0416.dll + 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0415.dll + 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0414.dll + 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0413.dll + 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0412.dll + 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0411.dll + 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0410.dll + 2007-05-21 17:18 . 2007-04-02 18:26 19968 c:\windows\system32\dllcache\agt040e.dll + 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040d.dll + 2001-10-28 18:06 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt040c.dll + 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040b.dll + 2001-10-28 18:06 . 2008-04-13 17:32 19968 c:\windows\system32\dllcache\agt0409.dll + 2007-05-21 17:18 . 2007-04-02 18:26 22016 c:\windows\system32\dllcache\agt0408.dll + 2001-10-28 18:06 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt0407.dll + 2001-10-28 18:06 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0406.dll + 2007-05-21 17:18 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0405.dll + 2007-04-02 18:25 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0404.dll + 2007-04-02 18:25 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0401.dll + 2004-08-03 23:07 . 2008-04-13 18:36 44928 c:\windows\system32\dllcache\agpcpq.sys + 2004-08-03 23:07 . 2008-04-13 18:36 42368 c:\windows\system32\dllcache\agp440.sys + 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\agentsr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agentpsh.dll + 2004-08-04 07:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\agentmpx.dll + 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\agentdpv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\agentdp2.dll + 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agentanm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\adsmsext.dll + 2010-05-24 22:56 . 2001-08-17 23:11 46112 c:\windows\system32\dllcache\adptsf50.sys + 2008-04-14 02:20 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\admwprox.dll + 2010-05-24 22:56 . 2008-04-13 12:36 10880 c:\windows\system32\dllcache\admjoy.sys + 2007-05-21 21:12 . 2008-04-14 02:20 16439 c:\windows\system32\dllcache\admin.exe + 2007-05-21 21:12 . 2008-04-14 02:20 20540 c:\windows\system32\dllcache\admin.dll + 2008-04-14 02:20 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\admexs.dll + 2010-05-24 22:56 . 2001-08-17 23:11 20160 c:\windows\system32\dllcache\adm8511.sys + 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\actxprxy.dll + 2001-10-28 18:06 . 2001-10-28 18:06 11904 c:\windows\system32\dllcache\acpiec.sys + 2007-05-21 21:10 . 2001-10-28 18:06 68096 c:\windows\system32\dllcache\acctres.dll + 2010-05-24 22:55 . 2008-04-13 12:36 84480 c:\windows\system32\dllcache\ac97via.sys + 2010-05-24 22:55 . 2001-08-17 23:20 96256 c:\windows\system32\dllcache\ac97intc.sys + 2010-05-24 22:55 . 2001-08-18 00:52 23552 c:\windows\system32\dllcache\abp480n5.sys + 2010-05-24 22:55 . 2001-09-06 02:50 98304 c:\windows\system32\dllcache\a3d.dll + 2010-05-24 22:55 . 2001-09-06 02:49 38400 c:\windows\system32\dllcache\8514a.dll + 2010-05-24 22:55 . 2008-04-13 14:46 48128 c:\windows\system32\dllcache\61883.sys + 2010-05-24 22:55 . 2008-04-13 14:40 12288 c:\windows\system32\dllcache\4mmdat.sys + 2010-05-24 22:55 . 2001-08-18 01:06 11264 c:\windows\system32\dllcache\1394vdbg.sys + 2010-05-24 22:55 . 2008-04-13 14:46 53376 c:\windows\system32\dllcache\1394bus.sys + 2001-10-28 18:06 . 2001-10-28 18:06 54272 c:\windows\system32\dfrgres.dll + 2001-10-28 18:06 . 2001-10-28 18:06 18432 c:\windows\system32\deskperf.dll + 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\deskmon.dll + 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\deskadp.dll + 2001-10-28 18:06 . 2001-10-28 18:06 67072 c:\windows\system32\console.dll + 2004-08-04 07:45 . 2004-08-04 07:45 65024 c:\windows\system32\cmstp.exe + 2007-05-21 21:09 . 2001-10-28 18:06 80896 c:\windows\system32\charmap.exe + 2004-08-04 07:45 . 2008-04-13 22:20 20992 c:\windows\system32\bthci.dll + 2007-05-21 21:10 . 2001-10-28 18:06 68096 c:\windows\system32\acctres.dll + 2007-05-21 21:09 . 2001-10-28 18:07 5632 c:\windows\system32\write.exe + 2010-05-26 00:17 . 2008-04-14 02:20 4096 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\ksuser.dll + 2007-05-21 22:37 . 2002-12-12 03:14 4096 c:\windows\system32\ksuser.dll - 2007-05-21 22:37 . 2008-04-14 02:20 4096 c:\windows\system32\ksuser.dll + 2001-10-28 18:06 . 2001-10-28 18:06 9216 c:\windows\system32\eventvwr.exe + 2010-05-24 23:07 . 2001-09-06 02:50 4608 c:\windows\system32\dllcache\xrxflnch.exe + 2007-05-21 21:10 . 2008-04-14 02:20 6656 c:\windows\system32\dllcache\wuauserv.dll + 2010-05-24 23:07 . 2008-04-13 22:20 8192 c:\windows\system32\dllcache\wshirda.dll + 2007-05-21 21:09 . 2001-10-28 18:07 5632 c:\windows\system32\dllcache\write.exe + 2001-09-05 23:49 . 2001-10-28 18:06 3200 c:\windows\system32\dllcache\wowfax.dll + 2007-05-21 21:10 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\wmm2res2.dll + 2007-05-21 21:10 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\wmm2ext.dll + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\wmm2eres.dll + 2007-05-21 21:09 . 2008-04-14 01:55 7168 c:\windows\system32\dllcache\wmiapres.dll + 2010-05-24 23:07 . 2008-04-13 14:36 8832 c:\windows\system32\dllcache\wmiacpi.sys + 2004-08-04 07:45 . 2008-04-14 02:19 5632 c:\windows\system32\dllcache\wmi.dll + 2004-08-04 07:45 . 2008-04-14 02:21 5632 c:\windows\system32\dllcache\winver.exe + 2010-05-24 23:06 . 2008-04-13 14:40 5376 c:\windows\system32\dllcache\viaide.sys + 2010-05-24 23:06 . 2001-08-18 00:28 7556 c:\windows\system32\dllcache\usroslba.sys + 2001-10-28 18:07 . 2001-10-28 18:07 4736 c:\windows\system32\dllcache\usbd.sys + 2010-05-24 23:06 . 2001-09-06 02:12 4992 c:\windows\system32\dllcache\toside.sys + 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\tlntsvrp.dll + 2010-05-24 23:05 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\tandqic.sys + 2010-05-24 23:05 . 2001-08-18 01:02 3968 c:\windows\system32\dllcache\swusbflt.sys + 2004-08-03 22:58 . 2008-04-13 18:39 4352 c:\windows\system32\dllcache\swenum.sys + 2001-09-05 23:50 . 2001-10-28 18:06 8192 c:\windows\system32\dllcache\streamci.dll + 2008-04-14 02:20 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\staxmem.dll + 2007-05-21 22:37 . 2008-04-13 18:45 6272 c:\windows\system32\dllcache\splitter.sys + 2010-05-24 23:05 . 2001-08-18 00:56 7552 c:\windows\system32\dllcache\sonypvu1.sys + 2010-05-24 23:05 . 2001-08-18 00:53 9600 c:\windows\system32\dllcache\sonymc.sys + 2010-05-24 23:05 . 2008-04-13 14:40 7552 c:\windows\system32\dllcache\sonyait.sys + 2010-05-24 23:05 . 2001-08-18 00:53 7040 c:\windows\system32\dllcache\snyaitmc.sys + 2007-06-15 08:04 . 2008-04-14 02:21 8704 c:\windows\system32\dllcache\snmptrap.exe + 2007-06-15 08:04 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\snmpmib.dll + 2004-08-04 07:45 . 2008-04-14 02:21 8192 c:\windows\system32\dllcache\smbinst.exe + 2010-05-24 23:05 . 2001-08-18 00:57 6784 c:\windows\system32\dllcache\smbhc.sys + 2010-05-24 23:05 . 2008-04-13 14:36 6912 c:\windows\system32\dllcache\smbclass.sys + 2008-04-13 18:36 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys + 2008-04-14 02:20 . 2008-04-14 02:20 3901 c:\windows\system32\dllcache\siint5.dll + 2004-08-04 07:45 . 2008-04-14 02:20 5120 c:\windows\system32\dllcache\sfc.dll + 2010-05-24 23:04 . 2001-09-06 02:27 6912 c:\windows\system32\dllcache\serscan.sys + 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\sensapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\security.dll + 2010-05-24 23:04 . 2001-08-18 00:53 6912 c:\windows\system32\dllcache\seaddsmc.sys + 2004-08-04 07:45 . 2008-04-14 02:21 9216 c:\windows\system32\dllcache\scrnsave.scr + 2008-04-14 02:20 . 2008-04-14 02:20 9728 c:\windows\system32\dllcache\rwnh.dll + 2010-05-24 23:04 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\rsmgrstr.dll + 2010-05-24 23:04 . 2001-08-17 23:19 3840 c:\windows\system32\dllcache\rpfun.sys + 2008-04-14 02:20 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\rpcref.dll + 2004-08-04 07:45 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\rasadhlp.dll + 2010-05-24 23:04 . 2001-08-18 00:53 3328 c:\windows\system32\dllcache\qv2kux.sys + 2010-05-24 23:04 . 2008-04-13 14:40 6016 c:\windows\system32\dllcache\qic157.sys + 2008-04-14 02:20 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\pwsdata.dll + 2010-05-24 23:04 . 2001-09-06 02:50 5632 c:\windows\system32\dllcache\ptpusb.dll + 2004-08-04 07:45 . 2008-04-14 02:21 9728 c:\windows\system32\dllcache\proxycfg.exe + 2010-05-24 23:03 . 2008-04-13 14:40 8832 c:\windows\system32\dllcache\powerfil.sys + 2010-05-24 23:03 . 2001-08-18 00:53 7168 c:\windows\system32\dllcache\pnrmc.sys + 2010-05-24 23:03 . 2001-08-18 01:07 5504 c:\windows\system32\dllcache\perc2hib.sys + 2001-10-28 18:07 . 2001-10-28 18:07 3456 c:\windows\system32\dllcache\pciide.sys + 2001-10-28 18:07 . 2001-10-28 18:07 3456 c:\windows\system32\dllcache\oprghdlr.sys + 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\ntlsapi.dll + 2010-05-24 23:03 . 2001-09-06 02:08 9472 c:\windows\system32\dllcache\ntapm.sys + 2010-05-24 23:03 . 2001-08-18 00:53 7552 c:\windows\system32\dllcache\nsmmc.sys + 2004-08-04 07:45 . 2008-04-14 02:21 4096 c:\windows\system32\dllcache\nddeapir.exe + 2010-05-24 23:02 . 2001-09-06 02:50 7168 c:\windows\system32\dllcache\mxport.dll + 2007-05-21 21:09 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\mtxex.dll + 2007-08-18 17:22 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys + 2004-08-03 22:58 . 2008-04-13 18:39 4992 c:\windows\system32\dllcache\mspqm.sys + 2004-08-03 22:58 . 2008-04-13 18:39 5376 c:\windows\system32\dllcache\mspclock.sys + 2010-05-24 23:02 . 2001-08-18 01:00 2944 c:\windows\system32\dllcache\msmpu401.sys + 2004-08-03 22:58 . 2008-04-13 18:39 7552 c:\windows\system32\dllcache\mskssrv.sys + 2004-08-04 07:45 . 2008-04-14 02:20 4608 c:\windows\system32\dllcache\msimg32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 6656 c:\windows\system32\dllcache\msidle.dll + 2010-05-24 23:02 . 2001-08-18 00:48 6016 c:\windows\system32\dllcache\msfsio.sys + 2007-05-21 21:09 . 2008-04-14 02:21 6144 c:\windows\system32\dllcache\msdtc.exe + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaurl.dll + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdasc.dll + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaer.dll + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaenum.dll + 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdadc.dll + 2004-08-04 07:44 . 2008-04-14 02:18 3584 c:\windows\system32\dllcache\msafd.dll + 2004-08-04 07:45 . 2008-04-14 02:21 4608 c:\windows\system32\dllcache\mqsvc.exe + 2008-04-14 02:21 . 2008-04-14 02:21 7680 c:\windows\system32\dllcache\migregdb.exe + 2010-05-24 23:01 . 2001-08-18 00:58 8320 c:\windows\system32\dllcache\memcard.sys + 2010-05-24 23:01 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\mammoth.sys + 2010-05-24 23:01 . 2008-04-13 14:40 7040 c:\windows\system32\dllcache\ltotape.sys + 2010-05-24 23:01 . 2001-08-18 00:53 4992 c:\windows\system32\dllcache\loop.sys + 2007-05-21 22:37 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\ksuser.dll + 2004-08-04 05:59 . 2008-04-13 18:31 7424 c:\windows\system32\dllcache\kd1394.dll + 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdukx.dll + 2004-08-04 07:44 . 2008-04-14 02:18 7680 c:\windows\system32\dllcache\kbdsmsno.dll + 2004-08-04 07:44 . 2008-04-14 02:18 7680 c:\windows\system32\dllcache\kbdsmsfi.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdpash.dll + 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdno1.