Ionara 2 Denunciar post Postado Junho 27, 2012 Boa noite, Pc lento, páginas abrem sozinhas, o babylon invadiu não consigo retirá-lo, programas em segundo plano.. até o log do hijackthis deu mensagem em relação a um arquivo do system 32 Enfim segue log... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:48:01, on 26/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\Program Files\asus\SystemSetting\WallPaperAgent.exe C:\windows\Explorer.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ASUS\Eee Docking\Eee Docking.exe C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe C:\Windows\AsScrPro.exe C:\Program Files\ASUS\LivCam\LivCam.exe C:\Program Files\ASUS\Asus WebStorage\BackupService.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Linkury SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehCef.dll O2 - BHO: ASUS Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\asus\SystemSetting\StarterHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: Linkury Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe O4 - HKLM\..\Run: [superHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto O4 - HKLM\..\Run: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [LivCam] "C:\Program Files\ASUS\LivCam\LivCam.exe" O4 - HKLM\..\Run: [EeeStorageBackup] C:\Program Files\ASUS\Asus WebStorage\BackupService.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files\asus\OOBERegBackup\OOBEReg.ini" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxExt] C:\windows\system32\IgfxExt.exe /RegServer O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [instant Messenger Cleaner 4] "C:\Users\User\Desktop\ecmd.exe" autostart n/a O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe startup O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- End of file - 10173 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 27, 2012 Boa Noite! Ionara |- Baixe: < AdwCleaner > ( ... par Xplode ) |- Ao acessar,clique na imagem: < > |- Salve-o no desktop! |- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador". |- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression". |- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt |- Baixe: | ZHPDiag2 | *ºº* < > ( ... de Nicolas Coolman ) |- Salve-o no desktop! |- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta. |- Confirme todos os passos,ao instalar ZHPDiag. |- Conclua a instalação,clicando em "Termine". |- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop: |- <1> MBRCheck |- <2> ZHPDiag2 |- <3> ZHPFix |- Clique no ícone do pergaminho. ( ZHPScript ) |- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. ) |- Habilite todas as opções de diagnóstico,clicando em "Options". |- Clique em All. |- |- Clique em "Calendar" e escolha 30 dias! |- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis ) |- Ao concluir,clique em "Save Report". |- Salve-o em um local conveniente! ( ZHPDiag.txt ) |- Ps: Não poste,diretamente,esse arquivo texto. |- Envie-o à Pjjoint.malekal,clicando na seta azul! < > |- Ou acesse: < > |- Para enviar,siga o caminho: Selecionar arquivo... -> Abrir -> Upload file |- Poste o endereço que estará em "Download link" ou "Forum link". |- Ou acesse: |- Ou acesse: |- Maiores informações: < |Link| > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Junho 28, 2012 Segue abaixo o log adw, o diagnóstico gerado do ZHP foi enviado no pjjoint porém deu uma mensagem em frances que parecia dizer "Você não escolheu para arquivar", então pergunto o arquivo foi enviado? em seguida enviei para o myfile.tk, vou ter uma resposta? # AdwCleaner v1.700 - Logfile created 06/27/2012 at 20:24:53 # Updated 26/06/2012 by Xplode # Operating system : Windows 7 Starter Service Pack 1 (32 bits) # User : User - USER-PC # Running from : C:\Users\User\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\ProgramData\bProtector Folder Deleted : C:\ProgramData\IBUpdaterService ***** [Registry] ***** Key Deleted : HKCU\Software\bProtector Key Deleted : HKCU\Software\Smartbar Key Deleted : HKCU\Software\SmartbarBackup Key Deleted : HKCU\Software\Softonic ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Registry is clean. -\\ Mozilla Firefox v9.0.1 (pt-BR) ************************* AdwCleaner[s1].txt - [2219 octets] - [27/06/2012 20:24:53] ########## EOF - C:\AdwCleaner[s1].txt - [2347 octets] ########## Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 28, 2012 Boa Noite! Ionara o diagnóstico gerado do ZHP foi enviadono pjjoint porém deu uma mensagem em frances que parecia dizer "Você não escolheu para arquivar", então pergunto o arquivo foi enviado? em seguida enviei para o myfile.tk, vou ter uma resposta? |- A resposta é imediata,onde lhe será enviado um link tal como na imagem àcima. |- Poste,então,o link que lhe foi enviado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Junho 28, 2012 Segue o log do diag Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012 Run by User at 27/06/2012 20:47:09 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html Web site : http://nicolascoolman.skyrock.com/ State : Your version is update. ---\\ Web Browser MSIE: Internet Explorer v8.0.7601.17514 MFIE: Mozilla Firefox 9.0.1 v9.0.1 (Defaut) ---\\ Windows Product Information ~ Langage: Anglais Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : KO Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2037 MB (57% free) System Restore: Inconnu (Unknown) System drive C: has 66 GB (66%) free of 100 GB ---\\ Logged in mode ~ Computer Name: USER-PC ~ User Name: User ~ All Users Names: User, Invitado, eu, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\User\AppData\Roaming\ ~ %Desktop% : C:\Users\User\Desktop\ ~ %Favorites% : C:\Users\User\Favorites\ ~ %LocalAppData% : C:\Users\User\AppData\Local\ ~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 100 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 116 Go of 123 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Search Generic System Files [MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Windows Explorer.) (.20/11/2010 - 09:17:09.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.2606B35DDADCA19BEA9A08033C621B97] - (.Microsoft Corporation - Internet Extensions para Win32.) (.15/05/2012 - 00:03:54.) -- C:\Windows\System32\wininet.dll [981504] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 09:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/11/2010 - 09:30:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Scan Generic Processes in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 1/993 ~ Mes Videos (My Videos) : 1/4 ~ Mes Favoris (My Favorites) : 1/122 ~ Mes Documents (My Documents) : 1/128 ~ Mon Bureau (My Desktop) : 2/144 ~ Menu demarrer (Programs) : 1/70 ~ Scan Hidden Files in 00mn 03s ---\\ Running Processes [MD5.ED35F3CB8323A6314E1562CA72DA3BF9] - (.ASUSTeK Computer Inc. - WallPape Application.) -- C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888] [PID.1992] [MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.2076] [MD5.778B2333591E9D28063D491456DA18BE] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512] [PID.2192] [MD5.95B5AB49BE07F27C63CC0BBCE34B8E22] - (.Unknown owner - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [402608] [PID.2472] [MD5.822E6029CE5B3EBF31016860E81E2415] - (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240] [PID.2584] [MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.2772] [MD5.B24BF136ABA9C0749561B5A8755DD51B] - (.ASUSTek - SM37X HotKey Tool.) -- C:\Program Files\ASUS\LivCam\LivCam.exe [284160] [PID.2864] [MD5.3A4637D762FDF3C89A659B37B611F254] - (.ECAREME - BackupService.) -- C:\Program Files\ASUS\Asus WebStorage\BackupService.exe [947472] [PID.2992] [MD5.93190A2F166DB15FF8A9D7C260F2806F] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032] [PID.3320] [MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3380] [MD5.17C1F00C2FF5EB421202AABE4F504DA9] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [137752] [PID.3428] [MD5.95BF86349F025960293FC7B5082D7535] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [354840] [PID.3468] [MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3804] [MD5.782FEF655DBF8653C9F2722BEBF7A8A6] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4241512] [PID.3912] [MD5.BB3C28936E06278237D47B08418BDE32] - (.Smartbar - Smartbar.) -- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe [19800] [PID.3968] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.2468] [MD5.C613E69C3B191BB02C7A191741A1D024] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.2604] [MD5.AD9ED72E09863E09D2ADA81523131C92] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe [232912] [PID.4408] [MD5.34D972E425E5CE5109ED5B8B0C8227AE] - (.Orbitdownloader.com - Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitdm.exe [2637624] [PID.5664] [MD5.BF2332868CD6A14E87B68CCE3DDE4DD4] - (.Orbitdownloader.com - P2P service of Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitnet.exe [557056] [PID.5684] [MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3838464] [PID.3212] ~ Scan Processes Running in 00mn 02s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s5vkdz39.default\prefs.js M3 - MFPP: Plugins - [user] -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s5vkdz39.default\searchplugins\Web Search.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\twitter.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml M0 - MFSP: prefs.js [user - s5vkdz39.default] http://feed.helperbar.com M2 - MFEP: prefs.js [user - s5vkdz39.default\helperbar@helperbar.com] [] Linkury Smartbar v (.Linkury.) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.fr R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects (O2) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} Orphean Key O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Orphean Key O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key O2 - BHO: ASUS Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} Orphean Key O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key ~ Scan BHO in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (...) -- (.not file.) O3 - Toolbar: (no name) - [HKLM]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} . (...) -- (.not file.) ~ Scan Toolbar in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HotkeyMon] . (.ASUSTeK Computer Inc. - HotkeyMon.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe O4 - HKLM\..\Run: [HotkeyService] . (.ASUSTeK Computer Inc. - Asus Eee PC Hotkey Service.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe O4 - HKLM\..\Run: [superHybridEngine] . (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Eee Docking] . (.Unknown owner - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe O4 - HKLM\..\Run: [LiveUpdate] . (...) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [synAsusAcpi] . (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [LivCam] . (.ASUSTek - SM37X HotKey Tool.) -- C:\Program Files\ASUS\LivCam\LivCam.exe O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files\ASUS\Asus WebStorage\BackupService.exe O4 - HKLM\..\Run: [uCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [ufSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (.not file.) O4 - HKLM\..\Run: [OOBESetup] . (.ASUSTeK Computer Inc. - OOBERegBackup Application.) -- C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxExt] . (.Intel Corporation - igfxext Module.) -- C:\windows\system32\IgfxExt.exe O4 - HKLM\..\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKCU\..\Run: [instant Messenger Cleaner 4] C:\Users\User\Desktop\ecmd.exe (.not file.) O4 - HKCU\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe O4 - HKUS\S-1-5-21-1853207788-3405432505-2801168943-1000\..\Run: [instant Messenger Cleaner 4] C:\Users\User\Desktop\ecmd.exe (.not file.) O4 - HKUS\S-1-5-21-1853207788-3405432505-2801168943-1000\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe ~ Scan Application in 00mn 00s ---\\ Other User Links (O4) O4 - Global Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\User\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\windows\system32\calc.exe O4 - Global Startup: C:\Users\User\Desktop\Orbit.lnk . (.Orbitdownloader.com.) -- C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: C:\Users\User\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - Global Startup: C:\Users\User\Desktop\WYD.lnk . (...) -- C:\OnGame\WYD\WYDLauncher.exe O4 - Global Startup: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk . (.Orbitdownloader.com.) -- C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: C:\Users\eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\eu\Desktop\Google Chrome.lnk . (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O4 - Global Startup: C:\Users\eu\Desktop\WYD - Atalho.lnk . (...) -- C:\OnGame\WYD\WYD.exe O4 - Global Startup: C:\Users\eu\Desktop\WYD.lnk . (...) -- C:\OnGame\WYD\WYDLauncher.exe O4 - Global Startup: C:\Users\eu\Desktop\WYDLauncher - Atalho.lnk . (...) -- C:\WYD\WYDLauncher.exe (.not file.) O4 - Global Startup: C:\Users\eu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Global Startup in 00mn 00s ---\\ Extra items in the IE right-click menu (O8) O8 - Extra context menu item: &Download by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: &Grab video by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: Do&wnload selected by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: Down&load all by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: E&xportar para o Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~2\Office12\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Task Planned Automatically(039) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001UA.job [MD5.00000000000000000000000000000000] [APT] [{190C51D8-1F36-4877-9B84-D41E372B8BBA}] (...) -- C:\Users\User\Desktop\Metin2_Brasil_v11.exe (.not file.) [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [{494023E9-ADA7-4D74-B64A-107F16E9DDE5}] (...) -- C:\Users\User\Desktop\My Shared Folder\age of empires iii (castellano) (juego completo) (am).exe ~ Scan Scheduled Task in 00mn 05s ---\\ ActiveSetup Installed Components (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Scan Active Setup in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage O42 - Logiciel: ASUSUpdate for Eee PC - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Ares 2.1.8 - (.Ares Development Group.) [HKLM] -- Ares O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM] -- Asus Vibe2.0 O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36} O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: Eee Docking 3.3.0 - (.ASUSTek Computer Inc..) [HKLM] -- Eee Docking_is1 O42 - Logiciel: EeeSplendid - (.ASUS.) [HKLM] -- {6333FC29-BFE5-4024-AC78-958A1A7555D1} O42 - Logiciel: Game Park Console - (.Oberon Media, Inc..) [HKLM] -- {BB5E5F87-E939-4974-A006-2B4A2F60EEA3}_is1 O42 - Logiciel: Hotkey Service - (.AsusTek Computer.) [HKLM] -- {71C0E38E-09F2-4386-9977-404D4F6640CD} O42 - Logiciel: Hotkey Service - (.AsusTek Computer.) [HKLM] -- {75E9CAA3-B336-439D-85FB-7C7B2ACA1A16} O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2012 O42 - Logiciel: Instant Messenger Cleaner 4.2 - (.Codemonster Ltd.) [HKCU] -- Instant Messenger Cleaner 4.2 O42 - Logiciel: Intel® Graphics Media Accelerator 500 - (. Intel Corporation.) [HKLM] -- LPCO O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {95120000-00AF-0C0A-0000-0000000FF1CE} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001} O42 - Logiciel: Malwarebytes Anti-Malware versão 1.61.0.1400 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002C-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE} O42 - Logiciel: Mozilla Firefox 9.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 9.0.1 (x86 pt-BR) O42 - Logiciel: OOBERegBackup - (.ASUSTeK Computer Inc..) [HKLM] -- OOBERegBackup_is1 O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM] -- Orbit_is1 O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0} O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {FAD8718D-950E-468D-BDE2-17D4D6F1EA6A} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E34960DB-2A93-45DB-A208-02650F7AB09C} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{293FB6BE-D3EB-4162-B522-F9108040B9FE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3069CE04-082C-4669-9BA1-E6AA66330C1F} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AEA16A27-0B97-4670-818F-A98D06EC0A6F} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{075C2272-0881-46D3-B3A5-1D83D6940270} O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E} O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: SystemSetting - (.ASUSTeK Computer Inc..) [HKLM] -- SystemSetting_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-B - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B5B7C5DB-74C3-43E0-8413-0C6C1CA4DED0} O42 - Logiciel: WYD (remove only) - (.Unknown owner.) [HKLM] -- WYD O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) - (.Broadcom.) [HKLM] -- B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) - (.Broadcom.) [HKLM] -- B5C82F3814F82FB37F1513B3185399BD88892B08 O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE O42 - Logiciel: avast! Internet Security v7.0.1426.0 - (.AVAST Software.) [HKLM] -- avast ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\ASUS] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Ares] [HKCU\Software\Caphyon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\DT Soft] [HKCU\Software\DataMngr_Toolbar] [HKCU\Software\ECAREME] [HKCU\Software\Froggie] [HKCU\Software\GbPlugin] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\KasperskyLab] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Oberon Media] [HKCU\Software\Orbit] [HKCU\Software\OrolixCommunicator] [HKCU\Software\Orolix] [HKCU\Software\Policies] [HKCU\Software\ProgSense] [HKCU\Software\Realtek] [HKCU\Software\Skype] [HKCU\Software\SmartbarLog] [HKCU\Software\Synaptics] [HKCU\Software\Trolltech] [HKCU\Software\VSRevoGroup] [HKCU\Software\kde.org] [HKCU\Software\mozilla] [HKLM\Software\ALWIL Software] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\AsusTek Computer] [HKLM\Software\Atheros Communications Inc.] [HKLM\Software\Atheros] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DT Soft] [HKLM\Software\ECAREME] [HKLM\Software\Google] [HKLM\Software\Huawei technologies] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KasperskyLab] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\Orbit] [HKLM\Software\Orolix] [HKLM\Software\Policies] [HKLM\Software\Ralink] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Skype] [HKLM\Software\Synaptics] [HKLM\Software\Volatile] [HKLM\Software\Wow6432Node] [HKLM\Software\coreSecurity] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 01s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 16/11/2009 - 13:32:27 - [653,412] ----D C:\Program Files\Adobe O43 - CFD: 16/09/2011 - 11:35:58 - [0] ----D C:\Program Files\Alwil Software O43 - CFD: 09/04/2012 - 18:04:12 - [6,885] ----D C:\Program Files\Ares O43 - CFD: 12/02/2012 - 19:42:17 - [164,710] ----D C:\Program Files\ASUS O43 - CFD: 16/11/2009 - 13:07:15 - [0,001] ----D C:\Program Files\Atheros O43 - CFD: 16/04/2012 - 16:04:14 - [313,654] ----D