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdnepr.dll + 2001-10-28 18:06 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdnec.dll + 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdmlt48.dll + 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdmlt47.dll + 2004-08-04 07:44 . 2008-04-14 02:18 5632 c:\windows\system32\dllcache\kbdmaori.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdlk41j.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\kbdlk41a.dll + 2010-05-24 23:01 . 2001-08-18 09:36 8192 c:\windows\system32\dllcache\kbdkor.dll + 2010-05-24 23:01 . 2001-08-18 09:36 8704 c:\windows\system32\dllcache\kbdjpn.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdiultn.dll + 2004-08-04 07:44 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\kbdinmal.dll + 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdinben.dll + 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdinbe1.dll + 2008-04-14 02:18 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdibm02.dll + 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdfi1.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdbhc.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdax2.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbd106n.dll + 2010-05-24 23:00 . 2001-08-18 01:55 5632 c:\windows\system32\dllcache\kbd103.dll + 2010-05-24 23:00 . 2001-08-18 01:55 6144 c:\windows\system32\dllcache\kbd101c.dll + 2010-05-24 23:00 . 2001-08-18 01:55 6144 c:\windows\system32\dllcache\kbd101b.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbd101.dll + 2010-05-24 23:00 . 2008-04-13 21:57 5632 c:\windows\system32\dllcache\intelide.sys + 2008-04-14 02:20 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\iisfecnv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\igmpagnt.dll + 2004-08-04 07:44 . 2008-04-14 02:18 3584 c:\windows\system32\dllcache\icmp.dll + 2010-05-24 23:00 . 2001-09-06 02:48 9728 c:\windows\system32\dllcache\ibmsgnet.dll + 2010-05-24 23:00 . 2008-04-13 14:41 8576 c:\windows\system32\dllcache\i2omgmt.sys + 2008-04-14 02:20 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\httpmb51.dll + 2010-05-24 22:59 . 2001-09-06 02:50 9759 c:\windows\system32\dllcache\hsf_inst.dll + 2010-05-24 22:59 . 2001-08-18 00:52 5760 c:\windows\system32\dllcache\hpt4qic.sys + 2010-05-24 22:59 . 2001-08-18 01:02 2688 c:\windows\system32\dllcache\hidswvd.sys + 2010-05-24 22:59 . 2001-08-18 01:02 8576 c:\windows\system32\dllcache\hidgame.sys + 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\hccoin.dll + 2008-04-14 02:18 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\fxsres.dll + 2008-04-14 02:20 . 2008-04-14 02:20 8704 c:\windows\system32\dllcache\fxsperf.dll + 2008-04-14 02:20 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\ftpmib.dll + 2004-08-04 07:44 . 2008-04-14 02:18 9344 c:\windows\system32\dllcache\framebuf.dll + 2001-10-28 18:06 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\forcedos.exe + 2008-04-14 02:18 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\f3ahvoas.dll + 2010-05-24 22:59 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\exabyte2.sys + 2001-10-28 18:06 . 2001-10-28 18:06 9216 c:\windows\system32\dllcache\eventvwr.exe + 2010-05-24 22:58 . 2001-08-18 00:46 6400 c:\windows\system32\dllcache\enum1394.sys + 2010-05-24 22:58 . 2001-08-18 00:53 7296 c:\windows\system32\dllcache\elmsmc.sys + 2004-08-04 07:44 . 2008-04-14 02:00 4096 c:\windows\system32\dllcache\dsprpres.dll + 2004-08-03 23:07 . 2008-04-13 18:45 2944 c:\windows\system32\dllcache\drmkaud.sys - 2009-10-17 10:23 . 2002-12-12 03:14 3072 c:\windows\system32\dllcache\dpnlobby.dll + 2004-08-04 07:44 . 2008-04-14 02:18 3072 c:\windows\system32\dllcache\dpnlobby.dll - 2009-10-17 10:23 . 2002-12-12 03:14 3072 c:\windows\system32\dllcache\dpnaddr.dll + 2004-08-04 07:44 . 2008-04-14 02:18 3072 c:\windows\system32\dllcache\dpnaddr.dll + 2010-05-24 22:58 . 2001-08-18 00:47 8704 c:\windows\system32\dllcache\dot4scan.sys + 2008-04-14 02:20 . 2008-04-14 02:20 9216 c:\windows\system32\dllcache\dot3dlg.dll + 2010-05-24 22:58 . 2008-04-13 14:40 8320 c:\windows\system32\dllcache\dlttape.sys + 2004-08-04 07:45 . 2008-04-14 02:20 5120 c:\windows\system32\dllcache\dllhost.exe + 2010-05-24 22:58 . 2001-09-06 02:50 6216 c:\windows\system32\dllcache\divaci.dll + 2010-05-24 22:58 . 2001-09-06 02:50 6729 c:\windows\system32\dllcache\disrvci.dll + 2010-05-24 22:58 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\ddsmc.sys + 2007-05-21 21:09 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\dcomcnfg.exe + 2004-08-04 07:45 . 2008-04-14 02:20 8704 c:\windows\system32\dllcache\dciman32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\d3d8thk.dll - 2009-10-17 10:23 . 2002-12-12 03:14 8192 c:\windows\system32\dllcache\d3d8thk.dll + 2010-05-24 22:57 . 2001-08-17 23:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys + 2010-05-24 22:57 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbmidi.sys + 2010-05-24 22:57 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbase.sys + 2010-05-24 22:57 . 2001-09-06 02:50 4096 c:\windows\system32\dllcache\ctwdm32.dll + 2010-05-24 22:57 . 2001-08-17 23:19 3712 c:\windows\system32\dllcache\ctljystk.sys + 2010-05-24 22:57 . 2001-08-17 23:19 6912 c:\windows\system32\dllcache\ctlfacem.sys + 2004-08-04 07:45 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\csrss.exe + 2007-05-21 21:09 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\comrereg.exe + 2007-05-21 21:09 . 2008-04-14 02:20 9728 c:\windows\system32\dllcache\comrepl.exe + 2010-05-24 22:57 . 2001-09-06 02:18 6656 c:\windows\system32\dllcache\cmdide.sys + 2004-08-04 07:45 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\cisvc.exe + 2010-05-24 22:57 . 2008-04-13 14:41 8192 c:\windows\system32\dllcache\changer.sys + 2010-05-24 22:57 . 2001-08-18 00:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys + 2010-05-24 22:56 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brserif.dll + 2010-05-24 22:56 . 2001-09-06 02:50 5120 c:\windows\system32\dllcache\brscnrsm.dll + 2010-05-24 22:56 . 2001-08-18 00:12 3168 c:\windows\system32\dllcache\brparimg.sys + 2010-05-24 22:56 . 2001-08-18 00:12 3968 c:\windows\system32\dllcache\brfiltup.sys + 2010-05-24 22:56 . 2001-08-18 00:12 2944 c:\windows\system32\dllcache\brfilt.sys + 2010-05-24 22:56 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brcoinst.dll + 2008-04-14 02:20 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\bitsprx4.dll + 2007-05-21 21:10 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\bitsprx3.dll + 2007-05-21 21:10 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\bitsprx2.dll + 2007-05-21 18:07 . 2001-08-17 21:59 3072 c:\windows\system32\dllcache\audstub.sys + 2010-05-24 22:56 . 2001-08-17 23:49 9472 c:\windows\system32\dllcache\ativmdcd.sys + 2010-05-24 22:56 . 2001-08-18 00:47 6272 c:\windows\system32\dllcache\apmbatt.sys + 2010-05-24 22:56 . 2001-08-18 00:51 5248 c:\windows\system32\dllcache\aliide.sys + 2008-04-14 02:20 . 2008-04-14 02:20 3775 c:\windows\system32\dllcache\adv11nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 3711 c:\windows\system32\dllcache\adv09nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 3135 c:\windows\system32\dllcache\adv08nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 3647 c:\windows\system32\dllcache\adv07nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 3615 c:\windows\system32\dllcache\adv05nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 3967 c:\windows\system32\dllcache\adv02nt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 4255 c:\windows\system32\dllcache\adv01nt5.dll + 2010-05-24 22:56 . 2001-08-18 00:53 7424 c:\windows\system32\dllcache\adicvls.sys + 2004-08-04 07:45 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\actmovie.exe + 2004-08-04 07:44 . 2008-04-13 18:35 192512 c:\windows\system32\xpsp1res.dll + 2007-05-21 21:09 . 2001-10-28 18:07 119808 c:\windows\system32\winmine.exe + 2001-10-28 18:07 . 2001-10-28 18:07 102400 c:\windows\system32\verifier.exe + 2004-08-04 07:45 . 2008-04-14 02:21 347136 c:\windows\system32\tourstart.exe + 2007-05-21 21:09 . 2001-10-28 18:07 139264 c:\windows\system32\sndvol32.exe + 2010-05-26 00:17 . 2006-05-26 14:58 117248 c:\windows\system32\ReinstallBackups\0022\DriverFiles\staco.dll + 2010-05-26 00:17 . 2006-05-26 14:58 217088 c:\windows\system32\ReinstallBackups\0022\DriverFiles\stacapi.dll + 2010-05-26 00:17 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\portcls.sys + 2009-08-03 18:07 . 2009-08-03 18:07 230768 c:\windows\system32\OGAEXEC.exe + 2009-08-03 18:07 . 2009-08-03 18:07 403816 c:\windows\system32\OGACheckControl.dll + 2009-08-03 18:07 . 2009-08-03 18:07 322928 c:\windows\system32\OGAAddin.dll + 2007-05-21 21:09 . 2008-04-14 02:21 677888 c:\windows\system32\mstsc.exe + 2007-05-21 21:09 . 2001-10-28 18:07 128000 c:\windows\system32\mshearts.exe + 2001-09-05 23:50 . 2001-09-06 02:50 147968 c:\windows\system32\mdwmdmsp.dll + 2001-10-28 18:06 . 2001-10-28 18:06 117248 c:\windows\system32\inetcplc.dll + 2001-10-28 18:06 . 2001-10-28 18:06 237568 c:\windows\system32\ieakui.dll - 2007-05-21 17:17 . 2009-11-12 13:17 274968 c:\windows\system32\FNTCACHE.DAT + 2010-05-26 12:43 . 2010-05-26 12:43 274968 c:\windows\system32\FNTCACHE.DAT + 2007-05-21 17:18 . 2001-10-28 18:06 103424 c:\windows\system32\eqnclass.dll - 2004-08-03 23:15 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys + 2004-08-03 23:15 . 2008-04-13 15:19 146048 c:\windows\system32\drivers\portcls.sys + 2009-10-17 10:23 . 2002-12-12 03:14 381952 c:\windows\system32\dpvoice.dll + 2001-10-28 18:06 . 2001-10-28 18:06 127488 c:\windows\system32\dmdskres.dll + 2010-05-24 23:07 . 2008-04-13 22:20 116224 c:\windows\system32\dllcache\xrxwiadr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 129024 c:\windows\system32\dllcache\xmlprov.dll + 2004-08-04 00:45 . 2008-04-14 02:20 483840 c:\windows\system32\dllcache\wzcsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 383488 c:\windows\system32\dllcache\wzcdlg.dll + 2004-08-04 07:45 . 2008-04-14 02:20 108032 c:\windows\system32\dllcache\wshbth.dll + 2004-08-04 07:45 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe - 2008-08-31 09:44 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe + 2004-08-04 07:45 . 2008-04-14 02:20 264704 c:\windows\system32\dllcache\wow32.dll - 2009-04-17 12:27 . 2008-04-21 21:15 216064 c:\windows\system32\dllcache\wordpad.exe + 2007-05-21 21:09 . 2008-04-21 21:15 216064 c:\windows\system32\dllcache\wordpad.exe + 2007-05-21 21:10 . 2008-04-14 02:20 325632 c:\windows\system32\dllcache\wmm2fxb.dll + 2007-05-21 21:10 . 2008-04-14 02:20 502272 c:\windows\system32\dllcache\wmm2fxa.dll + 2007-05-21 21:10 . 2008-04-14 02:20 402432 c:\windows\system32\dllcache\wmm2filt.dll + 2007-05-21 21:10 . 2008-04-14 02:20 167936 c:\windows\system32\dllcache\wmm2ae.dll + 2007-05-21 21:09 . 2008-04-14 02:20 145408 c:\windows\system32\dllcache\wmisvc.dll - 2009-04-18 01:06 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe + 2007-05-21 21:09 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe - 2009-04-18 01:06 . 2009-02-09 10:53 453120 c:\windows\system32\dllcache\wmiprvsd.dll + 2007-05-21 21:09 . 2009-02-09 10:53 453120 c:\windows\system32\dllcache\wmiprvsd.dll + 2007-05-21 21:09 . 2008-04-14 02:20 144896 c:\windows\system32\dllcache\wmiprov.dll + 2007-05-21 21:09 . 2008-04-14 02:20 132096 c:\windows\system32\dllcache\wmipdskq.dll + 2007-05-21 21:09 . 2008-04-14 02:20 156672 c:\windows\system32\dllcache\wmipcima.dll + 2007-05-21 21:09 . 2008-04-14 02:20 140800 c:\windows\system32\dllcache\wmidcprv.dll + 2007-05-21 21:09 . 2008-04-14 02:21 365056 c:\windows\system32\dllcache\wmic.exe + 2007-05-21 21:09 . 2008-04-14 02:21 126464 c:\windows\system32\dllcache\wmiapsrv.exe + 2007-05-21 21:09 . 2008-04-14 02:21 196608 c:\windows\system32\dllcache\wmiadap.exe + 2010-05-24 23:07 . 2008-04-13 12:35 154624 c:\windows\system32\dllcache\wlluc48.sys + 2004-08-04 07:45 . 2008-04-14 02:20 172544 c:\windows\system32\dllcache\wldap32.dll - 2009-06-10 06:15 . 2009-06-10 06:15 132096 c:\windows\system32\dllcache\wkssvc.dll + 2004-08-04 07:45 . 2009-06-10 06:15 132096 c:\windows\system32\dllcache\wkssvc.dll + 2004-08-04 07:45 . 2009-12-24 07:00 177664 c:\windows\system32\dllcache\wintrust.dll - 2009-12-24 07:00 . 2009-12-24 07:00 177664 c:\windows\system32\dllcache\wintrust.dll + 2004-08-04 07:45 . 2008-04-14 02:21 146944 c:\windows\system32\dllcache\winspool.drv + 2004-08-04 07:45 . 2008-04-14 02:20 179200 c:\windows\system32\dllcache\winmm.dll + 2007-05-21 21:09 . 2001-10-28 18:07 119808 c:\windows\system32\dllcache\winmine.exe + 2004-08-04 07:45 . 2009-08-25 09:19 354816 c:\windows\system32\dllcache\winhttp.dll - 2008-12-16 12:31 . 2009-08-25 09:19 354816 c:\windows\system32\dllcache\winhttp.dll + 2004-08-04 07:45 . 2008-04-14 02:21 287744 c:\windows\system32\dllcache\winhlp32.exe + 2010-05-24 23:07 . 2001-08-18 00:28 771581 c:\windows\system32\dllcache\winacisa.sys - 2009-11-03 13:44 . 2008-08-28 07:47 105472 c:\windows\system32\dllcache\win32spl.dll + 2004-08-04 07:45 . 2008-08-28 07:47 105472 c:\windows\system32\dllcache\win32spl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 111104 c:\windows\system32\dllcache\wiavideo.dll + 2004-08-04 07:45 . 2008-04-14 02:20 334336 c:\windows\system32\dllcache\wiaservc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 124928 c:\windows\system32\dllcache\wiadss.dll + 2004-08-04 07:45 . 2008-04-14 02:20 136192 c:\windows\system32\dllcache\webvw.dll + 2010-05-24 23:06 . 2001-08-18 00:28 701386 c:\windows\system32\dllcache\wdhaalba.sys + 2007-05-21 21:09 . 2008-04-14 02:20 197120 c:\windows\system32\dllcache\wbemupgd.dll + 2007-05-21 21:09 . 2008-04-14 02:21 118784 c:\windows\system32\dllcache\wbemtest.exe + 2007-05-21 21:09 . 2008-04-14 02:20 273920 c:\windows\system32\dllcache\wbemess.dll + 2007-05-21 21:09 . 2008-04-14 02:20 178176 c:\windows\system32\dllcache\wbemdisp.dll + 2007-05-21 21:09 . 2008-04-14 02:20 531968 c:\windows\system32\dllcache\wbemcore.dll + 2007-05-21 21:09 . 2008-04-14 02:20 214528 c:\windows\system32\dllcache\wbemcomn.dll + 2007-05-21 21:09 . 2008-04-14 02:20 199168 c:\windows\system32\dllcache\wbemcntl.dll + 2001-10-28 18:07 . 2008-04-14 02:20 215552 c:\windows\system32\dllcache\wavemsp.dll + 2008-04-14 02:20 . 2008-04-14 02:20 368128 c:\windows\system32\dllcache\w3svc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 176128 c:\windows\system32\dllcache\w32time.dll + 2004-08-04 07:45 . 2008-04-14 02:21 292864 c:\windows\system32\dllcache\vssvc.exe + 2004-08-04 07:45 . 2008-04-14 02:20 430592 c:\windows\system32\dllcache\vssapi.dll + 2010-05-24 23:06 . 2001-08-18 00:28 397502 c:\windows\system32\dllcache\vpctcom.sys + 2010-05-24 23:06 . 2001-08-18 00:28 604253 c:\windows\system32\dllcache\vmodem.sys + 2010-05-24 23:06 . 2001-08-17 23:14 249402 c:\windows\system32\dllcache\vinwm.sys + 2007-05-21 21:09 . 2008-04-14 02:20 131584 c:\windows\system32\dllcache\viewprov.dll + 2001-10-28 18:07 . 2001-10-28 18:07 102400 c:\windows\system32\dllcache\verifier.exe - 2008-08-31 09:44 . 2010-03-10 06:16 420352 c:\windows\system32\dllcache\vbscript.dll + 2004-08-04 07:45 . 2010-03-10 06:16 420352 c:\windows\system32\dllcache\vbscript.dll + 2010-05-24 23:06 . 2001-08-18 00:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys + 2001-09-05 23:50 . 2001-10-28 18:06 102457 c:\windows\system32\dllcache\usrv42a.dll + 2010-05-24 23:06 . 2001-08-18 00:28 765884 c:\windows\system32\dllcache\usrti.sys + 2010-05-24 23:06 . 2001-08-18 00:28 113762 c:\windows\system32\dllcache\usrpda.sys + 2001-09-05 23:50 . 2001-10-28 18:06 323641 c:\windows\system32\dllcache\usrdtea.dll + 2010-05-24 23:06 . 2001-08-18 00:28 224802 c:\windows\system32\dllcache\usr1807a.sys + 2010-05-24 23:06 . 2001-08-18 00:28 794399 c:\windows\system32\dllcache\usr1806v.sys + 2010-05-24 23:06 . 2001-08-18 00:28 793598 c:\windows\system32\dllcache\usr1806.sys + 2010-05-24 23:06 . 2001-08-18 00:28 794654 c:\windows\system32\dllcache\usr1801.sys + 2004-08-04 07:45 . 2008-04-14 02:20 406016 c:\windows\system32\dllcache\usp10.dll + 2008-04-13 18:46 . 2008-04-13 18:46 121984 c:\windows\system32\dllcache\usbvideo.sys + 2004-08-04 06:08 . 2008-04-13 18:45 143872 c:\windows\system32\dllcache\usbport.sys + 2004-08-04 07:45 . 2008-04-14 02:20 186368 c:\windows\system32\dllcache\upnphost.dll + 2004-08-04 07:45 . 2008-04-14 02:20 133632 c:\windows\system32\dllcache\upnp.dll + 2004-08-04 05:58 . 2008-04-13 18:39 384768 c:\windows\system32\dllcache\update.sys + 2004-08-04 07:45 . 2008-04-14 02:20 316416 c:\windows\system32\dllcache\untfs.dll + 2004-08-04 07:45 . 2008-04-14 02:20 124416 c:\windows\system32\dllcache\umpnpmgr.dll + 2010-05-24 23:06 . 2001-09-06 02:50 212480 c:\windows\system32\dllcache\um54scan.dll + 2010-05-24 23:06 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\um34scan.dll + 2004-08-04 07:45 . 2008-04-14 02:20 303616 c:\windows\system32\dllcache\ulib.dll + 2008-04-14 02:20 . 2008-04-14 02:20 103936 c:\windows\system32\dllcache\uihelper.dll + 2004-08-04 07:45 . 2008-04-14 02:20 101376 c:\windows\system32\dllcache\txflog.dll + 2004-08-04 07:45 . 2008-04-14 02:20 131584 c:\windows\system32\dllcache\tsoc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 279040 c:\windows\system32\dllcache\tshoot.dll - 2009-09-09 22:38 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll + 2007-05-21 21:10 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll + 2010-05-24 23:06 . 2001-08-17 23:51 166784 c:\windows\system32\dllcache\tridxpm.sys + 2010-05-24 23:06 . 2001-09-06 02:50 525568 c:\windows\system32\dllcache\tridxp.dll + 2010-05-24 23:06 . 2001-08-17 23:51 159232 c:\windows\system32\dllcache\tridkbm.sys + 2010-05-24 23:06 . 2001-09-06 02:49 440576 c:\windows\system32\dllcache\tridkb.dll + 2010-05-24 23:06 . 2001-08-17 23:51 222336 c:\windows\system32\dllcache\trid3dm.sys + 2010-05-24 23:06 . 2001-09-06 02:49 315520 c:\windows\system32\dllcache\trid3d.dll + 2004-08-04 07:45 . 2008-04-14 02:21 260096 c:\windows\system32\dllcache\tracerpt.exe + 2004-08-04 07:45 . 2008-04-14 02:21 347136 c:\windows\system32\dllcache\tourstrt.exe + 2010-05-24 23:06 . 2001-08-18 01:02 230912 c:\windows\system32\dllcache\tosdvd03.sys + 2010-05-24 23:06 . 2001-08-18 01:01 241664 c:\windows\system32\dllcache\tosdvd02.sys + 2010-05-24 23:06 . 2001-08-17 23:14 123995 c:\windows\system32\dllcache\tjisdn.sys + 2010-05-24 23:05 . 2001-08-17 23:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys + 2010-05-24 23:05 . 2008-04-13 14:40 149376 c:\windows\system32\dllcache\tffsport.sys + 2007-05-21 21:09 . 2008-04-14 02:20 296960 c:\windows\system32\dllcache\termsrv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 358912 c:\windows\system32\dllcache\termmgr.dll - 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys + 2004-08-04 06:07 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys + 2004-08-04 06:14 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys - 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys + 2004-08-04 07:45 . 2008-04-14 02:20 249856 c:\windows\system32\dllcache\tapisrv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 181760 c:\windows\system32\dllcache\tapi32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 859648 c:\windows\system32\dllcache\tapi3.dll + 2010-05-24 23:05 . 2001-09-06 02:49 172768 c:\windows\system32\dllcache\t2r4disp.dll - 2009-07-29 04:36 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll + 2004-08-04 07:45 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll + 2008-04-14 02:20 . 2008-04-14 02:20 173568 c:\windows\system32\dllcache\sysmoda.dll + 2004-08-04 07:45 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\sysmod.dll + 2010-05-24 23:05 . 2001-08-18 00:50 103936 c:\windows\system32\dllcache\sx.sys + 2010-05-24 23:05 . 2001-09-06 02:50 155648 c:\windows\system32\dllcache\stlnprop.dll + 2010-05-24 23:05 . 2001-09-06 02:06 286432 c:\windows\system32\dllcache\stlnata.sys + 2004-08-04 07:45 . 2008-04-14 02:21 684032 c:\windows\system32\dllcache\sstext3d.scr + 2004-08-04 07:45 . 2008-04-14 02:21 610304 c:\windows\system32\dllcache\sspipes.scr + 2004-08-04 07:45 . 2008-04-14 02:21 393216 c:\windows\system32\dllcache\ssflwbox.scr + 2004-08-04 07:45 . 2008-04-14 02:21 708608 c:\windows\system32\dllcache\ss3dfo.scr - 2008-10-16 22:12 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys + 2004-08-04 06:14 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys + 2007-05-21 21:10 . 2008-04-14 02:20 171520 c:\windows\system32\dllcache\srsvc.dll + 2007-05-21 21:10 . 2008-04-14 02:20 217088 c:\windows\system32\dllcache\sqlxmlx.dll + 2004-08-04 07:45 . 2008-04-14 02:20 180800 c:\windows\system32\dllcache\sqlunirl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\sqlse20.dll + 2004-08-04 07:45 . 2008-04-14 02:20 462848 c:\windows\system32\dllcache\sqlqp20.dll + 2004-08-04 07:45 . 2008-04-14 02:20 151552 c:\windows\system32\dllcache\sqldb20.dll + 2004-08-04 07:45 . 2008-04-14 02:20 271872 c:\windows\system32\dllcache\sptip.dll + 2007-06-02 03:08 . 2008-04-13 18:38 736256 c:\windows\system32\dllcache\spru0416.dll + 2004-08-04 07:44 . 2008-04-13 18:35 192512 c:\windows\system32\dllcache\sprs0416.dll + 2010-05-24 23:05 . 2001-09-06 02:50 106584 c:\windows\system32\dllcache\spdports.dll + 2010-05-24 23:05 . 2001-09-06 02:50 114688 c:\windows\system32\dllcache\sonypi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 130048 c:\windows\system32\dllcache\softkbd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 183296 c:\windows\system32\dllcache\snmpsnap.dll + 2007-06-15 08:04 . 2008-04-14 02:20 188416 c:\windows\system32\dllcache\snmpsmir.dll + 2007-06-15 08:04 . 2008-04-14 02:20 358400 c:\windows\system32\dllcache\snmpincl.dll + 2007-06-15 08:04 . 2008-04-14 02:20 259072 c:\windows\system32\dllcache\snmpcl.dll + 2007-05-21 21:09 . 2001-10-28 18:07 139264 c:\windows\system32\dllcache\sndvol32.exe + 2008-04-14 02:20 . 2008-04-14 02:20 463360 c:\windows\system32\dllcache\smtpsvc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 189952 c:\windows\system32\dllcache\smtpadm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 366592 c:\windows\system32\dllcache\smlogcfg.dll + 2010-05-24 23:05 . 2001-09-06 02:49 147200 c:\windows\system32\dllcache\smidispb.dll + 2007-06-15 08:04 . 2008-04-14 02:21 236544 c:\windows\system32\dllcache\smi2smir.exe + 2008-08-30 19:21 . 2004-08-04 01:41 404990 c:\windows\system32\dllcache\slntamr.sys + 2008-08-30 19:21 . 2004-08-04 01:41 129535 c:\windows\system32\dllcache\slnt7554.sys + 2008-04-14 02:20 . 2008-04-14 02:20 188508 c:\windows\system32\dllcache\slgen.dll + 2008-04-14 02:20 . 2008-04-14 02:20 286792 c:\windows\system32\dllcache\slextspk.dll + 2010-05-24 23:05 . 2001-09-06 02:49 157696 c:\windows\system32\dllcache\sisv256.dll + 2010-05-24 23:05 . 2001-09-06 02:50 238592 c:\windows\system32\dllcache\sisgrv.dll + 2010-05-24 23:05 . 2001-08-17 23:50 104064 c:\windows\system32\dllcache\sisgrp.sys + 2010-05-24 23:05 . 2001-09-06 02:49 150144 c:\windows\system32\dllcache\sis6306v.dll + 2010-05-24 23:05 . 2001-09-06 02:49 252032 c:\windows\system32\dllcache\sis300iv.dll + 2010-05-24 23:05 . 2001-08-17 23:50 101760 c:\windows\system32\dllcache\sis300ip.sys + 2004-08-04 07:45 . 2008-04-14 02:20 135168 c:\windows\system32\dllcache\shsvcs.dll - 2009-12-08 09:24 . 2009-12-08 09:24 474112 c:\windows\system32\dllcache\shlwapi.dll + 2004-08-04 07:45 . 2009-12-08 09:24 474112 c:\windows\system32\dllcache\shlwapi.dll + 2010-05-24 23:04 . 2001-09-06 02:28 161632 c:\windows\system32\dllcache\sgsmusb.sys + 2004-08-04 07:45 . 2008-04-14 02:20 101888 c:\windows\system32\dllcache\setupqry.dll + 2007-05-21 21:10 . 2004-08-04 07:45 774144 c:\windows\system32\dllcache\setup_wm.exe + 2007-05-21 21:09 . 