C:\Program Files\AVAST Software O43 - CFD: 19/12/2011 - 14:16:53 - [0,076] ----D C:\Program Files\Claro O43 - CFD: 16/09/2011 - 11:29:43 - [0,380] ----D C:\Program Files\CMAK O43 - CFD: 16/04/2012 - 15:22:35 - [346,786] ----D C:\Program Files\Common Files O43 - CFD: 25/11/2009 - 15:00:45 - [55,593] ----D C:\Program Files\CyberLink O43 - CFD: 16/11/2009 - 13:09:19 - [0,520] ----D C:\Program Files\DIFX O43 - CFD: 22/02/2012 - 21:48:12 - [4,078] ----D C:\Program Files\DVD Maker O43 - CFD: 16/11/2009 - 13:10:59 - [7,512] ----D C:\Program Files\EeePC O43 - CFD: 01/03/2012 - 01:05:48 - [2,764] ----D C:\Program Files\GbPlugin O43 - CFD: 16/04/2012 - 16:06:14 - [5,305] ----D C:\Program Files\Google O43 - CFD: 07/03/2012 - 15:51:45 - [0,017] --H-D C:\Program Files\InstallJammer Registry O43 - CFD: 12/06/2012 - 20:58:17 - [61,143] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 16/11/2009 - 13:03:29 - [58,942] ----D C:\Program Files\Intel O43 - CFD: 14/06/2012 - 12:29:22 - [4,522] ----D C:\Program Files\Internet Explorer O43 - CFD: 07/03/2012 - 15:47:27 - [85,003] ----D C:\Program Files\Java O43 - CFD: 29/04/2012 - 07:40:07 - [11,548] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 12/06/2012 - 20:55:43 - [45,733] ----D C:\Program Files\Microsoft Games O43 - CFD: 04/01/2012 - 15:35:20 - [614,053] ----D C:\Program Files\Microsoft Office O43 - CFD: 16/09/2011 - 10:57:36 - [2,087] ----D C:\Program Files\Microsoft Sync Framework O43 - CFD: 16/09/2011 - 11:46:41 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 16/09/2011 - 11:41:43 - [1,204] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 18/11/2011 - 12:08:12 - [127,445] ----D C:\Program Files\Microsoft Works O43 - CFD: 16/09/2011 - 11:45:11 - [7,774] ----D C:\Program Files\Microsoft.NET O43 - CFD: 18/03/2012 - 21:18:22 - [36,423] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 16/09/2011 - 11:47:23 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 09/06/2012 - 07:11:41 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 16/11/2009 - 13:29:30 - [0,105] ----D C:\Program Files\Oberon Media O43 - CFD: 08/03/2012 - 17:16:42 - [0] ----D C:\Program Files\ONGAME O43 - CFD: 07/06/2012 - 10:22:04 - [14,046] ----D C:\Program Files\Orbitdownloader O43 - CFD: 07/03/2012 - 15:51:12 - [8,656] ----D C:\Program Files\Programas RFB O43 - CFD: 16/11/2009 - 13:04:36 - [9,527] ----D C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 01:52:30 - [39,265] ----D C:\Program Files\Reference Assemblies O43 - CFD: 24/11/2009 - 20:50:36 - [28,426] R---D C:\Program Files\Skype O43 - CFD: 16/11/2009 - 13:05:42 - [27,968] ----D C:\Program Files\Synaptics O43 - CFD: 25/11/2009 - 15:13:45 - [0] --H-D C:\Program Files\Temp O43 - CFD: 17/03/2012 - 13:48:06 - [0] ----D C:\Program Files\TIM Communicator O43 - CFD: 14/07/2009 - 01:53:23 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 12/06/2012 - 21:16:54 - [6,503] ----D C:\Program Files\VS Revo Group O43 - CFD: 22/02/2012 - 21:48:09 - [3,096] ----D C:\Program Files\Windows Defender O43 - CFD: 16/09/2011 - 11:29:49 - [0,111] ----D C:\Program Files\Windows Journal O43 - CFD: 16/09/2011 - 10:54:41 - [0,234] ----D C:\Program Files\Windows Live SkyDrive O43 - CFD: 22/02/2012 - 21:48:13 - [6,918] ----D C:\Program Files\Windows Mail O43 - CFD: 22/02/2012 - 21:48:12 - [6,559] ----D C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - 01:52:30 - [11,865] ----D C:\Program Files\Windows NT O43 - CFD: 22/02/2012 - 21:48:12 - [4,306] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 22/02/2012 - 21:48:12 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 22/02/2012 - 21:48:13 - [7,678] ----D C:\Program Files\Windows Sidebar O43 - CFD: 27/06/2012 - 20:47:32 - [12,845] ----D C:\Program Files\ZHPDiag O43 - CFD: 16/11/2009 - 13:14:00 - [14,095] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 16/11/2009 - 13:32:08 - [30,315] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 10/10/2011 - 21:06:06 - [0,089] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 08/06/2012 - 18:57:21 - [6,182] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 07/03/2012 - 15:48:39 - [1,201] ----D C:\Program Files\Common Files\Java O43 - CFD: 21/06/2012 - 14:53:07 - [210,479] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 16/11/2009 - 13:29:30 - [0,338] ----D C:\Program Files\Common Files\Oberon Media O43 - CFD: 13/07/2009 - 23:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 24/11/2009 - 20:50:36 - [1,868] ----D C:\Program Files\Common Files\Skype O43 - CFD: 13/07/2009 - 23:37:05 - [39,202] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/03/2012 - 06:58:47 - [43,015] ----D C:\Program Files\Common Files\System O43 - CFD: 16/09/2011 - 10:51:49 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 16/11/2009 - 13:32:08 - [0,001] ----D C:\ProgramData\Adobe O43 - CFD: 16/04/2012 - 16:04:14 - [36,902] ----D C:\ProgramData\Alwil Software O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 12/02/2012 - 16:41:05 - [0,002] ----D C:\ProgramData\ASUS WebStorage O43 - CFD: 16/11/2009 - 13:07:28 - [0,009] ----D C:\ProgramData\Atheros O43 - CFD: 07/06/2012 - 12:01:04 - [0,014] ----D C:\ProgramData\CyberLink O43 - CFD: 08/06/2012 - 15:12:29 - [0,002] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 27/06/2012 - 20:27:03 - [0,009] ----D C:\ProgramData\GbPlugin O43 - CFD: 12/06/2012 - 22:55:08 - [198,300] ----D C:\ProgramData\Kaspersky Lab O43 - CFD: 19/03/2012 - 19:47:01 - [16,765] ----D C:\ProgramData\Malwarebytes O43 - CFD: 12/06/2012 - 21:29:22 - [54,435] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/06/2012 - 12:13:39 - [0,132] ----D C:\ProgramData\Microsoft Help O43 - CFD: 16/11/2009 - 13:07:55 - [2,199] ----D C:\ProgramData\Ralink Driver O43 - CFD: 24/11/2009 - 20:50:35 - [20,908] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 07/03/2012 - 15:48:43 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 07/02/2012 - 14:55:29 - [0,035] ---AD C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 16/09/2011 - 11:23:25 - [0,059] ----D C:\ProgramData\Trend Micro O43 - CFD: 30/10/2011 - 18:28:32 - [1,725] ----D C:\Users\User\AppData\Roaming\Adobe O43 - CFD: 22/02/2012 - 08:38:33 - [0,039] ----D C:\Users\User\AppData\Roaming\Asus WebStorage O43 - CFD: 14/02/2012 - 21:18:50 - [0] ----D C:\Users\User\AppData\Roaming\BS_Temp O43 - CFD: 20/06/2012 - 21:09:11 - [0,742] ----D C:\Users\User\AppData\Roaming\Codemonster Ltd O43 - CFD: 08/06/2012 - 18:51:14 - [0,931] ----D C:\Users\User\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 07/06/2012 - 10:22:15 - [0] ----D C:\Users\User\AppData\Roaming\GrabPro O43 - CFD: 14/07/2009 - 01:54:12 - [0] ----D C:\Users\User\AppData\Roaming\Identities O43 - CFD: 16/11/2009 - 13:03:14 - [0] ----D C:\Users\User\AppData\Roaming\InstallShield O43 - CFD: 16/11/2009 - 13:14:25 - [0,002] ----D C:\Users\User\AppData\Roaming\Macromedia O43 - CFD: 19/03/2012 - 19:47:30 - [0,020] ----D C:\Users\User\AppData\Roaming\Malwarebytes O43 - CFD: 07/06/2012 - 10:26:41 - [7,003] -S--D C:\Users\User\AppData\Roaming\Microsoft O43 - CFD: 25/12/2011 - 09:47:30 - [14,929] ----D C:\Users\User\AppData\Roaming\Mozilla O43 - CFD: 08/06/2012 - 18:21:37 - [17,631] ----D C:\Users\User\AppData\Roaming\OpenCandy O43 - CFD: 27/06/2012 - 20:34:44 - [4,494] ----D C:\Users\User\AppData\Roaming\Orbit O43 - CFD: 07/06/2012 - 10:22:47 - [0,000] ----D C:\Users\User\AppData\Roaming\ProgSense O43 - CFD: 16/09/2011 - 11:34:05 - [0,013] ----D C:\Users\User\AppData\Roaming\Skype O43 - CFD: 14/02/2012 - 21:19:47 - [0] ----D C:\Users\User\AppData\Roaming\Update O43 - CFD: 15/11/2011 - 20:36:27 - [22,597] ----D C:\Users\User\AppData\Local\Adobe O43 - CFD: 16/09/2011 - 10:48:34 - [0] ----D C:\Users\User\AppData\Local\Archivos temporales de Internet O43 - CFD: 08/06/2012 - 10:54:28 - [0,034] ----D C:\Users\User\AppData\Local\Ares O43 - CFD: 20/06/2012 - 21:12:51 - [1,193] ----D C:\Users\User\AppData\Local\Caphyon O43 - CFD: 16/09/2011 - 10:48:34 - [0] ----D C:\Users\User\AppData\Local\Datos de programa O43 - CFD: 03/06/2012 - 14:28:29 - [0,957] ----D C:\Users\User\AppData\Local\Diagnostics O43 - CFD: 05/02/2012 - 15:51:48 - [0] ----D C:\Users\User\AppData\Local\ElevatedDiagnostics O43 - CFD: 16/04/2012 - 16:06:14 - [0] ----D C:\Users\User\AppData\Local\Google O43 - CFD: 16/09/2011 - 10:48:34 - [0] ----D C:\Users\User\AppData\Local\Historial O43 - CFD: 12/06/2012 - 21:29:22 - [572,102] ----D C:\Users\User\AppData\Local\Microsoft O43 - CFD: 12/11/2011 - 11:28:05 - [0,114] ----D C:\Users\User\AppData\Local\Microsoft Games O43 - CFD: 28/04/2012 - 15:11:10 - [1,539] ----D C:\Users\User\AppData\Local\Microsoft Help O43 - CFD: 25/12/2011 - 09:47:11 - [59,512] ----D C:\Users\User\AppData\Local\Mozilla O43 - CFD: 25/06/2012 - 19:37:24 - [16,586] ----D C:\Users\User\AppData\Local\Smartbar O43 - CFD: 27/06/2012 - 20:40:53 - [368,055] ----D C:\Users\User\AppData\Local\Temp O43 - CFD: 19/03/2012 - 16:07:41 - [460,437] ----D C:\Users\User\AppData\Local\VirtualStore O43 - CFD: 14/07/2009 - 01:42:04 - [0,014] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 29/02/2012 - 19:35:43 - [0,000] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/09/2011 - 11:32:13 - [0,003] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam O43 - CFD: 16/11/2009 - 13:29:39 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park O43 - CFD: 08/06/2012 - 19:13:58 - [0,000] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 14/07/2009 - 01:37:42 - [0,001] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/06/2012 - 10:29:58 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnGame O43 - CFD: 07/03/2012 - 15:50:05 - [0,004] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012 O43 - CFD: 12/06/2012 - 21:17:03 - [0,004] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 15/06/2012 - 20:59:47 - [0,001] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ Scan Program Folder in 00mn 06s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.054F78F61D40182056AA9013719C28AC] - 27/06/2012 - 20:33:22 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1530242] O44 - LFC:[MD5.EED51D56C1041D48C08D31CFC0876496] - 27/06/2012 - 20:33:22 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103568] O44 - LFC:[MD5.9A378BAE390D5D4E6710EED34169C0F0] - 27/06/2012 - 20:33:22 ---A- . (...) -- C:\Windows\System32\perfc00A.dat [133704] O44 - LFC:[MD5.EE946017F68304658A20B6732CE5F8B8] - 27/06/2012 - 20:33:22 ---A- . (...) -- C:\Windows\System32\perfh009.dat [607190] O44 - LFC:[MD5.4738D5A58848F880A4B341DA699E5B6B] - 27/06/2012 - 20:33:22 ---A- . (...) -- C:\Windows\System32\perfh00A.dat [684000] O44 - LFC:[MD5.7D0AEE30AE2FF546E6E021D9865C47D7] - 27/06/2012 - 20:32:04 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1629882] O44 - LFC:[MD5.5BD80052F4729B1AC5F262882C16EB23] - 27/06/2012 - 20:27:10 ---A- . (...) -- C:\Windows\setupact.log [79909] O44 - LFC:[MD5.6A4D10F1D08DA6A17032A9AACB8A7F15] - 27/06/2012 - 20:27:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.91B9AF2898A9A7B6CA011C7D9568C5E3] - 27/06/2012 - 20:25:33 ---A- . (...) -- C:\AdwCleaner[s1].txt [2348] O44 - LFC:[MD5.6347B8B5E79829B8B5384BF7D55074C4] - 15/06/2012 - 21:55:42 ---A- . (...) -- C:\Windows\PFRO.log [51008] O44 - LFC:[MD5.254A691F4CE8A31D70D94959662C4572] - 15/06/2012 - 21:54:47 ---A- . (...) -- C:\Windows\ntbtlog.txt [1190296] O44 - LFC:[MD5.0533E2567E356BFAB8F5AD9B1F3FFE07] - 14/06/2012 - 12:31:56 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [417080] O44 - LFC:[MD5.21CD91C5E320D8396D7948B2F579A5A7] - 10/06/2012 - 21:27:18 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [281200] O44 - LFC:[MD5.472492BF87474BACE8A72483CDD03F1E] - 09/06/2012 - 07:12:04 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [283992] O44 - LFC:[MD5.35FBBD563942F58968F397A6C53CCB0F] - 08/06/2012 - 19:11:40 ---A- . (...) -- C:\Windows\DirectX.log [82406] ~ Scan Files in 00mn 10s ---\\ Safe Boot Control (O49) (None) ---\\ MountPoints2 Shell Key (MPKS) (O51) O51 - MPSK:{0c114ded-f45c-11e0-ac02-1c4bd6037440}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{0d46d8b8-b1b1-11e1-b08a-806e6f6e6963}\AutoRun\command. (...) -- E:\CDCheck.exe (.not file.) O51 - MPSK:{0d46d8b9-b1b1-11e1-b08a-806e6f6e6963}\AutoRun\command. (...) -- F:\CDCheck.exe (.not file.) O51 - MPSK:{0d46d907-b1b1-11e1-b08a-c41332706671}\AutoRun\command. (...) -- G:\autorun.exe (.not file.) O51 - MPSK:{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (None) ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28 ~ Scan Keys in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\\ Last modified or created user files (O61) O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\0Extension.crx [398123] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FBImagePreview.js [15582] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.css [1385] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.js [54721] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.xul [2946] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\InternalJS.js [503] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\externalJS.js [1513] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\jquery-1.5.1.min.js [85260] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\publisherDefinitions.js [1766] O61 - LFC:Last File Created 24/06/2012 - 14:56:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\helperbar@helperbar.com\install.rdf [1014] O61 - LFC:Last File Created 24/06/2012 - 14:56:42 ---A- C:\Users\User\AppData\Local\Smartbar\Application\1Extension.crx [398233] O61 - LFC:Last File Created 24/06/2012 - 14:56:46 ---A- C:\Users\User\AppData\Local\Smartbar\Application\ar\Smartbar.GUI.MainClient.resources.dll [38744] O61 - LFC:Last File Created 24/06/2012 - 14:56:48 ---A- C:\Users\User\AppData\Local\Smartbar\Application\BrowserHelper.exe [18264] O61 - LFC:Last File Created 24/06/2012 - 14:56:58 ---A- C:\Users\User\AppData\Local\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll [25432] O61 - LFC:Last File Created 24/06/2012 - 14:57:02 ---A- C:\Users\User\AppData\Local\Smartbar\Application\es\Smartbar.GUI.MainClient.resources.dll [21336] O61 - LFC:Last File Created 24/06/2012 - 14:57:10 ---A- C:\Users\User\AppData\Local\Smartbar\Application\fr\Smartbar.GUI.MainClient.resources.dll [25944] O61 - LFC:Last File Created 24/06/2012 - 14:57:10 ---A- C:\Users\User\AppData\Local\Smartbar\Application\he\Smartbar.GUI.MainClient.resources.dll [25944] O61 - LFC:Last File Created 24/06/2012 - 14:57:14 ---A- C:\Users\User\AppData\Local\Smartbar\Application\it\Smartbar.GUI.MainClient.resources.dll [25944] O61 - LFC:Last File Created 24/06/2012 - 14:57:16 ---A- C:\Users\User\AppData\Local\Smartbar\Application\MACTrackBarLib.dll [46936] O61 - LFC:Last File Created 24/06/2012 - 14:57:20 ---A- C:\Users\User\AppData\Local\Smartbar\Application\NDde.dll [106328] O61 - LFC:Last File Created 24/06/2012 - 14:57:22 ---A- C:\Users\User\AppData\Local\Smartbar\Application\pt\Smartbar.GUI.MainClient.resources.dll [21336] O61 - LFC:Last File Created 24/06/2012 - 14:57:24 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll [145240] O61 - LFC:Last File Created 24/06/2012 - 14:57:24 ---A- C:\Users\User\AppData\Local\Smartbar\Application\RegAsm.exe [59224] O61 - LFC:Last File Created 24/06/2012 - 14:57:46 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll [13144] O61 - LFC:Last File Created 24/06/2012 - 14:57:48 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll [12120] O61 - LFC:Last File Created 24/06/2012 - 14:57:50 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll [11608] O61 - LFC:Last File Created 24/06/2012 - 14:57:56 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll [56152] O61 - LFC:Last File Created 24/06/2012 - 14:57:58 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll [13144] O61 - LFC:Last File Created 24/06/2012 - 14:57:58 ---A- C:\Users\User\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll [41816] O61 - LFC:Last File Created 24/06/2012 - 14:58:18 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar Automatic Update.exe [12632] O61 - LFC:Last File Created 24/06/2012 - 14:58:20 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe [19800] O61 - LFC:Last File Created 24/06/2012 - 14:58:22 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll [542040] O61 - LFC:Last File Created 24/06/2012 - 14:58:22 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll [80728] O61 - LFC:Last File Created 24/06/2012 - 14:58:24 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll [1288536] O61 - LFC:Last File Created 24/06/2012 - 14:58:26 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll [13144] O61 - LFC:Last File Created 24/06/2012 - 14:58:28 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll [12120] O61 - LFC:Last File Created 24/06/2012 - 14:58:30 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll [28504] O61 - LFC:Last File Created 24/06/2012 - 14:58:30 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll [11608] O61 - LFC:Last File Created 24/06/2012 - 14:58:32 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll [33112] O61 - LFC:Last File Created 24/06/2012 - 14:58:34 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll [53080] O61 - LFC:Last File Created 24/06/2012 - 14:58:34 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll [27992] O61 - LFC:Last File Created 24/06/2012 - 14:58:36 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll [45912] O61 - LFC:Last File Created 24/06/2012 - 14:58:38 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll [54616] O61 - LFC:Last File Created 24/06/2012 - 14:58:38 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll [13144] O61 - LFC:Last File Created 24/06/2012 - 14:58:40 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll [18264] O61 - LFC:Last File Created 24/06/2012 - 14:58:48 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll [97624] O61 - LFC:Last File Created 24/06/2012 - 14:58:50 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll [78680] O61 - LFC:Last File Created 24/06/2012 - 14:58:52 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll [15704] O61 - LFC:Last File Created 24/06/2012 - 14:58:52 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll [14680] O61 - LFC:Last File Created 24/06/2012 - 14:58:54 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll [16216] O61 - LFC:Last File Created 24/06/2012 - 14:58:56 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll [34648] O61 - LFC:Last File Created 24/06/2012 - 14:58:56 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.FilesManager.dll [331608] O61 - LFC:Last File Created 24/06/2012 - 14:58:58 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll [67928] O61 - LFC:Last File Created 24/06/2012 - 14:59:00 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryManager.dll [18776] O61 - LFC:Last File Created 24/06/2012 - 14:59:02 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll [13144] O61 - LFC:Last File Created 24/06/2012 - 14:59:04 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll [133976] O61 - LFC:Last File Created 24/06/2012 - 14:59:04 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll [38744] O61 - LFC:Last File Created 24/06/2012 - 14:59:06 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll [19288] O61 - LFC:Last File Created 24/06/2012 - 14:59:08 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll [24920] O61 - LFC:Last File Created 24/06/2012 - 14:59:10 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll [46936] O61 - LFC:Last File Created 24/06/2012 - 14:59:12 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll [14680] O61 - LFC:Last File Created 24/06/2012 - 14:59:12 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll [16216] O61 - LFC:Last File Created 24/06/2012 - 14:59:14 ---A- C:\Users\User\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll [130392] O61 - LFC:Last File Created 24/06/2012 - 14:59:16 ---A- C:\Users\User\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll [87896] O61 - LFC:Last File Created 24/06/2012 - 14:59:20 ---A- C:\Users\User\AppData\Local\Smartbar\Application\DefaultFiles\ProfileManager.xml [4293] O61 - LFC:Last File Created 24/06/2012 - 14:59:20 ---A- C:\Users\User\AppData\Local\Smartbar\DistributionFiles\Configs\ProfileManager.xml [4293] O61 - LFC:Last File Created 25/06/2012 - 19:17:10 ---A- C:\Users\User\AppData\Local\Temp\tmpB701.ico [1150] O61 - LFC:Last File Created 25/06/2012 - 19:34:55 ---A- C:\Users\User\AppData\Local\Temp\12164fc4-6382-419a-96a3-a632736be31c\LinkuryInstaller.msi [7176192] O61 - LFC:Last File Created 25/06/2012 - 19:34:56 ---A- C:\Users\User\AppData\Local\Smartbar\Linkury.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.2.0.0\user.config [1211] O61 - LFC:Last File Created 25/06/2012 - 19:37:37 R--A- C:\Users\User\AppData\Roaming\Microsoft\Installer\{10174305-FFC7-4F27-8AB5-0E7768CCA5EF}\icon.ico [22382] O61 - LFC:Last File Created 25/06/2012 - 19:37:44 ---A- C:\Users\User\AppData\Local\Smartbar\DistributionFiles\Configs\UserSettings.xml [2601] O61 - LFC:Last File Created 25/06/2012 - 19:37:45 ---A- C:\Users\User\AppData\Local\Smartbar\DistributionFiles\Configs\PublisherSettings.xml [16410] O61 - LFC:Last File Created 25/06/2012 - 19:38:10 ---A- C:\Users\User\AppData\Local\Temp\tmpEE37.ico [1150] O61 - LFC:Last File Created 25/06/2012 - 19:38:20 ---A- C:\Users\User\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch [2866] O61 - LFC:Last File Created 25/06/2012 - 19:39:14 ---A- C:\Users\User\AppData\Local\Temp\tmpEC92.ico [1150] O61 - LFC:Last File Created 25/06/2012 - 19:39:18 ---A- C:\Users\User\AppData\Local\Temp\tmpFB61.ico [1150] O61 - LFC:Last File Created 25/06/2012 - 19:54:21 ---A- C:\Users\User\AppData\Local\Smartbar\Common\iconsWide\youtube.png [4082] O61 - LFC:Last File Created 25/06/2012 - 19:54:21 ---A- C:\Users\User\AppData\Local\Smartbar\Common\iconsWide\youtubehover.png [3772] O61 - LFC:Last File Created 25/06/2012 - 19:54:21 ---A- C:\Users\User\AppData\Local\Smartbar\Common\iconsWide\youtubepress.png [4067] O61 - LFC:Last File Created 25/06/2012 - 19:54:21 ---A- C:\Users\User\AppData\Local\Smartbar\DistributionFiles\Configs\IconsSettings.xml [45655] O61 - LFC:Last File Created 25/06/2012 - 20:38:25 ---A- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe.Config [12840] O61 - LFC:Last File Created 26/06/2012 - 02:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\LeftAd.zip [65309] O61 - LFC:Last File Created 26/06/2012 - 04:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\left\1338876652.gif [14105] O61 - LFC:Last File Created 26/06/2012 - 04:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\left\1339642948.jpg [10696] O61 - LFC:Last File Created 26/06/2012 - 04:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\left\1340174266.png [16544] O61 - LFC:Last File Created 26/06/2012 - 04:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\left\1340178814.jpg [24489] O61 - LFC:Last File Created 26/06/2012 - 04:26:41 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\left\ad.xml [1677] O61 - LFC:Last File Created 26/06/2012 - 20:22:30 ---A- C:\Users\User\AppData\Local\Temp\tmpD0D7.ico [1150] O61 - LFC:Last File Created 26/06/2012 - 21:29:12 ---A- C:\Users\User\AppData\Local\Temp\tmpE515.ico [1150] O61 - LFC:Last File Created 26/06/2012 - 21:29:17 ---A- C:\Users\User\AppData\Local\Temp\tmpF72F.ico [1150] O61 - LFC:Last File Created 26/06/2012 - 21:48:10 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\AdConfig.xml [524] O61 - LFC:Last File Created 26/06/2012 - 21:48:10 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\GvConfig.xml [327] O61 - LFC:Last File Created 26/06/2012 - 21:48:13 ---A- C:\Users\User\AppData\Roaming\Orbit\sitelogin.dat [13] O61 - LFC:Last File Created 27/06/2012 - 03:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\TipsAd.zip [219728] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1339139634.jpg [20198] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1339408030.png [13768] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1339656001.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1339657056.png [6357] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340003204.png [4410] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088118.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088129.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088138.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088146.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088155.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340088169.jpg [20388] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340178738.jpg [19397] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\1340787443.png [16828] O61 - LFC:Last File Created 27/06/2012 - 05:57:56 ---A- C:\Users\User\AppData\Roaming\Orbit\AdConfig\tips\ad.xml [5196] O61 - LFC:Last File Created 27/06/2012 - 19:43:04 ---A- C:\Users\User\AppData\Local\Temp\ulm5wv8g.out [880] O61 - LFC:Last File Created 27/06/2012 - 19:43:39 ---A- C:\Users\User\AppData\Local\Temp\tmp393A.ico [1150] O61 - LFC:Last File Created 27/06/2012 - 19:45:25 ---A- C:\Users\User\AppData\Local\Temp\~DFF65B3FAD173DEFDC.TMP [16384] O61 - LFC:Last File Created 27/06/2012 - 19:50:00 ---A- C:\Users\User\AppData\Roaming\Adobe\Acrobat\9.0\JavaScripts\glob.js [0] O61 - LFC:Last File Created 27/06/2012 - 19:50:00 ---A- C:\Users\User\AppData\Roaming\Adobe\Acrobat\9.0\JavaScripts\glob.settings.js [10] O61 - LFC:Last File Created 27/06/2012 - 19:50:01 ---A- C:\Users\User\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents [5120] O61 - LFC:Last File Created 27/06/2012 - 20:23:47 ---A- C:\Users\User\AppData\Roaming\Orbit\softI.dat [152] O61 - LFC:Last File Created 27/06/2012 - 20:24:28 ---A- C:\Users\User\AppData\Local\Temp\Uninst.bat [612] O61 - LFC:Last File Created 27/06/2012 - 20:30:30 ---A- C:\Users\User\AppData\Local\Temp\tmp7C13.ico [1150] O61 - LFC:Last File Created 27/06/2012 - 20:33:41 ---A- C:\Users\User\AppData\Roaming\ProgSense\User.xml [438] O61 - LFC:Last File Created 27/06/2012 - 20:33:44 ---A- C:\Users\User\AppData\Roaming\Orbit\conf.dat [2763] O61 - LFC:Last File Created 27/06/2012 - 20:33:48 ---A- C:\Users\User\AppData\Local\Temp\~DFEEA34588947E2DDB.TMP [16384] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\ASUS WebStorage.ico [297086] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\ASUSUpdate.ico [2238] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Adobe AIR.ico [22486] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Adobe Flash Player 10 ActiveX.ico [38646] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Ares.ico [15086] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\AsusVibe2.0.ico [82726] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Chicken Invaders 2.ico [11502] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\CyberLink YouCam.ico [73836] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Eee Docking.ico [82726] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Eee Super Hybrid Engine.ico [2238] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\FontResizer.ico [432254] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Hotkey Service.ico [7406] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.ico [5694] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Intel Graphics Media Accelerator Driver.ico [15046] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Intel® Matrix Storage Manager.ico [25214] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Internet Explorer.ico [97527] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Java 6 Update 31.ico [29926] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Malwarebytes Anti-Malware versão.ico [292878] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Microsoft Office Enterprise 2007.ico [25214] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Microsoft Office PowerPoint Viewer 2007.ico [39734] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Microsoft Works.ico [295606] O61 - LFC:Last File Created 27/06/2012 - 20:34:39 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\avast! Internet Security.ico [61755] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Mozilla Firefox.ico [295606] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\OOBERegBackup.ico [23558] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Orbit Downloader.ico [22486] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Realtek High Definition Audio Driver.ico [285478] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Receitanet.ico [766] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Revo Uninstaller.ico [26694] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Skype.ico [364726] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\SystemSetting.ico [67646] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\WYD.ico [3262] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Windows Driver Package - Broadcom Bluetooth.ico [23558] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Windows Driver Package - Broadcom HIDClass.ico [23558] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\icon\Windows Media Player.ico [92061] O61 - LFC:Last File Created 27/06/2012 - 20:34:40 ---A- C:\Users\User\AppData\Roaming\Orbit\sclist.xml [65824] O61 - LFC:Last File Created 27/06/2012 - 20:34:44 ---A- C:\Users\User\AppData\Roaming\Orbit\DownloadList.dat [8151] O61 - LFC:Last File Created 27/06/2012 - 20:34:45 ---A- C:\Users\User\AppData\Roaming\Orbit\slist.xml [110497] O61 - LFC:Last File Created 27/06/2012 - 20:34:46 ---A- C:\Users\User\AppData\Roaming\Orbit\User.xml [458] O61 - LFC:Last File Created 27/06/2012 - 20:34:46 ---A- C:\Users\User\AppData\Roaming\Orbit\updateslist.xml [14666] O61 - LFC:Last File Created 27/06/2012 - 20:35:15 ---A- C:\Users\User\AppData\Roaming\Microsoft\Office\Groove12.pip [144] O61 - LFC:Last File Created 27/06/2012 - 20:36:04 ---A- C:\Users\User\AppData\Roaming\Orbit\filesave.dat [1150] O61 - LFC:Last File Created 27/06/2012 - 20:36:04 ---A- C:\Users\User\AppData\Roaming\Orbit\flink\71ZHPDiag2.lnk [605] O61 - LFC:Last File Created 27/06/2012 - 20:46:12 ---A- C:\Users\User\AppData\Roaming\Asus WebStorage\Logs\AWS-ZHPDiag.txt [0] O61 - LFC:Last File Created 30/12/1899 - 20:26:05 --HA- C:\Users\User\AppData\Local\IconCache.db [1911396] ~ Scan Files in 00mn 28s ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\Windows\System32\:2E419B83_Cef.gbp O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\config\ O62 - ADS:Alternate Data Stream File - C:\Windows\System32\drivers\:GbpKmAp.lst O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\FxsTmp\ O62 - ADS:Alternate Data Stream File - C:\Windows\System32\hccutils.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\ias\ O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igdkmd32.vp:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igdumd32.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igd_XA.cpa:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igd_XA.vp:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igd_XC.vp:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igd_XO.vp:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxcfg.exe:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxcpl.cpl:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxdo.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\IgfxExtps.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxpph.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrARA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrCHS.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrCHT.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrCSY.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrDAN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrDEU.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrELL.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrENU.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxres.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrESP.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxress.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressARA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressCHS.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressCHT.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressCSY.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressDAN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressDEU.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressELL.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressENU.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressESP.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressFIN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressFRA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressHEB.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressHUN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressITA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressJPN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressKOR.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressNLD.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressNOR.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressPLK.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressPTB.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressPTG.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressRUS.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressSVE.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressTHA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxressTRK.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrFIN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrFRA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrHEB.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrHUN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrITA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrJPN.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrKOR.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrNLD.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrNOR.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrPLK.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrPTB.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrPTG.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrRUS.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrSVE.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrTHA.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxrTRK.lrc:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxsrvc.dll:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\igfxsrvc.exe:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\lpgun.exe:Zone.Identifier O62 - ADS:Alternate Data Stream File - C:\Windows\System32\lpgun.ini:Zone.Identifier O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\Msdtc\ O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\NetworkList\ O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\Tasks\ O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\wdi\ O62 - ADS:Alternate Data Stream File - ing C:\Windows\System32\wfp\ O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\:GbpKmAp.lst O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\igdkmd32.sys:Zone.Identifier ~ Scan ADS in 00mn 10s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- {10174305-FFC7-4F27-8AB5-0E7768CCA5EF} O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF} ~ Scan ADS in 00mn 00s ---\\ List unsigned files (LUF) (O65) (None) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\eu\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\eu\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\eu\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\eu\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.defaultenginename", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.order.1", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.selectedengine", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("keyword.url", "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="); ~ Scan Keys in 00mn 00s ---\\ Search Svchost Services (SSS) (O83) (None) ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [sPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368] [MD5.5C8A6422DEE3F43CF80E34B7470DFF21] [sPRF][08/06/2012] (...) -- C:\Users\User\AppData\Local\Temp\DelUS.bat [335] [MD5.7AB9203C95393D4117D93D0E5C439E84] [sPRF][05/04/2012] (...) -- C:\Users\User\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe [531216] [MD5.F48B281D443051B768A02520A8AFDAD1] [sPRF][15/04/2012] (...) -- C:\Users\User\AppData\Local\Temp\rm9lk8ku.dll [8704] [MD5.697AA6749EFF117D7E213842BFB308BB] [sPRF][27/06/2012] (...) -- C:\Users\User\AppData\Local\Temp\Uninst.bat [612] [MD5.20EC5C059AE258E36903AE22DC82ECAD] [sPRF][19/03/2012] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\User\AppData\Local\Temp\wlsetup-cvr.exe [152474472] [MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][10/10/2011] (...) -- C:\Users\User\AppData\Roaming\wklnhst.dat [0] [MD5.F1E9EDB628ABD3B118FEF4E27C0A8BC4] [sPRF][27/06/2012] (...) -- C:\Users\User\Desktop\adwcleaner.exe [609365] [MD5.4A2EE51A9B91C7AD090B008597C26502] [sPRF][25/06/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\Desktop\ZHPDiag2.exe [4656699] ~ Scan Files in 00mn 03s ---\\ Additionnal Scan (O88) Database Version : 9170 - (25/06/2012) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell =>Hijack.Shell.Gen C:\Users\User\AppData\Roaming\OpenCandy =>Adware.OpenCandy ~ Scan Additionnel in 00mn 39s ---\\ Router Hijack DNS (O89) (None) ---\\ Search Master Boot Record Infection (MBR)(O80) (None) ---\\ Search Master Boot Record Infection (MBRCheck)(O80) (None) End of the scan (1025 lines in 08mn 54s)(0) Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 29, 2012 Bom Dia! Ionara |- Feche programas/pastas que estejam abertos. |- Feche,também,o navegador! |- Para Windows Vista,desabilite a UAC. |- Dê um duplo clique em ZHPFix. |- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas". O4 - HKCU\..\Run: [instant Messenger Cleaner 4] C:\Users\User\Desktop\ecmd.exe (.not file.)O4 - HKUS\S-1-5-21-1853207788-3405432505-2801168943-1000\..\Run: [instant Messenger Cleaner 4] C:\Users\User\Desktop\ecmd.exe (.not file.) O4 - Global Startup: C:\Users\eu\Desktop\WYDLauncher - Atalho.lnk . (...) -- C:\WYD\WYDLauncher.