2008-04-14 02:21 142848 c:\windows\system32\dllcache\sessmgr.exe - 2009-04-18 01:06 . 2009-02-09 11:25 111104 c:\windows\system32\dllcache\services.exe + 2004-08-04 07:45 . 2009-02-09 11:25 111104 c:\windows\system32\dllcache\services.exe + 2008-04-14 02:20 . 2008-04-14 02:20 221696 c:\windows\system32\dllcache\seo.dll + 2004-08-04 07:45 . 2008-04-14 02:21 126976 c:\windows\system32\dllcache\sctasks.exe - 2008-08-31 09:44 . 2008-05-09 10:55 172032 c:\windows\system32\dllcache\scrrun.dll + 2004-08-04 07:45 . 2008-05-09 10:55 172032 c:\windows\system32\dllcache\scrrun.dll + 2008-04-14 02:20 . 2008-04-14 02:20 199680 c:\windows\system32\dllcache\scripta.dll + 2004-08-04 07:45 . 2008-04-14 02:20 216576 c:\windows\system32\dllcache\script.dll + 2007-05-21 21:10 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\schedsvc.dll + 2004-08-04 07:45 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll - 2008-12-05 06:58 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll + 2004-08-04 07:45 . 2008-04-14 02:20 320512 c:\windows\system32\dllcache\scesrv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 184832 c:\windows\system32\dllcache\scecli.dll + 2004-08-04 07:45 . 2008-04-14 02:20 171008 c:\windows\system32\dllcache\sccsccp.dll + 2010-05-24 23:04 . 2001-09-06 02:50 495616 c:\windows\system32\dllcache\sblfx.dll + 2004-08-04 07:45 . 2008-04-14 02:20 159232 c:\windows\system32\dllcache\sbeio.dll + 2004-08-04 07:45 . 2008-04-14 02:20 270848 c:\windows\system32\dllcache\sbe.dll + 2007-05-21 17:18 . 2008-04-14 02:20 741376 c:\windows\system32\dllcache\sapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 428032 c:\windows\system32\dllcache\samsrv.dll + 2010-05-24 23:04 . 2001-09-06 02:49 245632 c:\windows\system32\dllcache\s3savmx.dll + 2010-05-24 23:04 . 2001-09-06 02:49 198400 c:\windows\system32\dllcache\s3sav4.dll + 2010-05-24 23:04 . 2001-09-06 02:49 179264 c:\windows\system32\dllcache\s3sav3d.dll + 2010-05-24 23:04 . 2001-09-06 02:49 210496 c:\windows\system32\dllcache\s3mvirge.dll + 2010-05-24 23:04 . 2001-09-06 02:49 182272 c:\windows\system32\dllcache\s3mt3d.dll + 2010-05-24 23:04 . 2001-08-17 23:50 166720 c:\windows\system32\dllcache\s3m.sys + 2008-08-30 19:21 . 2004-08-04 01:29 166912 c:\windows\system32\dllcache\s3gnbm.sys + 2008-04-14 02:20 . 2008-04-14 02:20 397056 c:\windows\system32\dllcache\s3gnb.dll + 2004-08-04 07:45 . 2008-04-14 02:21 107520 c:\windows\system32\dllcache\rsnotify.exe + 2004-08-04 05:31 . 2008-04-13 17:37 208384 c:\windows\system32\dllcache\rsaenh.dll - 2009-04-18 01:06 . 2009-02-09 10:53 401408 c:\windows\system32\dllcache\rpcss.dll + 2004-08-04 07:45 . 2009-02-09 10:53 401408 c:\windows\system32\dllcache\rpcss.dll - 2009-04-15 14:53 . 2009-04-15 14:53 585216 c:\windows\system32\dllcache\rpcrt4.dll + 2004-08-04 07:45 . 2009-04-15 14:53 585216 c:\windows\system32\dllcache\rpcrt4.dll + 2001-10-28 18:07 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys - 2008-06-11 21:54 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys + 2004-08-04 07:45 . 2008-04-14 02:20 433664 c:\windows\system32\dllcache\riched20.dll + 2008-04-14 02:20 . 2008-04-14 02:20 290304 c:\windows\system32\dllcache\rhttpaa.dll + 2007-05-21 21:09 . 2008-04-14 02:20 178176 c:\windows\system32\dllcache\repdrvfs.dll + 2007-05-21 21:09 . 2008-04-14 02:21 139656 c:\windows\system32\dllcache\rdpwd.sys + 2007-05-21 21:09 . 2008-04-13 18:32 196224 c:\windows\system32\dllcache\rdpdr.sys + 2007-05-21 21:09 . 2008-04-14 02:20 147968 c:\windows\system32\dllcache\rdchost.dll + 2004-08-04 06:20 . 2008-04-13 19:28 175744 c:\windows\system32\dllcache\rdbss.sys + 2004-08-04 07:45 . 2008-04-14 02:20 102912 c:\windows\system32\dllcache\rcbdyctl.dll - 2009-10-12 13:39 . 2009-10-12 13:39 150016 c:\windows\system32\dllcache\rastls.dll + 2004-08-04 07:45 . 2009-10-12 13:39 150016 c:\windows\system32\dllcache\rastls.dll + 2004-08-04 07:45 . 2008-04-14 02:20 210944 c:\windows\system32\dllcache\rasppp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 186368 c:\windows\system32\dllcache\rasmans.dll + 2004-08-04 07:45 . 2008-04-14 02:20 237056 c:\windows\system32\dllcache\rasapi32.dll + 2010-05-24 23:04 . 2001-09-06 02:22 715242 c:\windows\system32\dllcache\r2mdmkxx.sys + 2010-05-24 23:04 . 2001-09-06 02:22 899658 c:\windows\system32\dllcache\r2mdkxga.sys + 2007-05-21 21:10 . 2008-04-14 02:20 409088 c:\windows\system32\dllcache\qmgr.dll + 2004-08-04 07:44 . 2008-04-13 17:21 733696 c:\windows\system32\dllcache\qedwipes.dll + 2004-08-04 07:45 . 2008-04-14 02:20 563200 c:\windows\system32\dllcache\qedit.dll + 2004-08-04 07:45 . 2008-04-14 02:20 386560 c:\windows\system32\dllcache\qdvd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 279040 c:\windows\system32\dllcache\qdv.dll + 2004-08-04 07:45 . 2008-04-14 02:20 192512 c:\windows\system32\dllcache\qcap.dll + 2008-04-14 02:20 . 2008-04-14 02:20 292864 c:\windows\system32\dllcache\qagentrt.dll + 2008-04-14 02:20 . 2008-04-14 02:20 150528 c:\windows\system32\dllcache\qagent.dll + 2010-05-24 23:04 . 2001-08-18 00:28 130942 c:\windows\system32\dllcache\ptserlv.sys + 2010-05-24 23:04 . 2001-08-18 00:28 112574 c:\windows\system32\dllcache\ptserlp.sys + 2010-05-24 23:04 . 2001-08-18 00:28 128286 c:\windows\system32\dllcache\ptserli.sys + 2010-05-24 23:04 . 2008-04-13 22:20 159232 c:\windows\system32\dllcache\ptpusd.dll + 2007-08-18 17:21 . 2008-04-14 02:20 363520 c:\windows\system32\dllcache\psisdecd.dll + 2007-05-21 21:09 . 2008-04-14 02:20 237056 c:\windows\system32\dllcache\provthrd.dll + 2004-08-03 23:15 . 2008-04-13 15:19 146048 c:\windows\system32\dllcache\portcls.sys + 2004-08-04 07:45 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\polstore.dll + 2007-05-21 21:09 . 2008-04-14 02:21 283648 c:\windows\system32\dllcache\pinball.exe + 2010-05-24 23:03 . 2001-09-06 02:50 121344 c:\windows\system32\dllcache\phvfwext.dll + 2010-05-24 23:03 . 2001-08-18 01:04 173696 c:\windows\system32\dllcache\philcam2.sys + 2010-05-24 23:03 . 2008-04-13 22:19 259328 c:\windows\system32\dllcache\perm3dd.dll + 2010-05-24 23:03 . 2008-04-13 22:19 211584 c:\windows\system32\dllcache\perm2dll.dll - 2009-04-18 01:06 . 2009-03-06 14:20 286208 c:\windows\system32\dllcache\pdh.dll + 2004-08-04 07:45 . 2009-03-06 14:20 286208 c:\windows\system32\dllcache\pdh.dll + 2010-05-24 23:03 . 2008-04-13 12:12 169984 c:\windows\system32\dllcache\pcx500.sys + 2004-08-04 07:35 . 2008-04-14 02:02 120320 c:\windows\system32\dllcache\pcmcia.sys + 2001-09-05 23:50 . 2001-10-28 18:06 157696 c:\windows\system32\dllcache\paqsp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 554496 c:\windows\system32\dllcache\p2psvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 115712 c:\windows\system32\dllcache\p2pnetsh.dll + 2004-08-04 07:45 . 2008-04-14 02:20 313856 c:\windows\system32\dllcache\p2pgraph.dll + 2004-08-04 07:45 . 2008-04-14 02:20 105472 c:\windows\system32\dllcache\p2pgasvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 153600 c:\windows\system32\dllcache\p2p.dll + 2010-05-24 23:03 . 2001-08-18 01:05 351616 c:\windows\system32\dllcache\ovcodek2.sys + 2010-05-24 23:03 . 2001-09-06 02:50 116736 c:\windows\system32\dllcache\ovcodec2.dll + 2004-08-04 07:45 . 2008-04-14 02:20 713728 c:\windows\system32\dllcache\opengl32.dll + 2008-04-14 02:20 . 2008-04-14 02:20 144896 c:\windows\system32\dllcache\onex.dll + 2004-08-04 07:45 . 2008-04-14 02:20 109056 c:\windows\system32\dllcache\oleprn.dll + 2001-10-28 18:07 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\oledlg.dll + 2007-05-21 21:10 . 2008-04-14 02:20 487424 c:\windows\system32\dllcache\oledb32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 551936 c:\windows\system32\dllcache\oleaut32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 192000 c:\windows\system32\dllcache\offfilt.dll + 2007-05-21 21:10 . 2008-04-14 02:20 104448 c:\windows\system32\dllcache\oeimport.dll + 2004-08-04 07:45 . 2008-04-14 02:20 147456 c:\windows\system32\dllcache\odbctrac.dll + 2004-08-04 07:45 . 2008-04-14 02:20 278559 c:\windows\system32\dllcache\odbcjt32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\odbccp32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 135168 c:\windows\system32\dllcache\odbcconf.dll + 2004-08-04 07:45 . 2008-04-14 02:20 249856 c:\windows\system32\dllcache\odbc32.dll + 2004-08-04 07:44 . 2008-04-13 18:40 444928 c:\windows\system32\dllcache\obrs0416.dll + 2004-08-04 07:45 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll - 2009-10-13 10:34 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll + 2004-08-04 06:02 . 2008-04-13 18:34 163584 c:\windows\system32\dllcache\nwrdr.sys + 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\nwprovau.dll + 2010-05-24 23:03 . 2001-08-17 23:50 198144 c:\windows\system32\dllcache\nv3.sys + 2010-05-24 23:03 . 2001-09-06 02:49 123776 c:\windows\system32\dllcache\nv3.dll + 2004-08-04 07:45 . 2008-04-14 02:21 421376 c:\windows\system32\dllcache\ntvdm.exe + 2008-08-30 19:21 . 2004-08-04 01:41 180360 c:\windows\system32\dllcache\ntmtlfax.sys + 2004-08-04 07:45 . 2008-04-14 02:20 437248 c:\windows\system32\dllcache\ntmssvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 493056 c:\windows\system32\dllcache\ntmsmgr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\ntmsdba.dll + 2004-08-04 07:45 . 2008-04-14 02:20 119296 c:\windows\system32\dllcache\ntmarta.dll + 2004-08-04 06:15 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\ntfs.sys + 2007-05-21 21:09 . 2008-04-14 02:20 212992 c:\windows\system32\dllcache\ntevt.dll - 2009-04-18 01:06 . 2009-02-09 10:53 730624 c:\windows\system32\dllcache\ntdll.dll + 2004-08-04 07:45 . 2009-02-09 10:53 730624 c:\windows\system32\dllcache\ntdll.dll + 2007-05-21 21:10 . 2008-04-14 02:20 192512 c:\windows\system32\dllcache\nmwb.dll + 2007-05-21 21:10 . 2008-04-14 02:20 172032 c:\windows\system32\dllcache\nmoldwb.dll + 2007-05-21 21:10 . 2008-04-14 02:20 155648 c:\windows\system32\dllcache\nmft.dll + 2007-05-21 21:10 . 2008-04-14 02:20 229376 c:\windows\system32\dllcache\nmas.dll + 2010-05-24 23:03 . 2001-08-17 23:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys + 2010-05-24 23:03 . 2008-04-13 21:59 132695 c:\windows\system32\dllcache\netwlan5.sys + 2004-08-04 07:45 . 2008-04-14 02:20 245760 c:\windows\system32\dllcache\netui1.dll + 2010-05-24 23:03 . 2004-08-04 07:48 332800 c:\windows\system32\dllcache\netsetup.exe + 2004-08-04 07:45 . 2008-04-14 02:20 198144 c:\windows\system32\dllcache\netman.dll + 2004-08-04 07:45 . 2008-04-14 02:20 407040 c:\windows\system32\dllcache\netlogon.dll + 2004-08-04 07:45 . 2008-04-14 02:21 113664 c:\windows\system32\dllcache\netdde.exe + 2004-08-04 07:45 . 2008-04-14 02:20 629760 c:\windows\system32\dllcache\netcfgx.dll + 2004-08-04 06:14 . 2008-04-13 19:21 162816 c:\windows\system32\dllcache\netbt.sys - 2008-10-25 09:13 . 2008-10-15 16:36 337408 c:\windows\system32\dllcache\netapi32.dll + 2004-08-04 07:45 . 2008-10-15 16:36 337408 c:\windows\system32\dllcache\netapi32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 124928 c:\windows\system32\dllcache\net1.exe + 2004-08-04 06:14 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\ndis.sys + 2008-04-14 02:21 . 2008-04-14 02:21 176640 c:\windows\system32\dllcache\napstat.exe + 2008-04-14 02:20 . 2008-04-14 02:20 198656 c:\windows\system32\dllcache\napmontr.dll + 2007-05-21 21:10 . 2008-04-14 02:20 221184 c:\windows\system32\dllcache\nac.dll + 2010-05-24 23:02 . 2001-09-06 02:28 129024 c:\windows\system32\dllcache\n100325.sys + 2004-08-04 06:15 . 2008-04-13 19:17 105344 c:\windows\system32\dllcache\mup.sys + 2010-05-24 23:02 . 2001-08-17 23:50 103296 c:\windows\system32\dllcache\mtxvideo.sys + 2008-08-30 19:21 . 2004-08-04 01:29 452736 c:\windows\system32\dllcache\mtxparhm.sys + 2008-04-14 02:21 . 2008-04-14 02:21 119808 c:\windows\system32\dllcache\mtstocom.exe + 2008-08-30 19:21 . 