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{190C51D8-1F36-4877-9B84-D41E372B8BBA}] (...) -- C:\Users\User\Desktop\Metin2_Brasil_v11.exe (.not file.) O51 - MPSK:{0d46d8b8-b1b1-11e1-b08a-806e6f6e6963}\AutoRun\command. (...) -- E:\CDCheck.exe (.not file.) O51 - MPSK:{0d46d8b9-b1b1-11e1-b08a-806e6f6e6963}\AutoRun\command. (...) -- F:\CDCheck.exe (.not file.) O43 - CFD: 08/06/2012 - 18:21:37 - [17,631] ----D C:\Users\User\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy) O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.defaultenginename", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.order.1", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("browser.search.selectedengine", "search the web (babylon)"); O69 - SBI: prefs.js [user - s5vkdz39.default] user_pref("keyword.url", "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="); [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell [HKCU\Software\DataMngr_Toolbar] C:\Users\User\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy) proxyfix emptytemp emptyflash firewallraz sysrestore |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C" |- Minimize o Bloco de Notas. |- Clique no menu,"Paste ClipBoard". |- Clique em "GO" -> Oui. |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento. |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Junho 29, 2012 Boa noite, Segue log solicitado, Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012 Fichier d'export Registre : Run by User at 29/06/2012 19:06:41 Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601) Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html Web site : http://nicolascoolman.skyrock.com/ ========== Registry Key ========== DELETED CLSID MPSK: {0d46d8b8-b1b1-11e1-b08a-806e6f6e6963} DELETED CLSID MPSK: {0d46d8b9-b1b1-11e1-b08a-806e6f6e6963} DELETED Key: HKCU\Software\DataMngr_Toolbar ========== Registry Value ========== DELETED RunValue: Instant Messenger Cleaner 4 NOT FOUND RunValue: Instant Messenger Cleaner 4 NOT FOUND [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell ProxyFix : Proxy killed successfully DELETED ProxyServer Value DELETED ProxyEnable Value DELETED EnableHttp1_1 Value DELETED ProxyHttp1.1 Value DELETED ProxyOverride Value No Value in Standard Profile Register Key FirewallRaz : No Value in Domain Profile Register Key FirewallRaz : No Value in Firewall Exception Register Key (FirewallRaz) ========== Browser Profiles ========== DELETED Mozilla Pref: user_pref("browser.search.defaultenginename", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("browser.search.order.1", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("browser.search.selectedengine", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("keyword.url", "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="); ========== Repertory ========== DELETED Folder: C:\Users\User\AppData\Roaming\OpenCandy DELETED Window Temporary: DELETED Flash Cookies: ========== File ========== NOT FOUND File: c:\users\user\desktop\ecmd.exe DELETED File: c:\users\eu\desktop\wydlauncher - atalho.lnk NOT FOUND File: c:\wyd\wydlauncher.exe NOT FOUND Folder/File: c:\users\user\appdata\roaming\opencandy DELETED Window Temporary: DELETED Flash Cookies: ========== Task ========== DELETED Task: {190C51D8-1F36-4877-9B84-D41E372B8BBA} ========== Restoration ========== Restore System Point not created ========== Summary ========== 3 : Registry Key 12 : Registry Value 3 : Repertory 6 : File 4 : Browser Profiles 1 : Task 1 : Restoration End of clean in 00mn 39s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 29/06/2012 19:06:41 [2359] Boa noite, Segue log solicitado, Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012 Fichier d'export Registre : Run by User at 29/06/2012 19:06:41 Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601) Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html Web site : http://nicolascoolman.skyrock.com/ ========== Registry Key ========== DELETED CLSID MPSK: {0d46d8b8-b1b1-11e1-b08a-806e6f6e6963} DELETED CLSID MPSK: {0d46d8b9-b1b1-11e1-b08a-806e6f6e6963} DELETED Key: HKCU\Software\DataMngr_Toolbar ========== Registry Value ========== DELETED RunValue: Instant Messenger Cleaner 4 NOT FOUND RunValue: Instant Messenger Cleaner 4 NOT FOUND [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell ProxyFix : Proxy killed successfully DELETED ProxyServer Value DELETED ProxyEnable Value DELETED EnableHttp1_1 Value DELETED ProxyHttp1.1 Value DELETED ProxyOverride Value No Value in Standard Profile Register Key FirewallRaz : No Value in Domain Profile Register Key FirewallRaz : No Value in Firewall Exception Register Key (FirewallRaz) ========== Browser Profiles ========== DELETED Mozilla Pref: user_pref("browser.search.defaultenginename", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("browser.search.order.1", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("browser.search.selectedengine", "search the web (babylon)"); DELETED Mozilla Pref: user_pref("keyword.url", "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="); ========== Repertory ========== DELETED Folder: C:\Users\User\AppData\Roaming\OpenCandy DELETED Window Temporary: DELETED Flash Cookies: ========== File ========== NOT FOUND File: c:\users\user\desktop\ecmd.exe DELETED File: c:\users\eu\desktop\wydlauncher - atalho.lnk NOT FOUND File: c:\wyd\wydlauncher.exe NOT FOUND Folder/File: c:\users\user\appdata\roaming\opencandy DELETED Window Temporary: DELETED Flash Cookies: ========== Task ========== DELETED Task: {190C51D8-1F36-4877-9B84-D41E372B8BBA} ========== Restoration ========== Restore System Point not created ========== Summary ========== 3 : Registry Key 12 : Registry Value 3 : Repertory 6 : File 4 : Browser Profiles 1 : Task 1 : Restoration End of clean in 00mn 39s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 29/06/2012 19:06:41 [2359] Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 29, 2012 Boa Noite! Ionara |- Baixe: |DelFix| ( ... de Xplode ) |- Estando na página,clique na seta verde para o download. ( Seta verde! ) |- Salve-a em um local conveniente! ( desktop! ) |- Feche aplicativos que estejam abertos. |- Clique em "Suppression". |- Poste o relatório! ( C:\DelFixSuppr.txt ) -/- |- Baixe: < > ( ... by OldTimer Tools ) |- Clique em Salvar! < > |- Salve-o no desktop! |- Duplo clique em OTL.exe --> Executar: >> |- Configure "Verificação de Arquivos",segundo a screenshot! |- Ps: Faça o mesmo para estes! |- Assinale,também,a inclusão da verificação para 64bits. |- Em "Exame Extra do Registro",assinale "Nenhum". netsvcs%APPDATA%\Local\*. %APPDATA%\*.exe /s %APPDATA%\*. %USERPROFILE%\AppData\Local\*.* %USERPROFILE%\AppData\Roaming\*.* %systemroot%\assembly\tmp\*.* /S /MD5 %systemroot%\assembly\temp\*.* /S /MD5 %systemroot%\assembly\GAC\*.* /S /MD5 %systemroot%\assembly\GAC_32\*.* /S /MD5 %systemroot%\assembly\GAC_64\*.* /S /MD5 %SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5 %systemroot%\system32\config\systemprofile\AppData\Local\*.* %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /md5start explorer.exe userinit.exe winlogon.exe wininit.exe csrss.exe smss.exe svchost.exe services.exe uninst.exe /md5stop %systemroot%\system32\tasks\*.* /s /64 %windir%\tasks\*.* /s CREATERESTOREPOINT |- Cole estas informações,que estão em verde,para o campo "Exames Personalizados/Correções". |- Clique em Verificar: |- Concluindo,poste o relatório: OTL.txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Julho 2, 2012 Boa noite, seguem logs solicitados, até mais # DelFix v8.8 - Rapport créé le 01/07/2012 à 22:26:55 # Mis à jour le 12/02/12 par Xplode # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits) # Nom d'utilisateur : User - USER-PC (Administrateur) # Exécuté depuis : C:\Users\User\Desktop\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Supprimé : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\Users\User\Desktop\adwcleaner.exe Supprimé : C:\Users\User\Desktop\AdwCleaner[s1].txt Supprimé : C:\Users\User\Desktop\Ensino_Medio_e_Tecnico_LA_SALLE_2009.zip Supprimé : C:\Users\User\Desktop\OTL.exe Supprimé : C:\Users\User\Desktop\ZHPDiag.txt Supprimé : C:\Users\User\Desktop\ZHPDiag2.exe Supprimé : C:\Users\User\Desktop\ZHPFixReport.txt Supprimé : C:\Users\User\Downloads\HijackThis.exe Supprimé : C:\Users\User\Downloads\hijackthis.log Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[s1].txt - [1357 octets] - [01/07/2012 22:26:55] ########## EOF - C:\DelFix[s1].txt - [1481 octets] ########## --- OTL logfile created on: 01/07/2012 22:41:12 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\User\Desktop Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 1,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,32% Memory free 3,98 Gb Paging File | 2,90 Gb Available in Paging File | 72,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100,00 Gb Total Space | 66,28 Gb Free Space | 66,28% Space Free | Partition Type: NTFS Drive D: | 122,87 Gb Total Space | 116,07 Gb Free Space | 94,47% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/01 09:45:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe PRC - [2012/06/24 14:58:20 | 000,019,800 | ---- | M] (Smartbar) -- C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/03/06 21:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/02/12 16:41:09 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe PRC - [2012/01/11 14:02:56 | 000,194,904 | ---- | M] ( ) -- C:\Program Files\GbPlugin\gbpsv.exe PRC - [2010/11/20 09:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 09:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/11/16 13:37:41 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009/10/26 19:30:00 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe PRC - [2009/10/17 02:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009/10/16 22:31:06 | 000,284,160 | ---- | M] (ASUSTek) -- C:\Program Files\ASUS\LivCam\LivCam.exe PRC - [2009/09/25 19:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe PRC - [2009/09/25 16:04:10 | 000,115,888 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\SystemSetting\WallPaperAgent.exe PRC - [2009/09/14 22:05:56 | 000,044,312 | ---- | M] () -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe PRC - [2009/09/11 16:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009/08/27 20:38:28 | 000,803,304 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe PRC - [2009/08/25 04:47:10 | 000,947,472 | ---- | M] (ECAREME) -- C:\Program Files\ASUS\Asus WebStorage\BackupService.exe PRC - [2009/08/18 22:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2009/07/20 06:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe PRC - [2009/06/05 00:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/05 00:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe ========== Modules (No Company Name) ========== MOD - [2012/06/24 14:59:12 | 000,016,216 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll MOD - [2012/06/24 14:59:08 | 000,024,920 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2012/06/24 14:59:06 | 000,019,288 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll MOD - [2012/06/24 14:59:02 | 000,013,144 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2012/06/24 14:58:58 | 000,067,928 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2012/06/24 14:58:56 | 000,331,608 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.FilesManager.dll MOD - [2012/06/24 14:58:56 | 000,034,648 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2012/06/24 14:58:52 | 000,015,704 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2012/06/24 14:58:50 | 000,078,680 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2012/06/24 14:58:40 | 000,018,264 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2012/06/24 14:58:38 | 000,054,616 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll MOD - [2012/06/24 14:58:30 | 000,028,504 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2012/06/24 14:58:30 | 000,011,608 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2012/06/24 14:58:28 | 000,012,120 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2012/06/24 14:58:26 | 000,013,144 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2012/06/24 14:58:24 | 001,288,536 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2012/06/24 14:58:22 | 000,542,040 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2012/06/24 14:58:22 | 000,080,728 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2012/06/24 14:57:22 | 000,021,336 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\pt\Smartbar.GUI.MainClient.resources.dll MOD - [2012/06/24 14:57:16 | 000,046,936 | ---- | M] () -- C:\Users\User\AppData\Local\Smartbar\Application\MACTrackBarLib.dll MOD - [2012/06/14 13:51:48 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll MOD - [2012/06/14 12:51:22 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll MOD - [2012/06/14 12:42:37 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/14 12:39:52 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/06/07 10:26:29 | 000,910,648 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll MOD - [2012/06/07 10:26:16 | 000,124,728 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll MOD - [2012/06/07 10:26:11 | 000,145,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll MOD - [2012/05/11 08:13:07 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll MOD - [2012/05/11 08:08:43 | 000,220,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll MOD - [2012/05/11 07:43:08 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/11 07:42:50 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll MOD - [2012/05/11 07:42:34 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll MOD - [2012/05/11 07:42:11 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll MOD - [2012/05/11 07:25:53 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/11 07:23:41 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/11 07:23:13 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/11 07:21:15 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/02/12 16:40:59 | 000,839,680 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll MOD - [2011/09/16 11:47:29 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll MOD - [2011/09/16 11:29:18 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll MOD - [2011/09/16 11:29:16 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/04 22:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/11/04 22:57:39 | 000,069,120 | ---- | M] () -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MOD - [2010/09/02 08:08:00 | 000,118,784 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\3.0.108.222\AsusWSShellExt.dll MOD - [2009/11/25 14:58:29 | 000,029,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll MOD - [2009/09/25 19:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe MOD - [2009/09/15 19:30:42 | 000,376,832 | ---- | M] () -- C:\Program Files\ASUS\LivCam\SMIUtility.dll MOD - [2009/08/25 04:47:24 | 000,140,560 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll MOD - [2009/08/25 04:47:22 | 000,095,504 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\BSWorker.dll MOD - [2009/08/25 04:47:22 | 000,083,216 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\BSBroker.dll MOD - [2009/06/10 18:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ========== Win32 Services (SafeList) ========== SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/03/06 21:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/03/06 21:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2012/01/11 14:02:56 | 000,194,904 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\GbPlugin\gbpsv.exe -- (GbpSv) SRV - [2009/09/14 22:05:56 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/08/18 22:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009/07/13 22:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/06/05 00:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- C:\windows\system32\XDva398.sys -- (XDva398) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva394.sys -- (XDva394) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva392.sys -- (XDva392) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbvoice.sys -- (ONDAusbvoice) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbser6k.sys -- (ONDAusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbnmea.sys -- (ONDAusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbmdm6k.sys -- (ONDAusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio) DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/03/06 21:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/03/06 21:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/03/06 21:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2012/03/06 21:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2012/03/06 21:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/03/06 21:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012/03/06 21:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012/01/11 14:04:00 | 000,042,584 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gbpkm.sys -- (GbpKm) DRV - [2010/11/20 07:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2009/10/05 14:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/07/27 04:06:46 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) DRV - [2009/07/20 06:29:00 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009/07/05 23:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2009/07/01 01:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [1999/03/06 09:38:28 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASUSHWIO.SYS -- (asushwio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.com.br/ IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/ IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "search the web (babylon)"*/ FF - prefs.js..browser.search.order.1: "search the web (babylon)"*/ FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.selectedengine: "search the web (babylon)"*/ FF - prefs.js..browser.startup.homepage: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=hp&babsrc=lnkry" FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q=" FF - prefs.js..keyword.url: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="*/ FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/16 16:05:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/25 09:46:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/25 09:47:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2012/06/28 20:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\s5vkdz39.default\extensions [2012/06/28 20:12:53 | 000,000,000 | ---D | M] ("Linkury Smartbar") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\s5vkdz39.default\extensions\helperbar@helperbar.com [2012/06/28 20:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\s5vkdz39.default\extensions\staged [2012/06/25 19:38:11 | 000,002,474 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s5vkdz39.default\searchplugins\Web Search.xml [2012/03/18 21:34:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/03/07 15:48:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2011/12/21 05:04:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/21 02:07:30 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml [2011/12/21 02:07:30 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml [2011/12/21 01:46:39 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2011/12/21 02:07:30 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml [2011/12/21 02:07:30 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2012/06/20 20:50:33 | 000,000,822 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O2 - BHO: (ASUS Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\ASUS\SystemSetting\StarterHelper.dll (ASUSTeK Computer Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKLM..\Run: [EeeStorageBackup] C:\Program Files\ASUS\Asus WebStorage\BackupService.exe (ECAREME) O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LivCam] C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [superHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" File not found O4 - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000..\Run: [browser Infrastructure Helper] C:\Users\User\AppData\Local\Smartbar\Application\Linkury.exe (Smartbar) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D6142B4-80AF-45D5-A97E-ADC573B80731}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88E0D252-76DA-4E3D-BB9A-4A9228CC67E3}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000 Winlogon: Shell - (C:\Program Files\asus\SystemSetting\WallPaperAgent.exe) - C:\Program Files\ASUS\SystemSetting\WallPaperAgent.exe (ASUSTeK Computer Inc.) O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files\GbPlugin\gbiehCef.dll) - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\Shell - "" = AutoRun O33 - MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell - "" = AutoRun O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\directx\command - "" = G:\DirectX9\dxsetup.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\setup\command - "" = G:\instalar.exe O33 - MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\Shell - "" = AutoRun O33 - MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/07/01 22:33:53 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2012/06/21 12:10:20 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2012/06/21 12:10:19 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2012/06/21 12:09:50 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2012/06/21 12:09:50 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2012/06/21 12:09:49 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2012/06/21 12:09:30 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2012/06/21 12:09:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe [2012/06/20 21:12:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Caphyon [2012/06/20 21:12:15 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\default [2012/06/20 21:09:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Codemonster Ltd [2012/06/20 20:42:19 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva [2012/06/13 09:07:33 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2012/06/13 09:07:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2012/06/13 09:07:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2012/06/13 09:07:17 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2012/06/13 09:07:16 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2012/06/13 08:42:45 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2012/06/13 08:42:30 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll [2012/06/13 08:42:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll [2012/06/13 08:42:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe [2012/06/12 21:16:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012/06/12 21:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2012/06/11 17:50:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnGame [2012/06/11 17:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnGame [2012/06/09 07:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2012/06/08 19:19:31 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\My Games [2012/06/08 19:13:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012/06/08 19:11:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_26.dll [2012/06/08 19:11:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_25.dll [2012/06/08 14:29:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite [2012/06/08 14:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012/06/07 12:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012/06/07 10:25:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Smartbar [2012/06/07 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ProgSense [2012/06/07 10:22:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GrabPro [2012/06/07 10:22:15 | 000,000,000 | ---D | C] -- C:\downloads [2012/06/07 10:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit [2012/06/07 10:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader [2012/06/07 10:20:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Orbit [2012/06/04 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\vigilancia ========== Files - Modified Within 30 Days ========== [2012/07/01 22:35:00 | 000,001,066 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001UA.job [2012/07/01 22:25:12 | 000,386,559 | ---- | M] () -- C:\Users\User\Desktop\delfix.exe [2012/07/01 22:20:00 | 000,001,052 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/01 21:31:38 | 000,684,000 | ---- | M] () -- C:\windows\System32\perfh00A.dat [2012/07/01 21:31:38 | 000,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/07/01 21:31:38 | 000,133,704 | ---- | M] () -- C:\windows\System32\perfc00A.dat [2012/07/01 21:31:38 | 000,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/07/01 21:27:38 | 000,001,048 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/01 15:35:07 | 000,001,014 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001Core.job [2012/07/01 14:07:36 | 000,016,160 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/01 14:07:36 | 000,016,160 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/01 13:59:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/07/01 13:59:02 | 1602,691,072 | -HS- | M] () -- C:\hiberfil.sys [2012/07/01 09:45:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2012/06/27 20:57:54 | 000,092,480 | ---- | M] () -- C:\Users\User\Documents\ZHPDiag2 [2012/06/21 15:06:34 | 000,002,853 | ---- | M] () -- C:\Users\User\Desktop\command.PIF [2012/06/14 12:31:56 | 000,417,080 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012/06/13 10:29:59 | 000,001,543 | ---- | M] () -- C:\Users\User\Desktop\WYD.lnk [2012/06/12 21:16:56 | 000,001,186 | ---- | M] () -- C:\Users\User\Desktop\Revo Uninstaller.lnk [2012/06/10 12:44:16 | 000,685,725 | ---- | M] () -- C:\Users\User\Desktop\112-415-2-PB.pdf [2012/06/10 12:42:46 | 000,322,790 | ---- | M] () -- C:\Users\User\Desktop\00007712.pdf [2012/06/10 12:41:13 | 000,064,319 | ---- | M] () -- C:\Users\User\Desktop\itu.pdf [2012/06/09 11:00:07 | 000,295,228 | ---- | M] () -- C:\Users\User\Desktop\edital_concurso_pmp_001_2012___anexo_01.pdf [2012/06/07 10:22:05 | 000,000,973 | ---- | M] () -- C:\Users\User\Desktop\Orbit.lnk [2012/06/03 17:38:32 | 004,740,510 | ---- | M] () -- C:\Users\User\Desktop\Farmacocin%E9tica.pdf [2012/06/02 19:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2012/06/02 19:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2012/06/02 19:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2012/06/02 19:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2012/06/02 19:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe ========== Files Created - No Company Name ========== [2012/07/01 22:24:54 | 000,386,559 | ---- | C] () -- C:\Users\User\Desktop\delfix.exe [2012/06/27 20:57:53 | 000,092,480 | ---- | C] () -- C:\Users\User\Documents\ZHPDiag2 [2012/06/21 15:06:34 | 000,002,853 | ---- | C] () -- C:\Users\User\Desktop\command.PIF [2012/06/13 10:29:59 | 000,001,543 | ---- | C] () -- C:\Users\User\Desktop\WYD.lnk [2012/06/12 21:16:56 | 000,001,186 | ---- | C] () -- C:\Users\User\Desktop\Revo Uninstaller.lnk [2012/06/10 12:44:16 | 000,685,725 | ---- | C] () -- C:\Users\User\Desktop\112-415-2-PB.pdf [2012/06/10 12:42:45 | 000,322,790 | ---- | C] () -- C:\Users\User\Desktop\00007712.pdf [2012/06/10 12:41:12 | 000,064,319 | ---- | C] () -- C:\Users\User\Desktop\itu.pdf [2012/06/09 11:00:07 | 000,295,228 | ---- | C] () -- C:\Users\User\Desktop\edital_concurso_pmp_001_2012___anexo_01.pdf [2012/06/07 10:22:05 | 000,000,973 | ---- | C] () -- C:\Users\User\Desktop\Orbit.lnk [2012/06/03 17:38:28 | 004,740,510 | ---- | C] () -- C:\Users\User\Desktop\Farmacocin%E9tica.pdf [2012/04/28 14:37:48 | 000,002,459 | ---- | C] () -- C:\Users\User\AppData\Roaming\UserTile.png [2012/03/07 15:51:38 | 000,000,176 | ---- | C] () -- C:\windows\REC-NET.INI [2012/02/14 21:18:49 | 000,020,480 | ---- | C] () -- C:\Users\User\AppData\Roaming\client.db [2011/10/10 20:59:29 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Roaming\wklnhst.dat [2011/09/20 00:15:26 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2011/09/16 11:32:24 | 000,013,020 | ---- | C] () -- C:\windows\System32\lpgun.ini [2009/11/16 13:29:40 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== LOP Check ========== [2009/11/25 14:58:43 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Asus WebStorage [2009/11/25 14:58:43 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Asus WebStorage [2012/06/03 16:15:11 | 000,000,000 | -HSD | M] -- C:\Users\eu\AppData\Roaming\.# [2012/02/14 19:07:19 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\Asus WebStorage [2012/02/13 11:24:56 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\BS_Temp [2012/06/03 16:11:45 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\GameConsole [2012/06/11 17:51:04 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\Orbit [2012/06/11 16:31:46 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\ProgSense [2012/02/13 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\eu\AppData\Roaming\Update [2012/02/22 08:38:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Asus WebStorage [2012/02/14 21:18:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BS_Temp [2012/06/20 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Codemonster Ltd [2012/06/08 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite [2012/06/07 10:22:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GrabPro [2012/07/01 22:35:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Orbit [2012/06/07 10:22:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProgSense [2012/02/14 21:19:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Update [2012/05/29 11:57:12 | 000,032,608 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %APPDATA%\Local\*. > < %APPDATA%\*.exe /s > [2012/06/20 21:12:20 | 000,010,806 | R--- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Installer\{C999B17A-11CC-4156-950F-CE93B71DC5C6}\imcleaner.exe < %APPDATA%\*. > [2011/10/30 18:28:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Adobe [2012/02/22 08:38:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Asus WebStorage [2012/02/14 21:18:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BS_Temp [2012/06/20 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Codemonster Ltd [2012/06/08 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite [2012/06/07 10:22:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GrabPro [2009/07/14 01:54:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Identities [2009/11/16 13:03:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\InstallShield [2009/11/16 13:14:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Macromedia [2012/03/19 19:47:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Malwarebytes [2012/06/07 10:26:41 | 000,000,000 | --SD | M] -- C:\Users\User\AppData\Roaming\Microsoft [2011/12/25 09:47:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mozilla [2012/07/01 22:35:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Orbit [2012/06/07 10:22:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProgSense [2011/09/16 11:34:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Skype [2012/02/14 21:19:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Update < %USERPROFILE%\AppData\Local\*.* > [2011/12/22 19:03:42 | 000,110,816 | ---- | M] () -- C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT [2012/06/29 19:45:50 | 001,913,788 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db < %USERPROFILE%\AppData\Roaming\*.* > [2010/04/22 03:52:40 | 000,020,480 | ---- | M] () -- C:\Users\User\AppData\Roaming\client.db [2012/04/28 14:37:48 | 000,002,459 | ---- | M] () -- C:\Users\User\AppData\Roaming\UserTile.png [2011/10/10 20:59:29 | 000,000,000 | ---- | M] () -- C:\Users\User\AppData\Roaming\wklnhst.dat < %systemroot%\assembly\tmp\*.* /S /MD5 > < %systemroot%\assembly\temp\*.* /S /MD5 > < %systemroot%\assembly\GAC\*.* /S /MD5 > [2011/09/16 11:47:30 | 000,110,592 | ---- | M] () MD5=7ECB661F50F34A941A44DAC7241F7D08 -- C:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll [2011/09/16 11:53:05 | 000,000,196 | ---- | M] () MD5=44300D5320DA9FE1A79F85D3CC8369AB -- C:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/09/16 11:47:28 | 000,065,536 | ---- | M] () MD5=BA073EDDE13179DA2DEFF264C2A272AB -- C:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL [2011/09/16 11:53:03 | 000,000,195 | ---- | M] () MD5=19B3B194049ED86FA5D9F6EB31556E80 -- C:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini [2011/09/16 11:47:32 | 000,004,608 | ---- | M] () MD5=74C8987F1B2549E1DF3EB3874B68ECAC -- C:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll [2011/09/16 11:53:03 | 000,000,204 | ---- | M] () MD5=B020031BAAF51236A37136B9198E0ECC -- C:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/09/16 11:47:27 | 001,215,328 | ---- | M] () MD5=11CD947E77F4B91E61EFDCF7DD1A8766 -- C:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll [2011/09/16 11:53:07 | 000,000,197 | ---- | M] () MD5=518608D6F97FAB45E5D610E3793EF228 -- C:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini [2011/09/16 11:47:27 | 000,082,784 | ---- | M] () MD5=523E4CC118AD2751A6A6C0EA3CC08F70 -- C:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll [2011/09/16 11:53:07 | 000,000,199 | ---- | M] () MD5=3689B8AC7230590BB996DD400FA24139 -- C:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini [2011/09/16 11:47:23 | 000,031,560 | ---- | M] () MD5=038334CD1EFE7B2CB5684B09AF39F666 -- C:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL [2011/09/16 11:53:06 | 000,000,197 | ---- | M] () MD5=D4A0EA981874B9885745A2F6E62C273A -- C:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/06/08 19:11:28 | 000,053,248 | ---- | M] () MD5=75933586AFD94EA24C5ACD3DBC89A272 -- C:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll [2012/06/08 19:11:28 | 000,000,325 | ---- | M] () MD5=A583DC98C5B600A715BCA3EC499DD483 -- C:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:28 | 000,012,800 | ---- | M] () MD5=C0843F0F45EDEEF233B1E581AE75E3BB -- C:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll [2012/06/08 19:11:28 | 000,000,311 | ---- | M] () MD5=498FFBC21F8F621A4E118BBA08F44508 -- C:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:29 | 000,473,600 | ---- | M] () MD5=7AD4D9FABD109432EED91B359CEAE430 -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll [2012/06/08 19:11:29 | 000,000,305 | ---- | M] () MD5=4887F7E2DFB343134A86EEAF8431331F -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:22 | 000,567,296 | ---- | M] () MD5=FB3BC0754921873A65F5FBDCA845E6EE -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll [2012/06/08 19:11:22 | 000,000,307 | ---- | M] () MD5=2C7FF55A8DF17A920DAE29FD4A941CBA -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:30 | 000,576,000 | ---- | M] () MD5=AFCF5F50C632F3A5598ABC28F196D77C -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll [2012/06/08 19:11:30 | 000,000,307 | ---- | M] () MD5=CCCDE4A6070CC1DB40A02887E0E32A90 -- C:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:30 | 000,145,920 | ---- | M] () MD5=D9824A9DD107E598575112B4FF897292 -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll [2012/06/08 19:11:30 | 000,000,309 | ---- | M] () MD5=4087775004449B7711B25658C8B79850 -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:31 | 000,159,232 | ---- | M] () MD5=CEBD995DDEAB2C525A5C4E95789BC961 -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll [2012/06/08 19:11:31 | 000,000,311 | ---- | M] () MD5=94907B39E55C6EEDCAF03B9BD2572E7A -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:32 | 000,364,544 | ---- | M] () MD5=46F26E2BAFD44960E7F13B2EF80AA0BC -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll [2012/06/08 19:11:32 | 000,000,309 | ---- | M] () MD5=7794CD13899B1BC497A8EA63B0F60488 -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:32 | 000,178,176 | ---- | M] () MD5=D035348EC8968861AF585B7132FE4C7B -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll [2012/06/08 19:11:32 | 000,000,311 | ---- | M] () MD5=3B112326670BE85495829B92E889247C -- C:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2012/06/08 19:11:27 | 000,223,232 | ---- | M] () MD5=0C453970E89DB1C1EB9DE087E6EAB5BA -- C:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll [2012/06/08 19:11:27 | 000,000,287 | ---- | M] () MD5=109E9A55556692EE021E10BFE72690A2 -- C:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini [2009/07/14 01:42:34 | 000,356,352 | ---- | M] () MD5=DD2EB5E64619613C4C108CFB192F4950 -- C:\windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll [2009/07/14 01:42:34 | 000,000,325 | ---- | M] () MD5=3A74C27634435F509DC024FEEBE670E5 -- C:\windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini [2009/07/14 01:42:34 | 000,516,096 | ---- | M] () MD5=A02EE61542CAAE25F8A44C9428D30247 -- C:\windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll [2009/07/14 01:42:34 | 000,000,328 | ---- | M] () MD5=FAF707724A740277714E33A65F4995BF -- C:\windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini [2011/09/16 11:47:29 | 008,007,680 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll [2011/09/16 11:53:05 | 000,000,207 | ---- | M] () MD5=1FF29DC2A2197D5984E5D418C904D3DF -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/09/16 11:47:23 | 000,016,712 | ---- | M] () MD5=8CB3CF3CDD7E41FAE6D0CBF94F00DEF5 -- C:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll [2011/09/16 11:53:06 | 000,000,225 | ---- | M] () MD5=0C4DC2E9F3A0B42477BA5BFCA042ACF7 -- C:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:45:19 | 000,080,696 | ---- | M] () MD5=54582B7054EAD1EFBF9F0A8218B61C4B -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll [2011/09/16 11:53:05 | 000,000,224 | ---- | M] () MD5=553A1D17C8B2C73D599EC156ACA6CB7D -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:46:29 | 001,612,592 | ---- | M] () MD5=F653D1F20A2EC194EAEC6E59435C5C7B -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll [2011/09/16 11:53:03 | 000,000,220 | ---- | M] () MD5=BD77A7B56575BAF85941BF1AB5589890 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:05:18 | 001,279,864 | ---- | M] () MD5=A30331358FA33B3C7FDB972D802F57C4 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll [2012/03/18 07:10:02 | 000,000,219 | ---- | M] () MD5=1F7EE91CD8AE8A1CBF71624227DB3D63 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:04:31 | 000,149,368 | ---- | M] () MD5=3AF754C16AF954DB7367FB39C3739387 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll [2012/03/18 07:10:02 | 000,000,219 | ---- | M] () MD5=2E0B0F90BA89FA1EDCC289688BF58A7B -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:23 | 000,404,296 | ---- | M] () MD5=604DE0F15138665E4108B986F0FDD94B -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll [2011/09/16 11:53:06 | 000,000,232 | ---- | M] () MD5=0AFFE8E498124664ADDFAB6632A93927 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:46:30 | 000,088,896 | ---- | M] () MD5=B1CD282FBEF31E321F48E103E2840DD0 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll [2011/09/16 11:53:06 | 000,000,226 | ---- | M] () MD5=0A56011D14E56BA6037C48FAE6064F2B -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:46:30 | 000,146,232 | ---- | M] () MD5=9A0E901BACEF14628977517AA002C765 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll [2011/09/16 11:53:06 | 000,000,222 | ---- | M] () MD5=CCC7961EC6B4CEF20C4A41E1BFF5CF78 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:12 | 000,017,208 | ---- | M] () MD5=5B8B3F76720166BF777A6AD38D12010F -- C:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll [2011/09/16 11:53:07 | 000,000,221 | ---- | M] () MD5=7C1C66BFBB15C0B3C1B9AFEEE2986CF8 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:46:29 | 000,920,376 | ---- | M] () MD5=5CBE57423C5CAFAA11B50E5C25DAE19D -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll [2011/09/16 11:53:08 | 000,000,221 | ---- | M] () MD5=6B6872FAF93931EA6EB4F2E1E30A37D4 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:05:23 | 000,034,696 | ---- | M] () MD5=7E181C30E192223908BBF509AB827B41 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll [2012/03/18 07:10:03 | 000,000,228 | ---- | M] () MD5=2C6E214F297382A5343D10D8D8ED62C6 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/23 06:41:42 | 000,350,080 | ---- | M] () MD5=5C62BA3A0FEE2D763BB79F858204D09D -- C:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll [2011/12/23 06:41:55 | 000,000,224 | ---- | M] () MD5=EF446200B015C1662F07955E95322DCE -- C:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:46:30 | 000,232,248 | ---- | M] () MD5=0944C6C65C258A4BE89605D666DE5880 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll [2011/09/16 11:53:08 | 000,000,223 | ---- | M] () MD5=89274E3F135691355EBD73770EAFF34D -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:10:52 | 000,019,320 | ---- | M] () MD5=3CC99DCCB5B9F51483AF7532A6D65F92 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll [2011/12/22 06:15:32 | 000,000,222 | ---- | M] () MD5=3C3CC20ADA56EB38EAF363E7A6BEEE93 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:05:27 | 000,870,256 | ---- | M] () MD5=54719FDC6A752DC78B364A3980DBC2E9 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll [2012/03/18 07:10:03 | 000,000,218 | ---- | M] () MD5=2A6411671028D5A543646989CB01DBD8 -- C:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:29 | 000,013,312 | ---- | M] () MD5=D80746B2F94A3A28E380735D4B8A9EA3 -- C:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll [2011/09/16 11:53:04 | 000,000,210 | ---- | M] () MD5=A57C6028DAE8D855FFC2BBC2D6E57246 -- C:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/09/16 11:46:29 | 000,371,496 | ---- | M] () MD5=BA4FB255E3887A039CB74A5870192220 -- C:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll [2011/09/16 11:53:08 | 000,000,216 | ---- | M] () MD5=E9A3D4644D3B7C20C5EE60970BC5681C -- C:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:04:40 | 000,063,336 | ---- | M] () MD5=B60C87E3CD3ACFA71DAD8145C66D6E9C -- C:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll [2012/03/18 07:10:01 | 000,000,210 | ---- | M] () MD5=F4663120ABF3E8FF67D7AAF33BD68EDF -- C:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/06/07 10:26:16 | 000,124,728 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll [2012/06/07 10:26:43 | 000,000,226 | ---- | M] () MD5=F799028603575C956B7DBA55F11053F2 -- C:\windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/09/16 11:47:29 | 000,229,376 | ---- | M] () MD5=FDA48714F6A291E25A1A219E89D59D9B -- C:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL [2011/09/16 11:53:08 | 000,000,200 | ---- | M] () MD5=481E504FBEA25FBF5408DB65F44FA5FA -- C:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini [2011/09/16 11:47:30 | 000,004,096 | ---- | M] () MD5=AAA2E20588E154A10747BF1B31B55125 -- C:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll [2011/09/16 11:53:05 | 000,000,200 | ---- | M] () MD5=C1F5FADD74964959FC4394832BBC3E59 -- C:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini [2011/12/22 06:10:53 | 000,423,784 | ---- | M] () MD5=DF7CBCD2DB89880A8A92EA134611B038 -- C:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL [2011/12/22 06:15:28 | 000,000,195 | ---- | M] () MD5=7C4A765B5AC30DBD8B53CD071B73840C -- C:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:45:16 | 000,000,900 | ---- | M] () MD5=3D144BF3BA28D9E2BEDBA405FA672780 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.config [2011/09/16 11:45:16 | 000,012,104 | ---- | M] () MD5=3BBBF705C91C7F399A073D96A4AE304A -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll [2011/09/16 11:53:02 | 000,000,232 | ---- | M] () MD5=F14297FB0C6A046E4FB77263CBE167AF -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:11:54 | 000,000,898 | ---- | M] () MD5=DCC5E6E13187570656FB60EBB51751A8 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.config [2011/12/22 06:11:54 | 000,011,144 | ---- | M] () MD5=AA14986D717AF25CF6362C69BFA13359 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll [2011/12/22 06:15:33 | 000,000,231 | ---- | M] () MD5=4B9F522E4B403A5B090681600D9070C2 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:10:48 | 000,000,898 | ---- | M] () MD5=CC9313747F69E39B66D6B7EFE22FD328 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.config [2011/12/22 06:10:48 | 000,011,128 | ---- | M] () MD5=CE0EDD4D644A7C624FA79E1B14B00323 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll [2011/12/22 06:15:32 | 000,000,231 | ---- | M] () MD5=69CD87BB9C6DA0537CE63A53E7092F32 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:24 | 000,000,912 | ---- | M] () MD5=8A8FAFB921AFF270260924C1D31CE163 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.config [2011/09/16 11:47:24 | 000,012,616 | ---- | M] () MD5=EC7F771DBC984954E076D03F055E0DBF -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll [2011/09/16 11:53:07 | 000,000,238 | ---- | M] () MD5=8352AC255CC3F25FDF9AF1FECC8BD6F3 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:23 | 000,000,904 | ---- | M] () MD5=577D9B55DE8E70B51042ED8124D55C18 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.config [2011/09/16 11:47:23 | 000,012,616 | ---- | M] () MD5=5B97D1FFA46C9CF752FA8164AB171C56 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll [2011/09/16 11:53:07 | 000,000,234 | ---- | M] () MD5=8F1C69873B1ADCE21B3005A52A6921BA -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:14 | 000,000,902 | ---- | M] () MD5=E2724C2DF4C312D34E4A7BCABBDD5AB6 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.config [2011/09/16 11:47:14 | 000,012,104 | ---- | M] () MD5=2EE2F1AD6A3B6317D045D2C31F6FEF65 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll [2011/09/16 11:53:08 | 000,000,233 | ---- | M] () MD5=A1C0A9578F9D8E0FCA9A4440070F31B0 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:12 | 000,000,916 | ---- | M] () MD5=DA6AC9B205A7A7FF0AB028049FD3AEA1 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.config [2011/09/16 11:47:12 | 000,012,632 | ---- | M] () MD5=DB1CC715650EC69FA2B20042B2DC6B5B -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll [2011/09/16 11:53:08 | 000,000,240 | ---- | M] () MD5=47440CFB37970DEFA6E164D85EE5491B -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:12:57 | 000,000,908 | ---- | M] () MD5=49E684EE5FF535D8FF08056769A9F9E6 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.config [2011/12/22 06:12:57 | 000,011,152 | ---- | M] () MD5=445F0A07EAE252BE0464273767B22453 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll [2011/12/22 06:15:34 | 000,000,236 | ---- | M] () MD5=CC90EB2A26912AB4C5102CDEF753E91F -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:18 | 000,000,906 | ---- | M] () MD5=1B1C62C31CB95E0E1D20FF7F4EE99A34 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.config [2011/09/16 11:47:18 | 000,012,104 | ---- | M] () MD5=554DA52E16EAB6C18D003C0157BE0DD3 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll [2011/09/16 11:53:08 | 000,000,235 | ---- | M] () MD5=B3B78A70350941D7D6992D5142275669 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:10:52 | 000,000,904 | ---- | M] () MD5=AC1B446DC4969CE1D3F605D9CE098DDB -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.config [2011/12/22 06:10:52 | 000,011,136 | ---- | M] () MD5=C2F8D5E1D25BCAE6516E88AA0342FB6E -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll [2011/12/22 06:15:32 | 000,000,234 | ---- | M] () MD5=79D81B7149BDC2CD7CB5B48D05D75F37 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2012/03/18 07:05:24 | 000,000,896 | ---- | M] () MD5=33324BF6E22A322816FD4C1C58BB032C -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.config [2012/03/18 07:05:24 | 000,011,144 | ---- | M] () MD5=2CE989B779144889EA1F30A046DF13CB -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll [2012/03/18 07:10:04 | 000,000,230 | ---- | M] () MD5=314847472C40A8C3574130C873856447 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:10:56 | 000,000,880 | ---- | M] () MD5=AEEFC22DA8D1EBBA43AC2E8B0599DFE3 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.config [2011/12/22 06:10:56 | 000,011,112 | ---- | M] () MD5=FFD49049DE84727DE54922181E0AFBA5 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll [2011/12/22 06:15:30 | 000,000,222 | ---- | M] () MD5=122F7F6C517CFA276B874A7F20A796B4 -- C:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/12/22 06:10:53 | 000,000,850 | ---- | M] () MD5=5717939AB3C1CFFDF93DDC9A14856755 -- C:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.office.config [2011/12/22 06:10:54 | 000,010,576 | ---- | M] () MD5=B6C7C64CB13A418DF859A018EC93727B -- C:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll [2011/12/22 06:15:30 | 000,000,207 | ---- | M] () MD5=E7E59ABBFF65ED4C142D4006A6197E0E -- C:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini [2011/09/16 11:47:29 | 000,016,384 | ---- | M] () MD5=E1EEB7E26AB04075EECC7275239B20B3 -- C:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll [2011/09/16 11:53:03 | 000,000,197 | ---- | M] () MD5=FC75E46DA5B9F9263B958C7B027ACBFC -- C:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini < %systemroot%\assembly\GAC_32\*.* /S /MD5 > [2010/11/04 22:57:39 | 000,069,120 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [2010/11/04 22:57:43 | 000,072,192 | ---- | M] () MD5=D58D4E4AA8D6146D838BE02500F50B27 -- C:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll [2009/07/13 22:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll [2009/07/13 22:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll [2012/03/18 07:05:35 | 000,117,160 | ---- | M] () MD5=8AC30B331C6791B953D06802F7CBA374 -- C:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll [2010/11/04 22:52:36 | 000,163,840 | ---- | M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38 -- C:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll [2011/09/16 11:47:37 | 000,367,400 | ---- | M] () MD5=6CAD87F2BE4A4BC31D3FD5C923741418 -- C:\windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll [2009/07/13 22:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll [2010/11/20 09:32:22 | 000,019,968 | ---- | M] () MD5=36D6B6EFE1AFD20700DB4C4E20F400A7 -- C:\windows\assembly\GAC_32\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll [2009/06/10 18:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe [2009/06/10 18:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config [2009/06/10 18:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp [2009/06/10 18:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp [2009/06/10 18:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp [2012/01/03 23:50:59 | 004,550,656 | ---- | M] () MD5=C850A6041F5AEDE21C53514BBE9AB09D -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll [2009/06/10 18:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp [2009/06/10 18:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp [2009/06/10 18:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp [2009/06/10 18:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp [2009/06/10 18:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp [2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp [2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp [2009/06/10 18:23:17 | 000,262,148 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp [2009/06/10 18:23:17 | 000,020,320 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp [2009/06/10 18:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp [2010/11/20 09:36:00 | 000,046,080 | ---- | M] () MD5=93C4029DABC19166076BE347283AB969 -- C:\windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL [2010/11/20 09:36:00 | 000,107,008 | ---- | M] () MD5=E9CFC1884D1E579E82073103827FA62B -- C:\windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL [2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config [2009/07/13 22:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll [2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config [2009/07/13 22:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll [2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config [2009/07/13 22:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll [2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config [2009/07/13 22:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll [2009/07/13 19:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config [2009/07/13 22:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll [2012/02/10 20:31:40 | 004,218,880 | ---- | M] () MD5=AEDDFD540E3E6BECDB14C30D1F12B78A -- C:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll [2009/06/10 18:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config [2012/02/10 20:31:42 | 001,737,496 | ---- | M] () MD5=DDFBFD8959F32AC0CF3947F36BAC3081 -- C:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll [2010/11/04 22:58:05 | 000,486,400 | ---- | M] () MD5=ED40D020A6A82748394F1653CE324CE4 -- C:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll [2012/02/12 16:40:59 | 000,839,680 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.DLL [2012/06/07 10:26:29 | 000,910,648 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll [2010/11/04 22:58:05 | 002,927,616 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [2010/11/04 22:58:08 | 000,258,048 | ---- | M] () MD5=6DB969DF540BC71722848940D180AC08 -- C:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll [2010/11/20 01:12:59 | 000,113,664 | ---- | M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94 -- C:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll [2012/02/10 20:31:41 | 000,372,736 | ---- | M] () MD5=A151947AD131A883870A6174CACF423B -- C:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll [2009/06/10 18:23:19 | 000,261,632 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll [2011/12/25 17:42:15 | 005,255,168 | ---- | M] () MD5=7D2B8E2CE3EF2DC633689F1E1F4A7504 -- C:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll < %systemroot%\assembly\GAC_64\*.* /S /MD5 > < %SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5 > [2009/06/10 18:22:40 | 000,010,752 | ---- | M] () MD5=7E8C840853FB6EBD5CC16D3C10C7C127 -- C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll [2009/06/28 14:40:43 | 000,315,392 | ---- | M] () MD5=DCBEFA8B407F01B4BC0D8722EF65C0AE -- C:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_es_b03f5f7f11d50a3a\aspnetmmcext.resources.dll [2011/09/16 11:29:15 | 000,311,296 | ---- | M] () MD5=AE29BF9768401D368DC089CE5FCA0232 -- C:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\aspnetmmcext.resources.dll [2009/06/10 18:22:47 | 000,507,904 | ---- | M] () MD5=11B30A8447A724C6E9FBF6261AC0DA6E -- C:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll [2010/11/04 22:52:35 | 000,165,720 | ---- | M] () MD5=501E961FEEBBDE040FB836CB5DE122C2 -- C:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe [2009/06/10 18:22:50 | 000,013,312 | ---- | M] () MD5=AAD128271C76C6596E69CFA81D765C2C -- C:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll [2009/06/10 18:22:50 | 000,005,120 | ---- | M] () MD5=BA86FDE9C3B5BD2FF5EA7A99BF648E82 -- C:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe [2010/11/20 09:19:48 | 000,008,192 | ---- | M] () MD5=D7081D68005C975549685E8BF129794E -- C:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\EventViewer.resources.dll [2009/06/28 14:40:40 | 000,009,728 | ---- | M] () MD5=860BA5AD9FE75CA10781B400B16FE897 -- C:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_es_31bf3856ad364e35\EventViewer.resources.dll [2011/09/16 11:29:15 | 000,009,216 | ---- | M] () MD5=DF21E8801D6CD062FCC661FA486380E1 -- C:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\EventViewer.resources.dll [2010/11/20 09:32:20 | 000,368,640 | ---- | M] () MD5=F046EB4BBFC631D178C6DF20819C1DE5 -- C:\windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\EventViewer.dll [2009/06/10 18:22:54 | 000,008,192 | ---- | M] () MD5=96D9E7E468D537443DE037A7E15CB804 -- C:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll [2009/06/10 18:22:55 | 000,077,824 | ---- | M] () MD5=AF29AA7F2F613951A9E913B4290B2ECE -- C:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll [2009/06/10 18:22:55 | 000,006,656 | ---- | M] () MD5=D051642D0ED61E2886FD8917E8B6FAFD -- C:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll [2012/06/07 10:26:11 | 000,145,208 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll [2011/09/16 11:29:15 | 000,013,824 | ---- | M] () MD5=6A905688AD1793D10BA0F9680D77B082 -- C:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll [2011/09/16 11:29:15 | 000,221,184 | ---- | M] () MD5=826E4EA416D91FA24598FA100C8C0BEA -- C:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.ApplicationId.RuleWizard.Resources.dll [2009/07/13 23:12:50 | 000,007,168 | ---- | M] () MD5=FCA8AC8ABBCE37458663CCA33E7F71F7 -- C:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll [2009/06/28 14:40:53 | 000,007,168 | ---- | M] () MD5=B787E42AB875F952F383A0E4E5132E16 -- C:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll [2011/09/16 11:29:15 | 000,007,168 | ---- | M] () MD5=58CFE0A5D59B9C6FF61CBD74D97ECDBE -- C:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll [2009/07/13 22:20:28 | 000,057,344 | ---- | M] () MD5=D16F569EB4264641241465BEFA107BD0 -- C:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll [2009/06/10 18:14:36 | 000,106,496 | ---- | M] () MD5=550E75434C424A17A1E06669D8335C26 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll [2009/06/28 14:40:45 | 000,053,248 | ---- | M] () MD5=C77E7D3ABD185C114093DEF02E43341E -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll [2011/09/16 11:29:15 | 000,053,248 | ---- | M] () MD5=881F881B32DD747A875E6C42A0F1B586 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll [2010/11/04 22:57:44 | 000,348,160 | ---- | M] () MD5=24FDCD95121E59D39DCB1585EC8C5901 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll [2010/11/04 22:53:30 | 000,733,184 | ---- | M] () MD5=DC6476726F4A15BF5BC8CF2C235B17C6 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll [2010/11/04 22:57:44 | 000,036,864 | ---- | M] () MD5=4B177641BEBC8965220EC474D65981A3 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll [2009/06/10 18:14:40 | 000,036,864 | ---- | M] () MD5=80F89EC03B39E5A6700C9CA5A5545230 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll [2009/06/28 14:40:43 | 000,139,264 | ---- | M] () MD5=A57D65DAF46FEA5D4AB7FB2C1BAC390A -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll [2011/09/16 11:29:15 | 000,139,264 | ---- | M] () MD5=1EFF49EDFB3EB55B34D8AC1EB1323BFE -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll [2010/11/04 22:53:36 | 000,802,816 | ---- | M] () MD5=9EBE67131D1776B86410B56FFC95A5BF -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll [2010/11/04 22:57:45 | 000,655,360 | ---- | M] () MD5=5B5AEB3CEB1FC6D77E57821E6A42DE72 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll [2009/06/28 14:40:43 | 000,010,752 | ---- | M] () MD5=0B83BCB65BA438A10ADA3BFC782D47F0 -- C:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll [2011/09/16 11:29:15 | 000,010,240 | ---- | M] () MD5=DFE247BF945BD397C37A231B20651E38 -- C:\windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll [2010/11/04 22:53:30 | 000,094,208 | ---- | M] () MD5=B6EF0B4C1898D03FC7814B890FCE9B72 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll [2010/11/04 22:57:45 | 000,077,824 | ---- | M] () MD5=D7A537839EAB83BAD8F3C053098198E8 -- C:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll [2011/09/16 11:29:55 | 000,090,112 | ---- | M] () MD5=EAA4D6750FB7E2867C18894BB14BF18D -- C:\windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2011/09/16 11:29:15 | 000,487,424 | ---- | M] () MD5=124E7DC5B57CC7403A350D2DCC3A5F62 -- C:\windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting.Resources\2.