2004-08-04 01:41 126686 c:\windows\system32\dllcache\mtlmnt5.sys + 2004-08-04 07:45 . 2008-06-20 17:48 247808 c:\windows\system32\dllcache\mswsock.dll - 2008-06-20 17:48 . 2008-06-20 17:48 247808 c:\windows\system32\dllcache\mswsock.dll - 2009-08-05 09:00 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll + 2004-08-04 07:45 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 343040 c:\windows\system32\dllcache\msvcrt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 413696 c:\windows\system32\dllcache\msvcp60.dll + 2004-08-04 07:45 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll - 2009-06-25 08:27 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll + 2004-08-04 07:45 . 2008-04-14 02:20 116224 c:\windows\system32\dllcache\mstlsapi.dll + 2007-05-21 21:10 . 2008-04-14 02:20 274432 c:\windows\system32\dllcache\mst120.dll + 2008-04-14 02:20 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\mssha.dll + 2004-08-04 07:45 . 2008-04-14 02:20 134656 c:\windows\system32\dllcache\mssap.dll - 2009-12-17 07:41 . 2009-12-17 07:41 345600 c:\windows\system32\dllcache\mspaint.exe + 2007-05-21 21:09 . 2009-12-17 07:41 345600 c:\windows\system32\dllcache\mspaint.exe + 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\msorcl32.dll + 2007-05-21 21:10 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\msoert2.dll + 2007-05-21 21:10 . 2008-04-14 02:20 252928 c:\windows\system32\dllcache\msoeacct.dll + 2007-05-21 21:10 . 2008-04-14 02:20 566272 c:\windows\system32\dllcache\msobmain.dll + 2007-05-21 21:10 . 2008-04-14 02:20 122368 c:\windows\system32\dllcache\msobcomm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 290816 c:\windows\system32\dllcache\msnsspc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 170496 c:\windows\system32\dllcache\msmqocm.dll + 2007-05-21 21:10 . 2008-04-14 02:20 102400 c:\windows\system32\dllcache\msjro.dll + 2004-08-04 07:45 . 2008-04-14 02:20 159232 c:\windows\system32\dllcache\msimtf.dll + 2004-08-04 07:44 . 2008-04-13 15:39 884736 c:\windows\system32\dllcache\msimsg.dll + 2007-05-21 21:09 . 2001-10-28 18:07 128000 c:\windows\system32\dllcache\mshearts.exe + 2004-08-04 07:45 . 2008-04-14 02:20 539136 c:\windows\system32\dllcache\msftedit.dll - 2008-06-12 14:22 . 2008-06-12 14:22 161792 c:\windows\system32\dllcache\msdtcuiu.dll + 2007-05-21 21:09 . 2008-06-12 14:22 161792 c:\windows\system32\dllcache\msdtcuiu.dll - 2008-06-12 14:22 . 2008-06-12 14:22 956928 c:\windows\system32\dllcache\msdtctm.dll + 2007-05-21 21:09 . 2008-06-12 14:22 956928 c:\windows\system32\dllcache\msdtctm.dll + 2007-05-21 21:09 . 2008-06-12 14:22 428032 c:\windows\system32\dllcache\msdtcprx.dll - 2008-06-12 14:22 . 2008-06-12 14:22 428032 c:\windows\system32\dllcache\msdtcprx.dll + 2007-05-21 21:10 . 2008-04-14 02:20 315392 c:\windows\system32\dllcache\msdasql.dll + 2004-08-04 07:45 . 2008-04-14 02:20 151552 c:\windows\system32\dllcache\msdart.dll + 2007-05-21 21:10 . 2008-04-14 02:20 118784 c:\windows\system32\dllcache\msdarem.dll + 2007-05-21 21:10 . 2008-04-14 02:20 204800 c:\windows\system32\dllcache\msdaps.dll + 2007-05-21 21:10 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\msdaprst.dll + 2007-05-21 21:10 . 2008-04-14 02:20 233472 c:\windows\system32\dllcache\msdaora.dll + 2004-08-04 07:45 . 2008-04-14 02:20 118784 c:\windows\system32\dllcache\msdadiag.dll + 2004-08-04 07:45 . 2008-04-14 02:20 297984 c:\windows\system32\dllcache\msctf.dll + 2004-08-04 07:45 . 2008-04-14 02:20 220160 c:\windows\system32\dllcache\mscandui.dll + 2007-05-21 21:10 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\msadox.dll + 2007-05-21 21:10 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\msadomd.dll + 2007-05-21 21:10 . 2008-04-14 02:20 536576 c:\windows\system32\dllcache\msado15.dll + 2007-05-21 21:10 . 2008-04-14 02:20 155648 c:\windows\system32\dllcache\msadds.dll + 2007-05-21 21:10 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\msadco.dll + 2004-08-04 06:15 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys - 2008-11-12 02:00 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2004-08-04 06:00 . 2008-04-13 18:32 180608 c:\windows\system32\dllcache\mrxdav.sys + 2004-08-04 07:45 . 2008-04-14 02:20 187392 c:\windows\system32\dllcache\mqtrig.dll + 2004-08-04 07:45 . 2008-04-14 02:21 117248 c:\windows\system32\dllcache\mqtgsvc.exe + 2004-08-04 07:45 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\mqrtdep.dll + 2004-08-04 07:45 . 2008-04-14 02:20 177152 c:\windows\system32\dllcache\mqrt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 663040 c:\windows\system32\dllcache\mqqm.dll + 2004-08-04 07:45 . 2008-04-14 02:20 225280 c:\windows\system32\dllcache\mqoa.dll + 2004-08-04 07:45 . 2008-04-14 02:20 138240 c:\windows\system32\dllcache\mqad.dll + 2007-05-21 21:09 . 2008-04-14 02:20 124416 c:\windows\system32\dllcache\mofd.dll + 2008-04-14 02:20 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\Mmcfxc.dll + 2008-04-14 02:20 . 2008-04-14 02:20 397312 c:\windows\system32\dllcache\mmcex.dll + 2008-04-14 02:20 . 2008-04-14 02:20 184320 c:\windows\system32\dllcache\mmc30.dll + 2004-08-04 07:45 . 2008-04-14 02:20 586240 c:\windows\system32\dllcache\mlang.dll + 2008-04-14 02:21 . 2008-04-14 02:21 241152 c:\windows\system32\dllcache\migwiza.exe + 2004-08-04 07:45 . 2008-04-14 02:21 104448 c:\windows\system32\dllcache\migload.exe + 2008-04-14 02:20 . 2008-04-14 02:20 261120 c:\windows\system32\dllcache\migisma.dll + 2004-08-04 07:45 . 2008-04-14 02:20 274432 c:\windows\system32\dllcache\migism.dll + 2010-05-24 23:01 . 2001-09-06 02:18 320384 c:\windows\system32\dllcache\mgaum.sys + 2010-05-24 23:01 . 2001-09-06 02:49 235648 c:\windows\system32\dllcache\mgaud.dll + 2001-10-28 18:06 . 2008-04-14 02:20 927504 c:\windows\system32\dllcache\mfc40u.dll + 2001-09-05 23:50 . 2001-09-06 02:50 147968 c:\windows\system32\dllcache\mdwmdmsp.dll + 2010-05-24 23:01 . 2001-09-06 02:15 165290 c:\windows\system32\dllcache\mdgndis5.sys + 2010-05-24 23:01 . 2001-08-18 00:28 797500 c:\windows\system32\dllcache\ltsmt.sys + 2010-05-24 23:01 . 2001-08-18 00:28 802683 c:\windows\system32\dllcache\ltsm.sys + 2010-05-24 23:01 . 2008-04-13 22:00 422016 c:\windows\system32\dllcache\ltmdmntt.sys + 2010-05-24 23:01 . 2001-09-06 02:12 577226 c:\windows\system32\dllcache\ltmdmntl.sys + 2010-05-24 23:01 . 2008-04-13 22:00 607196 c:\windows\system32\dllcache\ltmdmnt.sys + 2010-05-24 23:01 . 2001-09-06 02:12 728298 c:\windows\system32\dllcache\ltck000c.sys + 2004-08-04 07:45 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll - 2009-04-18 01:06 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll + 2004-08-04 07:45 . 2008-04-13 22:21 220672 c:\windows\system32\dllcache\logon.scr - 2009-05-07 15:33 . 2009-05-07 15:33 347136 c:\windows\system32\dllcache\localspl.dll + 2004-08-04 07:45 . 2009-05-07 15:33 347136 c:\windows\system32\dllcache\localspl.dll + 2004-08-04 07:45 . 2008-04-14 02:20 100352 c:\windows\system32\dllcache\loadperf.dll + 2004-08-04 07:45 . 2008-04-14 02:20 399872 c:\windows\system32\dllcache\lmrt.dll + 2004-08-04 07:45 . 2008-04-13 22:20 424448 c:\windows\system32\dllcache\licdll.dll + 2007-05-21 21:09 . 2008-04-14 02:21 677888 c:\windows\system32\dllcache\lhmstsc.exe + 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys + 2004-08-03 23:07 . 2008-04-13 18:45 172416 c:\windows\system32\dllcache\kmixer.sys + 2004-08-04 07:45 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll - 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll + 2010-05-24 23:01 . 2008-04-13 22:20 254464 c:\windows\system32\dllcache\kdsusd.dll + 2004-08-04 07:45 . 2009-12-09 05:54 726528 c:\windows\system32\dllcache\jscript.dll - 2008-08-31 09:44 . 2009-12-09 05:54 726528 c:\windows\system32\dllcache\jscript.dll + 2004-08-04 07:45 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\itircl.dll + 2010-05-24 23:00 . 2008-04-13 22:21 152576 c:\windows\system32\dllcache\irftp.exe + 2004-08-04 07:45 . 2008-04-14 02:20 184320 c:\windows\system32\dllcache\ipsecsvc.dll + 2001-10-28 18:06 . 2008-04-14 02:20 177152 c:\windows\system32\dllcache\iprtrmgr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 348160 c:\windows\system32\dllcache\ippromon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 331264 c:\windows\system32\dllcache\ipnathlp.dll + 2004-08-04 06:04 . 2008-04-13 18:57 152832 c:\windows\system32\dllcache\ipnat.sys + 2001-10-28 18:06 . 2008-04-14 02:20 165888 c:\windows\system32\dllcache\ipmontr.dll + 2004-08-04 07:45 . 2008-04-14 02:20 147456 c:\windows\system32\dllcache\initpki.dll + 2008-04-14 02:20 . 2008-04-14 02:20 257024 c:\windows\system32\dllcache\infocomm.dll + 2008-04-14 02:20 . 2008-04-14 02:20 837120 c:\windows\system32\dllcache\inetmgr.dll + 2001-10-28 18:06 . 2001-10-28 18:06 117248 c:\windows\system32\dllcache\inetcplc.dll + 2007-05-21 21:10 . 2010-01-29 15:00 691712 c:\windows\system32\dllcache\inetcomm.dll - 2008-08-14 22:18 . 2010-01-29 15:00 691712 c:\windows\system32\dllcache\inetcomm.dll + 2007-05-21 21:10 . 2008-04-14 02:20 278528 c:\windows\system32\dllcache\inetcfg.dll + 2001-10-28 18:06 . 2008-04-14 02:20 125440 c:\windows\system32\dllcache\imsinsnt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 110080 c:\windows\system32\dllcache\imm32.dll + 2004-08-04 07:45 . 2008-04-14 02:21 150528 c:\windows\system32\dllcache\imapi.exe + 2004-08-04 07:45 . 2008-04-14 02:20 144384 c:\windows\system32\dllcache\imagehlp.dll + 2008-04-14 02:20 . 2008-04-14 02:20 133632 c:\windows\system32\dllcache\iisrtl.dll + 2008-04-14 02:20 . 2008-04-14 02:20 145408 c:\windows\system32\dllcache\iische51.dll + 2004-08-04 07:45 . 2008-04-14 02:20 507392 c:\windows\system32\dllcache\iis.dll + 2004-08-04 07:45 . 2008-04-14 02:20 137728 c:\windows\system32\dllcache\ifmon.dll + 2004-08-04 07:45 . 2008-04-14 02:21 114688 c:\windows\system32\dllcache\iexpress.exe + 2001-10-28 18:06 . 2001-10-28 18:06 237568 c:\windows\system32\dllcache\ieakui.dll + 2004-08-04 07:45 . 2008-04-14 02:20 121344 c:\windows\system32\dllcache\idq.dll + 2007-05-21 21:10 . 2008-04-14 02:20 176128 c:\windows\system32\dllcache\icwhelp.dll + 2007-05-21 21:10 . 2008-04-14 02:21 217600 c:\windows\system32\dllcache\icwconn1.exe + 2010-05-24 23:00 . 2001-09-06 02:50 372824 c:\windows\system32\dllcache\iconf32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 254976 c:\windows\system32\dllcache\icm32.dll + 2010-05-24 23:00 . 2001-08-18 01:06 100992 c:\windows\system32\dllcache\icam5usb.sys + 2010-05-24 23:00 . 2001-08-18 01:06 154496 c:\windows\system32\dllcache\icam4usb.sys + 2010-05-24 23:00 . 2001-08-18 01:05 141056 c:\windows\system32\dllcache\icam3.sys + 2010-05-24 23:00 . 2001-08-17 23:12 109085 c:\windows\system32\dllcache\ibmtrp.sys + 2010-05-24 23:00 . 2001-08-17 23:12 100936 c:\windows\system32\dllcache\ibmtok.sys + 2004-08-04 07:45 . 2008-04-14 02:20 119808 c:\windows\system32\dllcache\iasrad.dll + 2010-05-24 23:00 . 2008-04-13 12:34 161020 c:\windows\system32\dllcache\i81xnt5.sys + 2010-05-24 23:00 . 2008-04-13 22:20 702845 c:\windows\system32\dllcache\i81xdnt5.dll + 2010-05-24 23:00 . 2001-09-06 02:49 353184 c:\windows\system32\dllcache\i740dnt5.dll + 2008-04-14 02:20 . 2008-04-14 02:20 268288 c:\windows\system32\dllcache\httpext.dll - 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys + 2004-08-04 06:00 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys + 2008-08-30 19:21 . 2004-08-04 01:41 685056 c:\windows\system32\dllcache\hsfcxts2.sys + 2008-08-30 19:21 . 2004-08-04 01:41 220032 c:\windows\system32\dllcache\hsfbs2s2.sys + 2010-05-24 22:59 . 2001-08-18 00:28 542879 c:\windows\system32\dllcache\hsf_msft.sys + 2010-05-24 22:59 . 2001-08-18 00:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys + 2010-05-24 22:59 . 2001-08-18 00:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys + 2010-05-24 22:59 . 2001-08-18 00:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys + 2010-05-24 22:59 . 2001-08-18 00:28 289887 c:\windows\system32\dllcache\hsf_fall.sys + 2010-05-24 22:59 . 2001-08-18 00:28 150239 c:\windows\system32\dllcache\hsf_amos.sys + 2010-05-24 22:59 . 2001-09-06 02:50 324608 c:\windows\system32\dllcache\hpojwia.dll + 2010-05-24 22:59 . 2001-09-06 02:50 165888 c:\windows\system32\dllcache\hpgt53.dll + 2010-05-24 22:59 . 2001-09-06 02:50 126976 c:\windows\system32\dllcache\hpgt34tk.dll + 2010-05-24 22:59 . 2001-09-06 02:50 101376 c:\windows\system32\dllcache\hpgt34.dll + 2010-05-24 22:59 . 2001-09-06 02:50 123392 c:\windows\system32\dllcache\hpgt21tk.dll + 2010-05-24 22:59 . 2001-09-06 02:50 119296 c:\windows\system32\dllcache\hpdigwia.dll + 2007-05-21 21:10 . 2008-04-14 02:21 744448 c:\windows\system32\dllcache\helpsvc.exe + 2010-05-24 22:59 . 2001-09-06 02:23 907904 c:\windows\system32\dllcache\hcf_msft.sys + 2004-08-04 07:45 . 2008-04-14 02:20 614912 c:\windows\system32\dllcache\h323msp.dll + 2008-04-14 02:20 . 2008-04-14 02:20 115200 c:\windows\system32\dllcache\guitrna.dll + 2004-08-04 07:45 . 2008-04-14 02:20 134144 c:\windows\system32\dllcache\guitrn.dll + 2004-08-04 07:45 . 2008-04-14 02:21 123392 c:\windows\system32\dllcache\gprslt.exe + 2004-08-04 07:45 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\glu32.dll + 2004-08-04 07:45 . 2008-10-23 12:37 286720 c:\windows\system32\dllcache\gdi32.dll - 2008-10-23 12:37 . 2008-10-23 12:37 286720 c:\windows\system32\dllcache\gdi32.dll + 2010-05-24 22:59 . 2001-09-06 02:21 322560 c:\windows\system32\dllcache\g400m.sys + 2010-05-24 22:59 . 2001-09-06 02:21 320512 c:\windows\system32\dllcache\g200m.sys + 2010-05-24 22:59 . 2001-09-06 02:49 470144 c:\windows\system32\dllcache\g200d.dll + 2010-05-24 22:59 . 2001-08-17 23:15 454912 c:\windows\system32\dllcache\fxusbase.sys + 2008-04-14 02:20 . 2008-04-14 02:20 400896 c:\windows\system32\dllcache\fxsxp32.dll + 2008-04-14 02:20 . 2008-04-14 02:20 195072 c:\windows\system32\dllcache\fxswzrd.dll + 2008-04-14 02:20 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\fxsui.dll + 2008-04-14 02:20 . 2008-04-14 02:20 397312 c:\windows\system32\dllcache\fxstiff.dll + 2008-04-14 02:20 . 2008-04-14 02:20 246272 c:\windows\system32\dllcache\fxst30.dll + 2008-04-14 02:21 . 2008-04-14 02:21 268288 c:\windows\system32\dllcache\fxssvc.exe + 2008-04-14 02:20 . 2008-04-14 02:20 562688 c:\windows\system32\dllcache\fxsst.dll + 2004-08-04 07:45 . 2008-04-14 02:20 132608 c:\windows\system32\dllcache\fxsocm.dll + 2008-04-14 02:20 . 2008-04-14 02:20 234496 c:\windows\system32\dllcache\fxscover.exe + 2008-04-14 02:20 . 2008-04-14 02:20 285184 c:\windows\system32\dllcache\fxscomex.dll + 2008-04-14 02:20 . 2008-04-14 02:20 142848 c:\windows\system32\dllcache\fxsclnt.exe + 2008-04-14 02:20 . 2008-04-14 02:20 451584 c:\windows\system32\dllcache\fxsapi.dll + 2010-05-24 22:59 . 2001-08-17 23:15 455296 c:\windows\system32\dllcache\fusbbase.sys + 2010-05-24 22:59 . 2001-08-17 23:15 455680 c:\windows\system32\dllcache\fus2base.sys + 2008-04-14 02:20 . 2008-04-14 02:20 127488 c:\windows\system32\dllcache\ftpsv251.dll + 2001-10-28 18:06 . 2001-10-28 18:06 125824 c:\windows\system32\dllcache\ftdisk.sys + 2004-08-04 07:45 . 2008-04-14 02:20 193024 c:\windows\system32\dllcache\fsquirt.exe + 2007-05-21 21:09 . 2008-04-14 02:20 185344 c:\windows\system32\dllcache\framedyn.dll + 2010-05-24 22:59 . 2001-08-17 23:15 442240 c:\windows\system32\dllcache\fpnpbase.sys + 2007-05-21 21:12 . 2008-04-14 02:20 598071 c:\windows\system32\dllcache\fpmmc.dll + 2007-05-21 21:12 . 2008-04-14 02:20 188494 c:\windows\system32\dllcache\fpcount.exe + 2010-05-24 22:59 . 2001-08-17 23:14 441728 c:\windows\system32\dllcache\fpcmbase.sys + 2010-05-24 22:59 . 2001-08-17 23:14 444416 c:\windows\system32\dllcache\fpcibase.sys + 2007-05-21 21:12 . 2008-04-14 02:20 109840 c:\windows\system32\dllcache\fp98swin.exe + 2007-05-21 21:12 . 2008-04-14 02:20 876653 c:\windows\system32\dllcache\fp4awel.dll + 2007-05-21 21:12 . 2008-04-14 02:20 618605 c:\windows\system32\dllcache\fp4autl.dll + 2007-05-21 21:12 . 2008-04-14 02:20 102509 c:\windows\system32\dllcache\fp4atxt.dll + 2007-05-21 21:12 . 2008-04-14 02:20 147513 c:\windows\system32\dllcache\fp4apws.dll + 2007-05-21 21:12 . 2008-04-14 02:20 184435 c:\windows\system32\dllcache\fp4amsft.dll + 2007-05-21 21:10 . 2008-04-13 18:32 129792 c:\windows\system32\dllcache\fltmgr.sys - 2009-04-18 01:06 . 2009-02-09 10:53 473600 c:\windows\system32\dllcache\fastprox.dll + 2007-05-21 21:09 . 2009-02-09 10:53 473600 c:\windows\system32\dllcache\fastprox.dll + 2004-08-04 06:14 . 2008-04-13 19:14 143744 c:\windows\system32\dllcache\fastfat.sys + 2001-10-28 18:06 . 2008-04-14 02:20 125952 c:\windows\system32\dllcache\exts.dll + 2004-08-04 07:45 . 2008-04-14 02:20 380445 c:\windows\system32\dllcache\expsrv.dll + 2007-06-15 08:04 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\evntagnt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 194560 c:\windows\system32\dllcache\eudcedit.exe + 2010-05-24 22:58 . 2008-04-13 12:36 137088 c:\windows\system32\dllcache\essm2e.sys + 2007-05-21 21:09 . 2008-04-14 02:20 247808 c:\windows\system32\dllcache\esscli.dll + 2010-05-24 22:58 . 2001-09-06 02:17 347966 c:\windows\system32\dllcache\es56tpi.sys + 2010-05-24 22:58 . 2001-09-06 02:17 594654 c:\windows\system32\dllcache\es56hpi.sys + 2010-05-24 22:58 . 2001-09-06 02:17 596095 c:\windows\system32\dllcache\es56cvmp.sys + 2010-05-24 22:58 . 2001-08-17 23:19 174464 c:\windows\system32\dllcache\es198x.sys + 2004-08-04 07:45 . 2008-07-07 20:28 253952 c:\windows\system32\dllcache\es.dll - 2008-07-07 20:28 . 2008-07-07 20:28 253952 c:\windows\system32\dllcache\es.dll + 2007-05-21 17:18 . 2001-10-28 18:06 103424 c:\windows\system32\dllcache\eqnclass.dll + 2010-05-24 22:58 . 2001-09-06 02:17 629952 c:\windows\system32\dllcache\eqn.sys + 2010-05-24 22:58 . 2001-08-18 00:50 114944 c:\windows\system32\dllcache\epstw2k.sys + 2010-05-24 22:58 . 2001-08-18 00:50 144896 c:\windows\system32\dllcache\epcfw2k.sys + 2004-08-04 07:45 . 2008-04-14 02:20 186880 c:\windows\system32\dllcache\encdec.dll + 2010-05-24 22:58 . 2001-08-17 23:19 283904 c:\windows\system32\dllcache\emu10k1m.sys + 2010-05-24 22:58 . 2001-09-06 02:11 173056 c:\windows\system32\dllcache\el99xn51.sys + 2010-05-24 22:58 . 2001-09-06 02:11 455711 c:\windows\system32\dllcache\el985n51.sys + 2010-05-24 22:58 . 2001-09-06 02:11 153631 c:\windows\system32\dllcache\el90xnd5.sys + 2010-05-24 22:58 . 2001-09-06 02:11 241238 c:\windows\system32\dllcache\el656se5.sys + 2010-05-24 22:58 . 2001-09-06 02:11 634166 c:\windows\system32\dllcache\el656ct5.sys + 2008-04-14 02:20 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\eapphost.dll + 2008-04-14 02:20 . 2008-04-14 02:20 126976 c:\windows\system32\dllcache\eappcfg.dll + 2008-04-14 02:20 . 2008-04-14 02:20 184832 c:\windows\system32\dllcache\eapp3hst.dll + 2007-05-21 22:35 . 2006-01-12 08:27 163328 c:\windows\system32\dllcache\e100b325.sys + 2004-08-04 07:45 . 2008-04-14 02:20 619008 c:\windows\system32\dllcache\dx7vb.dll + 2004-08-04 07:45 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\dwwin.exe + 2004-08-04 07:45 . 2008-04-14 02:20 304128 c:\windows\system32\dllcache\duser.dll + 2004-08-04 05:31 . 2008-04-13 17:37 138752 c:\windows\system32\dllcache\dssenh.dll + 2004-08-04 07:45 . 2008-04-14 02:20 367616 c:\windows\system32\dllcache\dsound.dll + 2001-10-28 18:06 . 2008-04-14 02:20 158208 c:\windows\system32\dllcache\dskquoui.dll + 2004-08-04 07:45 . 2008-04-14 02:20 181248 c:\windows\system32\dllcache\dsdmo.dll + 2010-05-24 22:58 . 2001-08-17 23:20 334208 c:\windows\system32\dllcache\ds1wdm.sys + 2004-08-04 07:45 . 2008-04-14 02:20 116736 c:\windows\system32\dllcache\dpvvox.dll + 2004-08-04 07:45 . 2008-04-14 02:20 375296 c:\windows\system32\dllcache\dpnet.dll + 2004-08-04 07:45 . 2008-04-14 02:20 229888 c:\windows\system32\dllcache\dplayx.dll + 2004-08-04 07:44 . 2008-04-14 02:19 102912 c:\windows\system32\dllcache\dpcdll.dll - 2009-09-01 02:01 . 2008-04-13 22:19 102912 c:\windows\system32\dllcache\dpcdll.dll + 2010-05-24 22:58 . 2008-04-13 14:39 206976 c:\windows\system32\dllcache\dot4.sys + 2008-04-14 02:20 . 2008-04-14 02:20 651264 c:\windows\system32\dllcache\dot3ui.dll + 2008-04-14 02:20 . 2008-04-14 02:20 133120 c:\windows\system32\dllcache\dot3svc.dll + 2004-08-04 07:45 . 2008-06-20 17:48 147968 c:\windows\system32\dllcache\dnsapi.dll - 2008-06-20 17:48 . 2008-06-20 17:48 147968 c:\windows\system32\dllcache\dnsapi.dll + 2004-08-04 07:45 . 2008-04-14 02:20 104448 c:\windows\system32\dllcache\dmusic.dll + 2004-08-04 07:45 . 2008-04-14 02:20 103424 c:\windows\system32\dllcache\dmsynth.dll + 2004-08-04 07:45 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\dmstyle.dll + 2004-08-04 07:39 . 2008-04-14 01:59 153984 c:\windows\system32\dllcache\dmio.sys + 2004-08-04 07:45 . 2008-04-14 02:20 181248 c:\windows\system32\dllcache\dmime.dll - 2009-10-17 10:23 . 2004-07-09 07:27 181248 c:\windows\system32\dllcache\dmime.dll + 2001-10-28 18:06 . 2001-10-28 18:06 127488 c:\windows\system32\dllcache\dmdskres.dll + 2004-08-04 07:45 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\dmdskmgr.dll + 2004-08-04 07:39 . 2008-04-14 01:59 800000 c:\windows\system32\dllcache\dmboot.sys + 2004-08-04 07:45 . 2008-04-14 02:20 225280 c:\windows\system32\dllcache\dmadmin.exe + 2010-05-24 22:58 . 2001-08-17 23:14 952007 c:\windows\system32\dllcache\diwan.sys + 2010-05-24 22:58 . 2001-09-06 02:50 236060 c:\windows\system32\dllcache\ditrace.exe + 2004-08-04 07:45 . 2008-04-14 02:20 165376 c:\windows\system32\dllcache\diskpart.exe + 2004-08-04 07:45 . 2008-04-14 02:20 189952 c:\windows\system32\dllcache\dinput8.dll + 2004-08-04 07:45 . 2008-04-14 02:20 166912 c:\windows\system32\dllcache\dinput.dll + 2010-05-24 22:58 . 2001-09-06 02:50 622621 c:\windows\system32\dllcache\digiview.exe + 2010-05-24 22:58 . 2001-09-06 02:50 110621 c:\windows\system32\dllcache\digirlpt.dll + 2010-05-24 22:58 . 2001-09-06 02:50 102484 c:\windows\system32\dllcache\digiinf.dll + 2010-05-24 22:58 . 2001-09-06 02:50 159828 c:\windows\system32\dllcache\digihlc.dll + 2010-05-24 22:58 . 2001-09-06 02:50 229462 c:\windows\system32\dllcache\digifwrk.dll + 2010-05-24 22:58 . 2001-09-06 02:04 103428 c:\windows\system32\dllcache\digidxb.sys + 2010-05-24 22:58 . 2001-09-06 02:50 131156 c:\windows\system32\dllcache\digidbp.dll + 2010-05-24 22:57 . 2001-08-17 23:13 164923 c:\windows\system32\dllcache\diapi2.sys + 2007-05-21 21:09 . 2008-04-14 02:20 545280 c:\windows\system32\dllcache\dialer.exe + 2001-10-28 18:06 . 2008-04-14 02:20 400896 c:\windows\system32\dllcache\dhcpmon.dll + 2004-08-04 07:45 . 2008-04-14 02:20 126976 c:\windows\system32\dllcache\dhcpcsvc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 113152 c:\windows\system32\dllcache\dgnet.dll + 2010-05-24 22:58 . 2001-09-06 02:50 421405 c:\windows\system32\dllcache\dgconfig.dll + 2004-08-04 07:45 . 2008-04-14 02:20 105472 c:\windows\system32\dllcache\dfrgntfs.exe + 2010-05-24 22:58 . 2001-09-06 02:50 256512 c:\windows\system32\dllcache\devcon32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 279552 c:\windows\system32\dllcache\ddraw.dll + 2010-05-24 22:58 . 2001-09-06 02:50 111104 c:\windows\system32\dllcache\dc260usd.dll + 2004-08-04 07:45 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\dbnetlib.dll + 2004-08-04 07:45 . 2008-04-14 02:20 640000 c:\windows\system32\dllcache\dbghelp.dll + 2001-10-28 18:06 . 2008-04-14 02:20 165376 c:\windows\system32\dllcache\datime.dll + 2010-05-24 22:58 . 2001-08-18 00:52 179584 c:\windows\system32\dllcache\dac2w2k.sys + 2004-08-04 07:45 . 2008-04-14 02:20 824320 c:\windows\system32\dllcache\d3dim700.dll + 2010-05-24 22:58 . 2001-09-06 02:25 117760 c:\windows\system32\dllcache\d100ib5.sys + 2010-05-24 22:57 . 2001-08-17 23:19 111872 c:\windows\system32\dllcache\cwcspud.sys + 2010-05-24 22:57 . 