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.Resources.dll [2011/09/16 11:29:15 | 000,009,728 | ---- | M] () MD5=825A36E5CAB2593C65165B8999CC4CDD -- C:\windows\assembly\GAC_MSIL\Microsoft.IIS.PowerShell.Framework.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.IIS.PowerShell.Framework.resources.dll [2011/09/16 11:29:15 | 000,016,384 | ---- | M] () MD5=C293E8FF97896EADCD77CF4C5E447733 -- C:\windows\assembly\GAC_MSIL\Microsoft.IIS.PowerShell.Provider.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.IIS.PowerShell.Provider.resources.dll [2009/07/13 23:13:02 | 000,036,864 | ---- | M] () MD5=3576E621125C0ECE94313B85CCE6F8B6 -- C:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Ink.Resources.dll [2010/11/20 09:17:22 | 000,040,960 | ---- | M] () MD5=4DA5FEF39FF318C58AF1B84179B1A097 -- C:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_es_31bf3856ad364e35\Microsoft.Ink.Resources.dll [2011/09/16 11:29:15 | 000,040,960 | ---- | M] () MD5=4402EA759674DE1651A9BF2A6BBD6079 -- C:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Ink.Resources.dll [2009/06/28 14:40:40 | 000,045,056 | ---- | M] () MD5=B92D57EC650859944E14F35AE66A468B -- C:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_es_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll [2011/09/16 11:29:15 | 000,045,056 | ---- | M] () MD5=65A39A5105D3B778B300153595053A13 -- C:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll [2009/06/10 18:23:03 | 000,749,568 | ---- | M] () MD5=3CF65928E67E362D5B25424EBCC27B12 -- C:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll [2009/07/13 23:13:00 | 000,016,384 | ---- | M] () MD5=4D9D34F0204D5DF8EF1DBBD704735EEB -- C:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_en_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll [2009/06/28 14:40:46 | 000,016,384 | ---- | M] () MD5=117796FEE434254A76BB752D38A95A61 -- C:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_es_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll [2011/09/16 11:29:15 | 000,016,384 | ---- | M] () MD5=2770EDC686C650C11636A1EFDFF7B2B7 -- C:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll [2009/07/13 22:21:42 | 000,188,416 | ---- | M] () MD5=F8B72BFD1D8C36E1A2C98E25C9CF2504 -- C:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll [2012/03/18 07:05:34 | 000,608,136 | ---- | M] () MD5=BEEAF7900437FE41918C729AD4957862 -- C:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll [2011/09/16 11:47:23 | 000,043,840 | ---- | M] () MD5=0B8A9BB294B8CF79C99DD3486317285C -- C:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll [2011/09/16 11:47:24 | 000,039,728 | ---- | M] () MD5=A4DAC1328EB3271B7F18B56572BC6433 -- C:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll [2011/09/16 11:47:23 | 000,060,200 | ---- | M] () MD5=F8B8E043A7CF09E811A9914BA4A6FE34 -- C:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll [2009/07/13 23:13:04 | 000,010,752 | ---- | M] () MD5=65B27C38DBD68EFEC636665FDBF4D1FF -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll [2009/06/28 14:40:53 | 000,011,776 | ---- | M] () MD5=45B885022CA7573950A0F828B15D412C -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll [2011/09/16 11:29:15 | 000,011,264 | ---- | M] () MD5=5F1B2056FFDA8B3493EDAA4FDF383DC7 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll [2010/11/20 09:35:58 | 000,102,400 | ---- | M] () MD5=2E86EDB34D366FCC9425B1A4654FC543 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll [2009/07/13 23:13:06 | 000,036,864 | ---- | M] () MD5=10C9C4380C4B403B95D757C4517AFD5B -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll [2010/11/20 09:17:22 | 000,036,864 | ---- | M] () MD5=1552083BD8EC733887D1B86BF5B5A69D -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll [2011/09/16 11:29:15 | 000,036,864 | ---- | M] () MD5=9B35501836F451877F6264055169B567 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll [2010/11/20 09:35:58 | 000,290,816 | ---- | M] () MD5=33C0200ED261F9738AB90A58C97E2E52 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll [2010/11/20 09:19:49 | 000,049,152 | ---- | M] () MD5=28AF2A12179398B90A6F18E451010209 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll [2009/06/28 14:40:53 | 000,053,248 | ---- | M] () MD5=3FB3EA616E8EAFB58A8A0F0203ED1137 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll [2011/09/16 11:29:15 | 000,053,248 | ---- | M] () MD5=5BB59D5372913B315CCBBCFFF5FD74AE -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll [2010/11/20 09:35:59 | 000,667,648 | ---- | M] () MD5=C23ACC08CB8049A8DDC7D8CD84280096 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll [2010/11/20 09:19:49 | 000,040,960 | ---- | M] () MD5=42CDE70A57616C7D54694E881C5F84A9 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll [2009/06/28 14:40:53 | 000,045,056 | ---- | M] () MD5=8E33C3EDCA1B996413DBD74B5878A317 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll [2011/09/16 11:29:15 | 000,045,056 | ---- | M] () MD5=378C94F66A55D5A45726BBD5CFE27E99 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll [2009/07/13 22:23:47 | 000,200,704 | ---- | M] () MD5=61408B3CF77B787A753B6F4F4A6840B1 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll [2009/07/13 23:13:04 | 000,069,632 | ---- | M] () MD5=DF60F16CB3FA971EBD1CB6B1FA346AF6 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.Resources.dll [2009/06/28 14:40:51 | 000,069,632 | ---- | M] () MD5=465C82A1719195515B68AABC67B822DB -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Editor.Resources.dll [2010/11/20 09:35:59 | 000,991,232 | ---- | M] () MD5=7E6557381C8CF162A4ED0D9A581F870B -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll [2009/07/13 23:13:06 | 000,040,960 | ---- | M] () MD5=41888D6ED40E49C4DAED8E412BB18B90 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll [2009/06/28 14:40:53 | 000,040,960 | ---- | M] () MD5=0CEEACA823933D3166EEC8B1A90D139C -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll [2011/09/16 11:29:15 | 000,040,960 | ---- | M] () MD5=D2FEBFAD41EA60A860E771FC9A668640 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll [2009/07/13 22:22:04 | 000,651,264 | ---- | M] () MD5=E66B1EEE2AB24DE9F3D5189A1FC8D4BF -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll [2009/07/13 23:13:06 | 000,016,896 | ---- | M] () MD5=E848EEBF463086883E026AAD11C24F1A -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll [2009/06/28 14:40:53 | 000,028,672 | ---- | M] () MD5=A49E122DA0FA0F6FA485A4EDCB42D574 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll [2011/09/16 11:29:15 | 000,028,672 | ---- | M] () MD5=DF39D016A24DF791CB68D852ABCC35E4 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll [2009/07/13 22:20:38 | 000,278,528 | ---- | M] () MD5=3EAB4DBDC290EDC4D53FE77F1FDB9E59 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll [2009/07/13 23:11:48 | 000,009,216 | ---- | M] () MD5=462D0B841E939094840CFA61C990410F -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll [2009/06/28 14:40:53 | 000,009,728 | ---- | M] () MD5=21EB8D4B4B4126A5AD4A820523CE1F12 -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll [2011/09/16 11:29:15 | 000,009,728 | ---- | M] () MD5=A7D4B0B8A34D3827B47AE4C41328575D -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll [2010/11/20 09:35:58 | 000,077,824 | ---- | M] () MD5=B1282FC909517D890C61F7F3313134EF -- C:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll [2011/09/16 11:29:15 | 000,005,632 | ---- | M] () MD5=D8FEF2F6BBD87EAC7C9D420CAC0E9041 -- C:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources.dll [2011/09/16 11:29:15 | 000,007,168 | ---- | M] () MD5=69B6B13B248F2632AFF4C43D1CCCB676 -- C:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources.dll [2011/09/16 11:29:15 | 000,006,656 | ---- | M] () MD5=4BDEE092A297547215176B8465C25F18 -- C:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll [2011/09/16 11:29:15 | 000,159,744 | ---- | M] () MD5=38E78577BB74C5EE500E22EEC59A0B02 -- C:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll [2009/07/13 23:13:06 | 000,073,728 | ---- | M] () MD5=67F68317A9F346A32039F9651C7EAC46 -- C:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_en_31bf3856ad364e35\microsoft.tpm.resources.dll [2009/06/28 14:40:46 | 000,073,728 | ---- | M] () MD5=9EA843C3C752C5281DD435417C38FDE9 -- C:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_es_31bf3856ad364e35\microsoft.tpm.resources.dll [2011/09/16 11:29:15 | 000,073,728 | ---- | M] () MD5=CAA5065DDF1FC57190CF41CBBDAB3735 -- C:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\microsoft.tpm.resources.dll [2009/07/13 22:24:19 | 000,192,512 | ---- | M] () MD5=466761E68D1AAED81DFD5E43B168D2F0 -- C:\windows\assembly\GAC_MSIL\Microsoft.Tpm\6.1.0.0__31bf3856ad364e35\Microsoft.Tpm.dll [2009/06/28 14:40:55 | 000,005,120 | ---- | M] () MD5=AD7AC9FEFCBE08222CFD2B559A40FD0D -- C:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll [2011/09/16 11:29:15 | 000,005,120 | ---- | M] () MD5=6B611A7806800377786AC332EA1FDF65 -- C:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll [2009/06/28 14:40:55 | 000,028,672 | ---- | M] () MD5=BE0EE992C0AB4DCEA6BFD0C36EEF95A4 -- C:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll [2011/09/16 11:29:15 | 000,028,672 | ---- | M] () MD5=88EB22D107A00AAA098C9AA1A783D9EE -- C:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll [2009/06/10 18:14:03 | 000,397,312 | ---- | M] () MD5=130FF58B6245F78097E7619EFB61CDD2 -- C:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll [2009/06/28 14:40:40 | 000,009,216 | ---- | M] () MD5=35658EF671E8E86C0EDE2172BC222BF9 -- C:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll [2011/09/16 11:29:15 | 000,009,216 | ---- | M] () MD5=B412B0F67419A326ADCB35907928B693 -- C:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll [2009/06/10 18:23:03 | 000,110,592 | ---- | M] () MD5=A070FD9509392CEB84A3ED8F8A42A504 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll [2009/06/28 14:40:46 | 000,009,216 | ---- | M] () MD5=5A123B68CC378DC57C7F912FF2A2BA37 -- C:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll [2011/09/16 11:29:15 | 000,009,216 | ---- | M] () MD5=AFC688F80CDC36A21345E0E0D1111E67 -- C:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll [2010/11/04 22:57:46 | 000,372,736 | ---- | M] () MD5=B424A0AF636B1D3DAE3A664285EF9795 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll [2009/06/28 14:40:42 | 000,061,440 | ---- | M] () MD5=A37B2DF541D7C74F04BC96C9916B5E8B -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll [2011/09/16 11:29:16 | 000,061,440 | ---- | M] () MD5=6BBB391651567884BFB79268B14CF02B -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll [2009/06/10 18:23:04 | 000,028,672 | ---- | M] () MD5=A5B5F03020C0A01276801CF2C807FF8C -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll [2010/11/04 22:57:46 | 000,610,304 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll [2009/06/10 18:14:40 | 000,041,984 | ---- | M] () MD5=DD26812B72AF01116F7A1DDD4FA21E49 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll [2009/06/10 18:23:04 | 000,005,632 | ---- | M] () MD5=BBAEF0C6E310A25D3BCCAA2ADC538F82 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll [2011/09/16 11:41:43 | 000,004,608 | ---- | M] () MD5=E92878C850D40D98A97B4DA2E2BF9C19 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.resources.dll [2011/09/16 11:47:27 | 000,211,736 | ---- | M] () MD5=2D273C8B22DA28704B4968E5197A793F -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll [2011/09/16 11:41:43 | 000,005,632 | ---- | M] () MD5=8A48D24A622F5341951B6816E9B7CA39 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources.dll [2011/09/16 11:47:27 | 000,105,248 | ---- | M] () MD5=F05A0DC8BC23982813A4AD61EAA89E7D -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll [2011/09/16 11:47:27 | 000,330,520 | ---- | M] () MD5=7FBD0EDFBE1A28CD9FC392735699E749 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll [2011/09/16 11:41:43 | 000,004,096 | ---- | M] () MD5=F5B546F62721FC34453EAFC01AEE4E5D -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources.dll [2011/09/16 11:47:27 | 000,039,712 | ---- | M] () MD5=52FC5D2D66561348D3ECF4BB5F55145D -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll [2011/09/16 11:47:27 | 000,039,704 | ---- | M] () MD5=3DAE657D730C6B4E50107831F7B334E8 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll [2011/09/16 11:47:27 | 000,072,472 | ---- | M] () MD5=69A552F5D231C02F43F1E18ABC69B131 -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll [2009/06/10 18:23:04 | 000,012,800 | ---- | M] () MD5=71C2F1A0F8FFD6D017F039AC023DE81C -- C:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll [2009/06/10 18:23:04 | 000,032,768 | ---- | M] () MD5=45F2E4914DDCDA6F468D99FAA91911F2 -- C:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll [2011/09/16 11:29:16 | 000,007,168 | ---- | M] () MD5=F841138FC055A291D2FE1722FD4796DD -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Administration.Resources\7.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Administration.resources.dll [2011/09/16 11:29:16 | 000,006,144 | ---- | M] () MD5=06D3B120833F1A1199295B26A735B82D -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Aspnet.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.Aspnet.resources.dll [2011/09/16 11:29:16 | 000,081,920 | ---- | M] () MD5=F724E347ADBEF7A3CDD9BD255F275D9F -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.AspnetClient.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.AspnetClient.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=2A145C1EDFA7D5B4D4BC2FA8917A31D2 -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Ftp.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.Ftp.resources.dll [2011/09/16 11:29:16 | 000,069,632 | ---- | M] () MD5=D2BC9BB0A8131ACC41F55E3BC96C226B -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.FtpClient.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.FtpClient.resources.dll [2011/09/16 11:29:16 | 000,006,144 | ---- | M] () MD5=F391400729F137828B23C87F64761A02 -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Iis.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.Iis.resources.dll [2011/09/16 11:29:16 | 000,262,144 | ---- | M] () MD5=9F1618A5D2F6352E1CFFA278FF1BC25C -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.IisClient.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.IisClient.resources.dll [2011/09/16 11:29:16 | 000,077,824 | ---- | M] () MD5=58D26D7DD4F2194C27D03E9D2AF5C388 -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Resources\7.