2008-04-13 22:20 251904 c:\windows\system32\dllcache\ctmasetp.dll + 2010-05-24 22:57 . 2001-09-06 02:50 175104 c:\windows\system32\dllcache\csamsp.dll + 2004-08-04 07:45 . 2008-04-14 02:20 605184 c:\windows\system32\dllcache\crypt32.dll + 2010-05-24 22:57 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\cpscan.dll + 2001-10-28 18:06 . 2008-04-14 02:20 358400 c:\windows\system32\dllcache\confmsp.dll + 2007-05-21 21:09 . 2008-04-14 02:20 539648 c:\windows\system32\dllcache\comuid.dll + 2007-05-21 21:09 . 2008-04-14 02:20 167424 c:\windows\system32\dllcache\comsnap.dll + 2001-10-28 18:06 . 2008-04-14 02:20 274944 c:\windows\system32\dllcache\comsetup.dll + 2007-05-21 21:09 . 2008-04-14 02:20 195072 c:\windows\system32\dllcache\comadmin.dll + 2007-05-21 21:09 . 2008-04-14 02:20 498688 c:\windows\system32\dllcache\clbcatq.dll + 2007-05-21 21:09 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\clbcatex.dll + 2010-05-24 22:57 . 2001-08-18 00:57 248064 c:\windows\system32\dllcache\cl546xm.sys + 2010-05-24 22:57 . 2001-09-06 02:49 170880 c:\windows\system32\dllcache\cl546x.dll + 2010-05-24 22:57 . 2001-09-06 02:49 111232 c:\windows\system32\dllcache\cl5465.dll + 2001-09-05 23:17 . 2001-10-28 18:06 262528 c:\windows\system32\dllcache\cinemst2.sys + 2010-05-24 22:57 . 2001-09-06 02:17 272640 c:\windows\system32\dllcache\cinemclc.sys + 2010-05-24 22:57 . 2001-09-06 02:17 980034 c:\windows\system32\dllcache\cicap.sys + 2001-10-28 18:06 . 2008-04-14 02:20 148480 c:\windows\system32\dllcache\cic.dll + 2001-10-28 18:06 . 2001-10-28 18:06 164864 c:\windows\system32\dllcache\ciadmin.dll + 2007-05-21 21:12 . 2008-04-14 02:20 188480 c:\windows\system32\dllcache\cfgwiz.exe + 2004-08-04 07:45 . 2008-04-14 02:20 199680 c:\windows\system32\dllcache\certcli.dll + 2010-05-24 22:57 . 2001-09-06 02:15 715210 c:\windows\system32\dllcache\cbmdmkxx.sys + 2007-05-21 21:09 . 2008-04-14 02:20 625664 c:\windows\system32\dllcache\catsrvut.dll + 2007-05-21 21:09 . 2008-04-14 02:20 226304 c:\windows\system32\dllcache\catsrv.dll + 2001-10-28 18:06 . 2001-10-28 18:06 359936 c:\windows\system32\dllcache\cards.dll + 2010-05-24 22:57 . 2008-04-13 22:20 121856 c:\windows\system32\dllcache\camext30.dll + 2010-05-24 22:57 . 2001-09-06 02:50 236032 c:\windows\system32\dllcache\camext20.dll + 2010-05-24 22:57 . 2001-08-18 01:04 171264 c:\windows\system32\dllcache\camdrv30.sys + 2010-05-24 22:57 . 2001-08-18 01:04 223232 c:\windows\system32\dllcache\camdrv21.sys + 2010-05-24 22:57 . 2001-08-18 01:05 314752 c:\windows\system32\dllcache\camdro21.sys + 2007-05-21 21:10 . 2008-04-14 02:20 385024 c:\windows\system32\dllcache\callcont.dll + 2007-05-21 21:09 . 2001-10-28 18:06 115200 c:\windows\system32\dllcache\calc.exe + 2008-04-14 02:20 . 2008-04-14 02:20 218112 c:\windows\system32\dllcache\c_g18030.dll + 2008-04-13 18:51 . 2008-04-13 18:51 101120 c:\windows\system32\dllcache\bthpan.sys + 2001-10-28 18:06 . 2008-04-14 02:20 153600 c:\windows\system32\dllcache\bootcfg.exe + 2010-05-24 22:56 . 2001-09-06 02:50 102912 c:\windows\system32\dllcache\binlsvc.dll + 2010-05-24 22:56 . 2001-08-18 00:28 871388 c:\windows\system32\dllcache\bcmdm.sys + 2010-05-24 22:56 . 2001-09-06 02:49 342336 c:\windows\system32\dllcache\banshee.dll + 2008-04-14 02:20 . 2008-04-14 02:20 233472 c:\windows\system32\dllcache\azroles.dll + 2007-05-21 21:09 . 2001-10-28 18:06 231424 c:\windows\system32\dllcache\avtapi.dll + 2010-05-24 22:56 . 2001-09-06 02:50 144384 c:\windows\system32\dllcache\avmenum.dll + 2004-08-04 07:45 . 2008-04-14 02:20 608768 c:\windows\system32\dllcache\autofmt.exe + 2004-08-04 07:45 . 2008-04-14 02:20 630784 c:\windows\system32\dllcache\autoconv.exe + 2004-08-04 07:45 . 2008-04-14 02:20 616960 c:\windows\system32\dllcache\autochk.exe + 2004-08-04 07:44 . 2008-04-14 02:18 285696 c:\windows\system32\dllcache\atmfd.dll + 2008-04-14 02:20 . 2008-04-14 02:20 516768 c:\windows\system32\dllcache\ativvaxx.dll + 2010-05-24 22:56 . 2001-09-06 02:49 104832 c:\windows\system32\dllcache\atiraged.dll + 2008-08-30 19:20 . 2004-08-04 01:29 104960 c:\windows\system32\dllcache\atinrvxx.sys + 2010-05-24 22:56 . 2001-09-06 02:08 281600 c:\windows\system32\dllcache\atimtai.sys + 2010-05-24 22:56 . 2001-09-06 02:08 289792 c:\windows\system32\dllcache\atimpab.sys + 2010-05-24 22:56 . 2001-09-06 02:49 268160 c:\windows\system32\dllcache\atidvai.dll + 2010-05-24 22:56 . 2001-09-06 02:49 137216 c:\windows\system32\dllcache\atidrae.dll + 2010-05-24 22:56 . 2001-09-06 02:49 382592 c:\windows\system32\dllcache\atidrab.dll + 2008-04-14 02:20 . 2008-04-14 02:20 870784 c:\windows\system32\dllcache\ati3d1ag.dll + 2008-08-30 19:20 . 2004-08-04 03:36 701440 c:\windows\system32\dllcache\ati2mtag.sys + 2008-08-30 19:20 . 2004-08-04 03:36 327040 c:\windows\system32\dllcache\ati2mtaa.sys + 2008-04-14 02:20 . 2008-04-14 02:20 201728 c:\windows\system32\dllcache\ati2dvag.dll + 2008-04-14 02:20 . 2008-04-14 02:20 377984 c:\windows\system32\dllcache\ati2dvaa.dll + 2008-04-14 02:20 . 2008-04-14 02:20 229376 c:\windows\system32\dllcache\ati2cqag.dll + 2008-04-14 02:20 . 2008-04-14 02:20 374784 c:\windows\system32\dllcache\asp51.dll + 2008-04-14 02:20 . 2008-04-14 02:20 332800 c:\windows\system32\dllcache\aqueue.dll + 2004-08-04 07:45 . 2008-04-14 02:20 172032 c:\windows\system32\dllcache\appmgmts.dll + 2004-08-04 07:45 . 2008-04-14 02:20 125952 c:\windows\system32\dllcache\apphelp.dll + 2008-04-14 02:20 . 2008-04-14 02:20 109568 c:\windows\system32\dllcache\appconf.dll + 2004-08-04 07:45 . 2008-04-14 02:20 256512 c:\windows\system32\dllcache\agentsvr.exe + 2004-08-04 07:45 . 2008-04-14 02:20 214016 c:\windows\system32\dllcache\agentctl.dll - 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys + 2004-08-04 06:14 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys + 2004-08-03 22:39 . 2008-04-13 16:39 142592 c:\windows\system32\dllcache\aec.sys + 2004-08-04 07:45 . 2009-02-09 10:53 683520 c:\windows\system32\dllcache\advapi32.dll - 2009-04-18 01:06 . 2009-02-09 10:53 683520 c:\windows\system32\dllcache\advapi32.dll + 2001-10-28 18:06 . 2008-04-14 02:20 123392 c:\windows\system32\dllcache\adsnw.dll + 2004-08-04 07:45 . 2008-04-14 02:20 263680 c:\windows\system32\dllcache\adsnt.dll + 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\adsldpc.dll + 2004-08-04 07:45 . 2008-04-14 02:20 175616 c:\windows\system32\dllcache\adsldp.dll + 2008-04-14 02:20 . 2008-04-14 02:20 290816 c:\windows\system32\dllcache\adsiis51.dll + 2010-05-24 22:56 . 2001-08-18 01:07 101888 c:\windows\system32\dllcache\adpu160m.sys + 2010-05-24 22:56 . 2001-08-17 23:19 747392 c:\windows\system32\dllcache\adm8830.sys + 2010-05-24 22:56 . 2001-08-17 23:19 553984 c:\windows\system32\dllcache\adm8820.sys + 2010-05-24 22:56 . 2001-08-17 23:19 584448 c:\windows\system32\dllcache\adm8810.sys + 2004-08-04 07:45 . 2008-04-14 02:20 116224 c:\windows\system32\dllcache\acxtrnal.dll + 2004-08-04 07:45 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\activeds.dll + 2004-08-04 07:45 . 2008-04-14 02:20 245248 c:\windows\system32\dllcache\acspecfc.dll + 2004-08-04 07:35 . 2008-04-14 01:50 188416 c:\windows\system32\dllcache\acpi.sys + 2004-08-04 07:45 . 2008-04-14 02:20 116736 c:\windows\system32\dllcache\aclui.dll + 2004-08-04 07:45 . 2008-04-14 02:20 141312 c:\windows\system32\dllcache\aclua.dll - 2010-01-13 11:42 . 2009-11-21 15:58 471552 c:\windows\system32\dllcache\aclayers.dll + 2004-08-04 07:45 . 2009-11-21 15:58 471552 c:\windows\system32\dllcache\aclayers.dll + 2010-05-24 22:55 . 2001-08-17 23:20 297728 c:\windows\system32\dllcache\ac97sis.sys + 2010-05-24 22:55 . 2008-04-13 12:36 231552 c:\windows\system32\dllcache\ac97ali.sys + 2008-04-14 02:20 . 2008-04-14 02:20 136192 c:\windows\system32\dllcache\aaclient.dll + 2010-05-24 22:55 . 2001-09-06 02:50 462848 c:\windows\system32\dllcache\a3dapi.dll + 2004-08-04 07:45 . 2010-02-12 04:34 100864 c:\windows\system32\dllcache\6to4svc.dll - 2010-02-12 04:34 . 2010-02-12 04:34 100864 c:\windows\system32\dllcache\6to4svc.dll + 2010-05-24 22:55 . 2001-08-17 23:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys + 2010-05-24 22:55 . 2001-09-06 02:49 689216 c:\windows\system32\dllcache\3dfxvs.dll + 2010-05-24 22:55 . 2001-08-18 00:28 762780 c:\windows\system32\dllcache\3cwmcru.sys + 2001-10-28 18:06 . 2001-10-28 18:06 164864 c:\windows\system32\ciadmin.dll + 2001-10-28 18:06 . 2001-10-28 18:06 359936 c:\windows\system32\cards.dll + 2007-05-21 21:09 . 2001-10-28 18:06 115200 c:\windows\system32\calc.exe + 2007-05-21 21:09 . 2001-10-28 18:06 231424 c:\windows\system32\avtapi.dll + 2010-05-25 22:10 . 2010-05-25 22:10 119296 c:\windows\Installer\8a352.msi + 2004-08-04 07:45 . 2008-04-13 18:35 2945536 c:\windows\system32\xpsp2res.dll + 2010-05-26 00:17 . 2006-05-26 14:59 1177032 c:\windows\system32\ReinstallBackups\0022\DriverFiles\sthda.sys + 2007-05-21 21:10 . 2008-04-14 02:20 4274176 c:\windows\system32\dllcache\wmm2res.dll - 2008-10-16 22:18 . 2009-08-14 15:15 1850752 c:\windows\system32\dllcache\win32k.sys + 2004-08-04 07:38 . 2009-08-14 15:15 1850752 c:\windows\system32\dllcache\win32k.sys + 2004-08-04 07:45 . 2008-04-13 18:35 2945536 c:\windows\system32\dllcache\sprt0416.dll + 2008-04-14 02:20 . 2008-04-14 02:20 2134528 c:\windows\system32\dllcache\smtpsnap.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1571840 c:\windows\system32\dllcache\sfcfiles.dll - 2009-07-17 16:17 . 2009-07-17 16:17 1439744 c:\windows\system32\dllcache\query.dll + 2004-08-04 07:45 . 2009-07-17 16:17 1439744 c:\windows\system32\dllcache\query.dll + 2004-08-04 07:45 . 2009-11-27 17:13 1296384 c:\windows\system32\dllcache\quartz.dll - 2008-05-07 05:11 . 2009-11-27 17:13 1296384 c:\windows\system32\dllcache\quartz.dll + 2007-01-24 01:39 . 2009-07-14 18:54 5842816 c:\windows\system32\dllcache\nv4_disp.dll + 2004-08-04 07:40 . 2010-02-16 19:07 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe - 2008-10-16 22:10 . 2010-02-16 19:07 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-04-14 02:20 . 2008-04-14 02:20 1737856 c:\windows\system32\dllcache\mtxparhd.dll + 2008-08-30 19:21 . 2004-08-04 01:41 1309184 c:\windows\system32\dllcache\mtlstrm.sys + 2004-08-04 07:45 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll - 2008-11-12 01:59 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1433600 c:\windows\system32\dllcache\msvidctl.dll + 2007-05-21 21:10 . 2010-01-29 15:00 1315328 c:\windows\system32\dllcache\msoe.dll - 2009-09-01 01:32 . 2010-01-29 15:00 1315328 c:\windows\system32\dllcache\msoe.dll + 2007-05-21 21:10 . 2008-04-14 02:20 3166208 c:\windows\system32\dllcache\msgr3en.dll - 2010-03-11 20:07 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe + 2007-05-21 21:10 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe + 2004-08-04 07:45 . 2008-04-14 02:20 1028096 c:\windows\system32\dllcache\mfc42.dll + 2007-05-21 21:09 . 2009-06-10 12:21 2066432 c:\windows\system32\dllcache\lhmstscx.dll + 2004-08-04 07:45 . 2009-03-21 14:08 1028608 c:\windows\system32\dllcache\kernel32.dll - 2009-03-21 14:08 . 2009-03-21 14:08 1028608 c:\windows\system32\dllcache\kernel32.dll + 2008-08-30 19:21 . 2004-08-04 01:41 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys + 2010-05-24 22:59 . 2001-09-06 02:49 1733120 c:\windows\system32\dllcache\g400d.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1092096 c:\windows\system32\dllcache\esent.dll + 2004-08-04 07:45 . 2008-04-14 02:20 2113536 c:\windows\system32\dllcache\dxdiagn.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1298432 c:\windows\system32\dllcache\dxdiag.exe + 2004-08-04 07:45 . 2008-04-14 02:20 1227264 c:\windows\system32\dllcache\dx8vb.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1293824 c:\windows\system32\dllcache\dsound3d.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1055744 c:\windows\system32\dllcache\danim.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1689088 c:\windows\system32\dllcache\d3d9.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1179648 c:\windows\system32\dllcache\d3d8.dll + 2007-05-21 21:10 . 2008-04-14 02:20 1040384 c:\windows\system32\dllcache\conf.exe + 2007-05-21 21:09 . 2008-04-14 02:20 1267200 c:\windows\system32\dllcache\comsvcs.dll + 2007-05-21 21:09 . 2008-04-14 02:20 1359360 c:\windows\system32\dllcache\cimwin32.dll + 2004-08-04 07:45 . 2008-04-14 02:20 2091520 c:\windows\system32\dllcache\cdosys.dll + 2008-04-14 02:20 . 2008-04-14 02:20 1888992 c:\windows\system32\dllcache\ati3duag.dll + 2004-08-04 07:45 . 2008-04-14 02:20 1852928 c:\windows\system32\dllcache\acgenral.dll. -- Snapshot resetado para data atual -- . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 40448] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328] "nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464] "OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032] "avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792] "AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576] "SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 1 (0x1) "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk] backup=c:\windows\pss\Orbit.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk] backup=c:\windows\pss\hamachi.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk] backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3] 2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:20 40448 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate] 2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"= "c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms\\NMService.exe"= "c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"= "c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"= "c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Arquivos de programas\\iTunes\\iTunes.exe"= "c:\\Arquivos de programas\\Megacubo\\megacubo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "56458:TCP"= 56458:TCP:Pando Media Booster "56458:UDP"= 56458:UDP:Pando Media Booster "56911:TCP"= 56911:TCP:Pando Media Booster "56911:UDP"= 56911:UDP:Pando Media Booster R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296] R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384] R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232] S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104] S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?] S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074] S3 GarenaPEngine;GarenaPEngine; [x] S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908] S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584] S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976] S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464] S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480] S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?] S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064] S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088] . Conteúdo da pasta 'Tarefas Agendadas' 2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34] 2010-05-26 c:\windows\Tasks\AWC AutoSweep.job - c:\arquivos de programas\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-09-02 17:11] 2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-03 12:41] 2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-03 12:41] 2010-05-26 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] . . ------- Scan Suplementar ------- . mWindow Title = uInternet Settings,ProxyOverride = local IE: &Clean Traces IE: &Download with &DAP IE: Download &all with DAP IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p= FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 9666 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 9050 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 9666 FF - prefs.js: network.proxy.type - 1 FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 10:51 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys splu.sys >>UNKNOWN [0x8A62D938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28 \Driver\ACPI -> ACPI.sys @ 0xb7e67cb8 \Driver\atapi -> atapi.sys @ 0xb7dfcb40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: Intel® PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb7ccfbb0 PacketIndicateHandler -> NDIS.sys @ 0xb7cdca21 SendHandler -> NDIS.sys @ 0xb7cba87b user & kernel MBR OK copy of MBR has been found in sector 1 ! ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar0] "BarID"=dword:0000e81b "Bars"=dword:00000003 "Bar#0"=dword:00000000 "Bar#1"=dword:0000e800 "Bar#2"=dword:00000000 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar1] "BarID"=dword:0000e81c "Bars"=dword:00000004 "Bar#0"=dword:00000000 "Bar#1"=dword:0000e807 "Bar#2"=dword:0000e806 "Bar#3"=dword:00000000 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar2] "BarID"=dword:0000e800 "XPos"=dword:fffffffe "YPos"=dword:fffffffe "Docking"=dword:00000001 "MRUDockID"=dword:00000000 "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:fffffffe "MRUDockRightPos"=dword:000001f5 "MRUDockBottomPos"=dword:00000036 "MRUFloatStyle"=dword:00002000 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar3] "BarID"=dword:0000e806 "XPos"=dword:fffffffe "YPos"=dword:00000141 "Docking"=dword:00000001 "MRUDockID"=dword:0000e81c "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:00000141 "MRUDockRightPos"=dword:000000c6 "MRUDockBottomPos"=dword:00000287 "MRUFloatStyle"=dword:00002004 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar4] "BarID"=dword:0000e807 "XPos"=dword:fffffffe "YPos"=dword:fffffffe "Docking"=dword:00000001 "MRUDockID"=dword:00000000 "MRUDockLeftPos"=dword:fffffffe "MRUDockTopPos"=dword:fffffffe "MRUDockRightPos"=dword:000000c6 "MRUDockBottomPos"=dword:00000143 "MRUFloatStyle"=dword:00002004 "MRUFloatXPos"=dword:80000000 "MRUFloatYPos"=dword:cdcdcdcd [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Summary] "Bars"=dword:00000005 "ScreenCX"=dword:00000400 "ScreenCY"=dword:00000300 [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Settings] "FirstRun"=dword:00000000 "xScreen"=dword:00000400 "yScreen"=dword:000002c4 "floats"="1.000000 0.500000 0.500000 120 120" "skin"="ISR_10Moons.dll" [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\WNDSTATUS] "FLAG"=dword:00000000 "SHOWCMD"=dword:00000001 "LEFT"=dword:fffffffc "TOP"=dword:fffffffc "RIGHT"=dword:00000404 "BOTTOM"=dword:000002e2 . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(992) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1056) c:\windows\system32\setupapi.dll - - - - - - - > 'explorer.exe'(3888) c:\windows\system32\WININET.dll c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\arquivos de programas\Scpad\scpLIB.dll c:\arquivos de programas\Scpad\scpMIB.dll c:\arquivos de programas\Scpad\sshib.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll . ------------------------ Outros Processos em Execução ------------------------ . c:\windows\system32\nvsvc32.exe c:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\arquivos de programas\Intel\IDU\awServ.exe c:\arquivos de programas\Java\jre6\bin\jqs.exe c:\arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\System32\snmp.exe c:\arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe c:\windows\system32\RUNDLL32.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\windows\sttray.exe c:\arquivos de programas\iPod\bin\iPodService.exe . ************************************************************************** . Tempo para conclusão: 2010-05-26 10:56:22 - Máquina reiniciou ComboFix-quarantined-files.txt 2010-05-26 13:56 ComboFix2.txt 2010-05-24 14:59 Pré-execução: 51 pasta(s) 46.503.624.704 bytes disponíveis Pós execução: 52 pasta(s) 46.453.555.200 bytes disponíveis Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - DAACA6196994D2192F740EDD89E2E134 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:59:05, on 26/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Intel\IDU\awServ.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Intel\IDU\iptray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\WINDOWS\sttray.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Google\Chrome\Application\chrome.exe C:\Hijack\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe" O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe -- End of file - 10804 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Maio 27, 2010 Bom Dia! .matiello <!> Seu sistema continua comprometido/fragilizado,com esses arquivos não-validados pela Microsoft. Vamos tentar uma correção e,caso não funcione,pense seriamente na formatação do PC e aquisição de mídia original ao reinstalar o Windows-XP. <!> Ps: Siga,na ordem,estas orientações! 000000000000000000000000 oooooooooooooooooooooooo <@> Baixe: < TS.zip > <@> Salve-o em C:\ --> c:\ts.zip <-- Caminho! <@> Ps: Deixe-o reservado,para posterior utilização. 000000000000000000000000 oooooooooooooooooooooooo <@> Baixe: < Dial-a-fix > <@> Tire-o do zip! <@> Clique em Policies... <@> Ps: Encontrando políticas restritivas,pode removê-las deixando o campo vazio. <@> À seguir,clique em "Tools". ( Ícone do martelo ) <@> Clique simples,em SFC purge --> Clique em "GO" --> Aguarde! <@> Ao concluir,saia/feche da ferramenta! 000000000000000000000000 oooooooooooooooooooooooo <@> Baixe: < mbr.exe v.0.3.7 > ( by Gmer ) <@> Salve-o em C:\ ou C:\Documents and Settings\[userName]\,dando preferência ao diretório em que abre o prompt de comando. <@> Vá em Iniciar --> Executar --> Digite: cmd --> OK. <@> No prompt,digite: cd \ --> Aperte Enter. <@> Digite: C:\>mbr.exe -f ou C:\Documents and Settings\[userName]\>mbr.exe -f <@> Aperte Enter. <@> Ps: Uma outra opção seria baixar mbr.exe,para o seu desktop. <@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\mbr.exe" -f <@> Clique OK. <@> Poste: C:\mbr.txt ou C:\Documents and Settings\[userName]\mbr.txt 000000000000000000000000 oooooooooooooooooooooooo <@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas. <@> Salve-o,no Desktop,com o nome: CFScript.txt File::c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe c:\windows\ServicePackFiles\i386\winlogon.exe c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll c:\windows\ServicePackFiles\i386\comctl32.dll c:\windows\NiwradSoft Shell Pack\Backup\user32.dll c:\windows\ServicePackFiles\i386\user32.dll c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe c:\windows\ServicePackFiles\i386\explorer.exe c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe c:\windows\ServicePackFiles\i386\ctfmon.exe RegNull:: [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar0] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar1] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar2] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar3] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Bar4] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Bars\Settings-Summary] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\Settings] [HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV * *Gr * *Om * *ȉ * *hV *\WNDSTATUS] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] Folder:: c:\windows\NiwradSoft Shell Pack\Backup Driver:: "splu" <@> Ps: É recomendável que esteja desconectado,ao rodar o script. <@> Ps: Desabilite,temporariamente,seu antivírus. <@> Ps: Não utilizem este script em outra máquina! <@> Arraste,o CFScript.txt para o ícone/interior do ComboFix. <@> Veja a demonstração! <@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix. <@> Ps: Faça o arraste,até surgir essa solicitação! ( janela ) <@> Terminando,poste os relatórios: C:\ComboFix.txt + mbr.txt <-- <@> Ps: Ainda não terminamos! Daremos prosseguimento,em outro Post,gravando cópias que se fizerem necessárias,pelo script do ComboFix. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