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=34AEECBFF5A4489104F8FF258A4E0DDA -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.WebDAV.Resources\7.5.0.0_en_31bf3856ad364e35\Microsoft.Web.Management.WebDAV.resources.dll [2011/09/16 11:29:16 | 000,024,576 | ---- | M] () MD5=0E098211DD0BD2AE93FF69B60876EA48 -- C:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.WebDAVClient.Resources\7.5.0.0_pt-BR_31bf3856ad364e35\Microsoft.Web.Management.WebDAVClient.resources.dll [2009/07/13 23:13:08 | 000,004,096 | ---- | M] () MD5=04D3E891B3256A1EBD36FA7B6F984920 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll [2009/06/28 14:40:53 | 000,004,096 | ---- | M] () MD5=B696CB5FCD3E97F09B40D31F8F1387EC -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=4801ACCAC4A968A96F2D5EF24D5B24F6 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll [2009/07/13 22:25:15 | 000,009,728 | ---- | M] () MD5=96F718F03F4D8782D7EB11954AC0E914 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.dll [2009/07/13 23:13:08 | 000,004,096 | ---- | M] () MD5=ADD629AFA64864C8519B2485F6F61554 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll [2009/06/28 14:40:53 | 000,004,096 | ---- | M] () MD5=7504E99BEB7EEEB608E53FCA5B451F33 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=7EE1245DDBF39E500DC532D826018FB9 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll [2009/07/13 22:26:39 | 000,010,752 | ---- | M] () MD5=78EF40CE03E23CB6702391D919F95436 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.dll [2009/07/13 23:13:08 | 000,004,096 | ---- | M] () MD5=84AA3A80B726C6DCCDAA38A879862D6D -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll [2009/06/28 14:40:53 | 000,004,096 | ---- | M] () MD5=FB8D7F981267FCC56F08CCF6FFBD285E -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=EFCC55B6931C482CBEB6EA471AA48C6E -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll [2009/07/13 22:25:40 | 000,009,216 | ---- | M] () MD5=EE5B0505F2E8E8305748DD270A7AD929 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.dll [2009/07/13 23:13:08 | 000,004,096 | ---- | M] () MD5=BEBFDDCB2DB36E9302A4358878C8CFD4 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll [2009/06/28 14:40:53 | 000,004,096 | ---- | M] () MD5=030C15FBF31F3A28FD71B93A0132DE8E -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=5CEC0EF3E21A7AF6F3440CA585AE0C77 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll [2009/07/13 22:25:32 | 000,008,192 | ---- | M] () MD5=7FBCA94271448B41DB000C98C9615312 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.dll [2010/11/20 09:19:49 | 000,004,096 | ---- | M] () MD5=B8E015AD059FFAFCE9CB40DF775B11E0 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2009/06/28 14:40:53 | 000,004,096 | ---- | M] () MD5=9C10989C5B852BB7949EDA45E592A44A -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2011/09/16 11:29:16 | 000,004,096 | ---- | M] () MD5=18A50216CDC9EA4AD941078E4FE714F2 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2009/07/13 22:25:35 | 000,024,576 | ---- | M] () MD5=915BBFA6BBF105C0C51398A3398D19CB -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.dll [2009/07/13 23:13:08 | 000,006,656 | ---- | M] () MD5=FC66A5034B5B6A7C09FCE86C47BBF4ED -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll [2010/11/20 09:17:22 | 000,007,168 | ---- | M] () MD5=D2AC9E3EB958E311B422E009EDC9D3E6 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_es_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll [2011/09/16 11:29:16 | 000,007,168 | ---- | M] () MD5=A5875654F384F26762C4E6E9134AFA25 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll [2009/07/13 22:26:37 | 000,049,152 | ---- | M] () MD5=4BB0FF1D72803CC075D92CE2FBDCA2B3 -- C:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.dll [2010/11/20 09:19:49 | 000,013,824 | ---- | M] () MD5=C58C7003380F76221AB9B5BBB4AE4452 -- C:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll [2010/11/20 09:17:22 | 000,024,576 | ---- | M] () MD5=9F79E7AE1084038B8B09023F50821516 -- C:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_es_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll [2011/09/16 11:29:16 | 000,024,576 | ---- | M] () MD5=53A7C23F525204CA5995A71E323F0157 -- C:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll [2010/11/20 09:36:00 | 000,286,720 | ---- | M] () MD5=64C192235DF8F704412F0D66BAF5C1B1 -- C:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll [2009/07/13 22:22:00 | 000,007,168 | ---- | M] () MD5=D5F86545FAF811ED2CCF3C6117B0EC44 -- C:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll [2009/06/10 18:23:04 | 000,007,168 | ---- | M] () MD5=E5640EF09DA87B03E78F18F850CFF728 -- C:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll [2009/07/13 23:13:12 | 001,552,384 | ---- | M] () MD5=5D85FA66189E6832466C8DEE97CA8C3F -- C:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_en_31bf3856ad364e35\MIGUIControls.resources.dll [2009/06/28 14:40:46 | 001,560,576 | ---- | M] () MD5=D08B57E44359A1EEDB57C45FB72E0D89 -- C:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_es_31bf3856ad364e35\MIGUIControls.resources.dll [2011/09/16 11:29:16 | 001,552,384 | ---- | M] () MD5=555683710A7312D99079C35B006F4185 -- C:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\MIGUIControls.resources.dll [2010/11/20 09:36:00 | 003,416,064 | ---- | M] () MD5=CD35B1936F50990D1FCEAE31E2D1553F -- C:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll [2010/11/20 09:19:49 | 000,036,864 | ---- | M] () MD5=E5956455F8A07B174CF146247EC6315E -- C:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll [2009/06/28 14:40:42 | 000,036,864 | ---- | M] () MD5=E075960A0C0D4698AFF732465844278B -- C:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_es_31bf3856ad364e35\MMCEx.Resources.dll [2011/09/16 11:29:16 | 000,036,864 | ---- | M] () MD5=50492629B6AE220772515C740186ADEA -- C:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_pt-BR_31bf3856ad364e35\MMCEx.Resources.dll [2009/07/13 22:26:50 | 000,421,888 | ---- | M] () MD5=A9D4275CE5EA165C267AE05A6821CB54 -- C:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll [2010/11/20 09:19:49 | 000,004,096 | ---- | M] () MD5=930887F063E075C31E38E435F9C3D94C -- C:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_en_31bf3856ad364e35\MMCFxCommon.Resources.dll [2010/11/20 09:17:22 | 000,005,120 | ---- | M] () MD5=E4E81EA4488BD900C18A3A842304B3A9 -- C:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_es_31bf3856ad364e35\MMCFxCommon.Resources.dll [2011/09/16 11:29:16 | 000,005,120 | ---- | M] () MD5=B8C1DDA89793DAEFF3F57A73F52D9E71 -- C:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_pt-BR_31bf3856ad364e35\MMCFxCommon.Resources.dll [2009/07/13 22:26:07 | 000,110,592 | ---- | M] () MD5=E72BF459A519312B4FF7F3FA8A85BA13 -- C:\windows\assembly\GAC_MSIL\MMCFxCommon\3.0.0.0__31bf3856ad364e35\MMCFxCommon.dll [2010/11/12 21:02:55 | 000,307,200 | ---- | M] () MD5=EE27A9B9E65D5CB622CC529D8D80EE7F -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.Resources.dll [2011/09/16 11:29:16 | 000,303,104 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll [2010/11/20 09:19:49 | 000,049,152 | ---- | M] () MD5=B0F301AA13B7E4F227F6964856739530 -- C:\windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_en_31bf3856ad364e35\napinit.Resources.dll [2010/11/20 09:17:22 | 000,049,152 | ---- | M] () MD5=F7BB6627258B7606FEE2C354A4987837 -- C:\windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_es_31bf3856ad364e35\napinit.Resources.dll [2011/09/16 11:29:16 | 000,049,152 | ---- | M] () MD5=0B3B49414219C7FD319EB0B9AB144B7C -- C:\windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_pt-BR_31bf3856ad364e35\napinit.Resources.dll [2009/07/13 22:22:44 | 000,073,728 | ---- | M] () MD5=0E2E919A5255D305CF1B3AE9B9D452F1 -- C:\windows\assembly\GAC_MSIL\napinit\6.1.0.0__31bf3856ad364e35\NAPINIT.DLL [2009/07/13 23:12:16 | 000,233,472 | ---- | M] () MD5=804C49310D2EA3B1A2E3809CE3C93B47 -- C:\windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_en_31bf3856ad364e35\napsnap.resources.dll [2009/06/28 14:40:42 | 000,237,568 | ---- | M] () MD5=BEE0C316512952BC65DC73FA9882597F -- C:\windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_es_31bf3856ad364e35\napsnap.resources.dll [2011/09/16 11:29:16 | 000,233,472 | ---- | M] () MD5=15C538236B631E022FBCA92A7B1F3758 -- C:\windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_pt-BR_31bf3856ad364e35\napsnap.resources.dll [2009/07/13 22:25:01 | 000,454,656 | ---- | M] () MD5=FC35785CC6FD225A4E504A23DE13D085 -- C:\windows\assembly\GAC_MSIL\napsnap\6.1.0.0__31bf3856ad364e35\NAPSNAP.DLL [2010/11/20 09:36:00 | 001,077,248 | ---- | M] () MD5=95DE3CF54E0A360EED766DBDDF152F0D -- C:\windows\assembly\GAC_MSIL\Narrator\6.1.0.0__31bf3856ad364e35\Narrator.exe [2009/06/28 14:40:55 | 000,053,248 | ---- | M] () MD5=74FEB6F44F6113FBADAED2F964B36668 -- C:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_es_31bf3856ad364e35\PresentationBuildTasks.resources.dll [2011/09/16 11:29:16 | 000,053,248 | ---- | M] () MD5=830A72297EF4DEBCABE0DE40303C1AED -- C:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_pt-BR_31bf3856ad364e35\PresentationBuildTasks.resources.dll [2010/11/04 22:53:21 | 000,598,016 | ---- | M] () MD5=AEFD96A1A087027A7EDC21F83F1B4727 -- C:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll [2009/06/10 18:14:50 | 000,032,768 | ---- | M] () MD5=24F02A6A94DC8AE6F2ACDA7950CBEEB3 -- C:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll [2009/06/28 14:40:55 | 000,110,592 | ---- | M] () MD5=67C8F17A5431B3EE0C45A78338A887CE -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_es_31bf3856ad364e35\PresentationCore.resources.dll [2011/09/16 11:29:17 | 000,106,496 | ---- | M] () MD5=094C7B28F4EF5944EF3AA694BF51D837 -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_pt-BR_31bf3856ad364e35\PresentationCore.resources.dll [2009/06/10 18:14:51 | 000,042,856 | ---- | M] () MD5=E56F39F6B7FDA0AC77A79B0FD3DE1A2F -- C:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe [2009/06/10 18:14:43 | 000,196,608 | ---- | M] () MD5=C9DF30B6F5D99C8147C528528B9CC498 -- C:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll [2009/06/10 18:14:44 | 000,139,264 | ---- | M] () MD5=98F2493B40E00061B4A4369E63790293 -- C:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll [2010/11/04 22:53:23 | 000,397,312 | ---- | M] () MD5=4E9FDA223530F931AC1F03ABB58E4DA5 -- C:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll [2009/06/28 14:40:55 | 000,241,664 | ---- | M] () MD5=79857966ADB812ADCC37FA9F82ECC317 -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll [2011/09/16 11:29:17 | 000,241,664 | ---- | M] () MD5=FB87EDDBCA4BFA5F9B33C7DFB16C647F -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pt-BR_31bf3856ad364e35\PresentationFramework.resources.dll [2009/06/10 18:14:44 | 000,163,840 | ---- | M] () MD5=13E8EC241CA1402C923DF3A1DA9CAF70 -- C:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll [2012/02/10 20:31:41 | 005,283,840 | ---- | M] () MD5=530DFD580E4C341B267ED4E2A56B8233 -- C:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll [2009/06/28 14:40:55 | 000,368,640 | ---- | M] () MD5=412369475CD563271B6D76BB984CDFE1 -- C:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_es_31bf3856ad364e35\PresentationUI.resources.dll [2011/09/16 11:29:17 | 000,368,640 | ---- | M] () MD5=27D9EB85496E8D7D9A25A20DAAFBC851 -- C:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_pt-BR_31bf3856ad364e35\PresentationUI.resources.dll [2009/06/10 18:14:52 | 000,864,256 | ---- | M] () MD5=0F8242348EBA698FF93193A6BDC55362 -- C:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll [2009/06/28 14:40:55 | 000,036,864 | ---- | M] () MD5=BB83A9BE4549F28ED3480D44F640F38A -- C:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_es_31bf3856ad364e35\ReachFramework.resources.dll [2011/09/16 11:29:17 | 000,036,864 | ---- | M] () MD5=0F253EF739CC2BF1447ED6E7BB34B19E -- C:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_pt-BR_31bf3856ad364e35\ReachFramework.resources.dll [2012/02/10 20:31:41 | 000,532,480 | ---- | M] () MD5=93CF6C96CDBFC1834A28F835B769E8BA -- C:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll [2011/09/16 11:29:17 | 000,012,800 | ---- | M] () MD5=FF0DDD48E3E0351811C3EEBFB581DB70 -- C:\windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_pt-BR_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll [2009/06/10 18:15:18 | 000,005,632 | ---- | M] () MD5=AA7004ABA8C37DDCA200E16F1570EF62 -- C:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll [2010/11/04 23:00:15 | 000,005,120 | ---- | M] () MD5=50F31C482ACFBB91D3CCBA08A730BC61 -- C:\windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_es_b77a5c561934e089\SMDiagnostics.resources.dll [2011/09/16 11:29:17 | 000,005,120 | ---- | M] () MD5=F29C8B759524E547374E3FE39F76A777 -- C:\windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_pt-BR_b77a5c561934e089\SMDiagnostics.resources.dll [2010/11/04 22:52:39 | 000,110,592 | ---- | M] () MD5=6F145DEF09821EB6614C501430CB838C -- C:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll [2010/11/04 22:52:39 | 000,128,848 | ---- | M] () MD5=F476EC40033CDB91EFBE73EB99B8362D -- C:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe [2009/11/25 14:58:29 | 000,029,968 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll [2011/09/16 11:29:17 | 000,200,704 | ---- | M] () MD5=1141AAE53D110F46445E77224D0F7758 -- C:\windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_pt-BR_31bf3856ad364e35\SrpUxSnapIn.resources.dll [2009/06/28 14:40:42 | 000,010,752 | ---- | M] () MD5=D08AA78707EBB0A20D710DD5A6AA5FFA -- C:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_es_b03f5f7f11d50a3a\sysglobl.resources.dll [2011/09/16 11:29:17 | 000,010,752 | ---- | M] () MD5=A4F9409C56A7E953B2AFD269D3BA8AA4 -- C:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\sysglobl.resources.dll [2009/06/10 18:23:17 | 000,110,592 | ---- | M] () MD5=3C8AF820562CC8E3A1CF82650518F66C -- C:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll [2010/11/04 22:53:30 | 000,045,056 | ---- | M] () MD5=6D593E9AE74E39A62F8184515B27DF28 -- C:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll [2011/09/16 11:47:27 | 000,039,624 | ---- | M] () MD5=80F57E4804E4BA1B203F8427C0475470 -- C:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll [2012/01/03 23:50:53 | 000,163,840 | ---- | M] () MD5=C2EC2AD05B97F9124399E1DA1D1386C2 -- C:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll [2009/06/28 14:40:55 | 000,008,192 | ---- | M] () MD5=BEA9CC1FC47701C6C3D370105F647AAA -- C:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_es_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll [2011/09/16 11:29:17 | 000,008,192 | ---- | M] () MD5=C9DEA45376C6C40BF9041FAF91C4EB9C -- C:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll [2010/11/04 22:53:30 | 000,057,344 | ---- | M] () MD5=27E76A55FA5C3586297C2D42986304AC -- C:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll [2009/06/28 14:40:47 | 000,028,672 | ---- | M] () MD5=27F89F9D784A82D2056A225850647CEC -- C:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll [2011/09/16 11:29:17 | 000,028,672 | ---- | M] () MD5=B56ACD0072C00B57E37AA3221BD662F2 -- C:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll [2010/11/04 22:58:04 | 000,081,920 | ---- | M] () MD5=ED2D3B032733BFC7A68FCE05BC7F93B4 -- C:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll [2009/06/28 14:40:47 | 000,049,152 | ---- | M] () MD5=1070114D66D269021A9985C907854748 -- C:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Configuration.resources.dll [2011/09/16 11:29:17 | 000,049,152 | ---- | M] () MD5=426D9EC0E3439A6BABCF55295A81403B -- C:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Configuration.resources.dll [2010/11/04 22:58:04 | 000,425,984 | ---- | M] () MD5=5A7A33F7F9DFC0C0A8B8E000F4D9D898 -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll [2009/06/28 14:40:55 | 000,061,440 | ---- | M] () MD5=C1DC6A46E7E0706BB472C270190DC18C -- C:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_es_b77a5c561934e089\System.Core.Resources.dll [2011/09/16 11:29:17 | 000,061,440 | ---- | M] () MD5=A380AF92BE6BA29EBEB70D097A98A34F -- C:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Core.Resources.dll [2010/11/04 22:53:30 | 000,667,648 | ---- | M] () MD5=FC114C6C8AB34F1A357069AD3E4477F8 -- C:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll [2010/11/04 22:53:31 | 000,053,248 | ---- | M] () MD5=82D34DEB3105E63981A0306B03C10A07 -- C:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll [2010/11/04 23:00:02 | 000,015,360 | ---- | M] () MD5=4C2D8908207C0E64321CA1E62CA57175 -- C:\windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Entity.Design.Resources.dll [2011/09/16 11:29:17 | 000,015,360 | ---- | M] () MD5=51E9340FD1723FCD8BA93D80379A3906 -- C:\windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Entity.Design.Resources.dll [2010/11/04 22:53:31 | 000,229,376 | ---- | M] () MD5=02B81AAEB463E966372AF6A1C0B6038E -- C:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll [2009/06/28 14:40:55 | 000,397,312 | ---- | M] () MD5=7154F89DEBD17BBE560544D9612151ED -- C:\windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Entity.Resources.dll [2011/09/16 11:29:17 | 000,397,312 | ---- | M] () MD5=9F73ED6C5751BD68CFB77A2D6DDA6D2F -- C:\windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Entity.Resources.dll [2010/11/04 22:53:31 | 002,879,488 | ---- | M] () MD5=EEDCBC7607D2852BBF74409B49A8D1C1 -- C:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll [2009/06/28 14:40:55 | 000,053,248 | ---- | M] () MD5=51A8C28115307FE86691BCEE4E0E6764 -- C:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Linq.Resources.dll [2011/09/16 11:29:17 | 000,053,248 | ---- | M] () MD5=C91FD81FAFF06EF1CFEA7A93B5C8C961 -- C:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Linq.Resources.dll [2010/11/04 22:53:31 | 000,684,032 | ---- | M] () MD5=8AB40EB71BB5D5F4641AA5895712B981 -- C:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll [2009/06/28 14:40:45 | 000,110,592 | ---- | M] () MD5=E01F4BA680C22D366A5FBC0228C3E9A0 -- C:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_es_b77a5c561934e089\System.Data.OracleClient.resources.dll [2011/09/16 11:29:17 | 000,110,592 | ---- | M] () MD5=66FE8A87477DDA91DF799AB3296DA443 -- C:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Data.OracleClient.resources.dll [2009/06/28 14:40:47 | 000,344,064 | ---- | M] () MD5=CE2E13DADD2A0047B87EE53411963F8E -- C:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_es_b77a5c561934e089\System.Data.Resources.dll [2011/09/16 11:29:17 | 000,344,064 | ---- | M] () MD5=35F392980C4A2213758F81F30C22CDF9 -- C:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Data.resources.dll [2010/11/04 23:00:02 | 000,049,152 | ---- | M] () MD5=986537AE141E8A7D76009B0C5BD564C5 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Services.Client.resources.dll [2011/09/16 11:29:17 | 000,036,864 | ---- | M] () MD5=F9FB3CF217F8FBA758A22E63CB43F3E6 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Services.Client.resources.dll [2010/11/04 22:53:32 | 000,462,848 | ---- | M] () MD5=606ACF1553423BFDD3CABEBA3DF264B9 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll [2010/11/04 23:00:02 | 000,011,776 | ---- | M] () MD5=01E48CFBD3F3AAF43369BF377DB3D6F5 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Services.Design.resources.dll [2011/09/16 11:29:17 | 000,007,680 | ---- | M] () MD5=099E912E0C5E345CE65DE936C312B8CF -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Services.Design.resources.dll [2010/11/04 22:53:32 | 000,163,840 | ---- | M] () MD5=0ACA904F87E674CF3CB6746D9D3AB321 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll [2010/11/04 23:00:02 | 000,094,208 | ---- | M] () MD5=D646C24B305EBB431442D7E4B81C114C -- C:\windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_es_b77a5c561934e089\System.Data.Services.resources.dll [2011/09/16 11:29:17 | 000,069,632 | ---- | M] () MD5=949A8F5027136016E94A06175A33B667 -- C:\windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Data.Services.resources.dll [2010/11/04 22:53:32 | 000,692,224 | ---- | M] () MD5=4BA482E447D6096E8D4348AAE306CE1B -- C:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll [2009/06/28 14:40:41 | 000,036,864 | ---- | M] () MD5=48E34306DE7AB460355AD7462C9E40F9 -- C:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_es_b77a5c561934e089\system.data.sqlxml.resources.dll [2011/09/16 11:29:17 | 000,036,864 | ---- | M] () MD5=958A1224A4AE091B1D275BE8F8380F0E -- C:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.data.sqlxml.resources.dll [2010/11/04 22:58:05 | 000,745,472 | ---- | M] () MD5=800484A3335EACDAA9600120385CCBDC -- C:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll [2009/06/28 14:40:40 | 000,393,216 | ---- | M] () MD5=27665619E65DE5EDD09065E6F4AB4A22 -- C:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Deployment.resources.dll [2011/09/16 11:29:17 | 000,393,216 | ---- | M] () MD5=43D7AFFE395C7A7A06ACFD745BC45178 -- C:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Deployment.resources.dll [2010/11/04 22:58:05 | 000,970,752 | ---- | M] () MD5=418EC83A2FC441A3D40F3FDCDA851392 -- C:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll [2010/11/12 20:35:22 | 000,544,768 | ---- | M] () MD5=7FB133AC42974102698D20EB0F8C5124 -- C:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Design.Resources.dll [2011/09/16 11:29:17 | 000,540,672 | ---- | M] () MD5=F478993100C6A6160254AC5CA05765EB -- C:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Design.resources.dll [2012/03/21 19:32:36 | 004,927,488 | ---- | M] () MD5=93B68EBA6B5BB6AC877441C8BE9E40C0 -- C:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll [2009/06/28 14:40:55 | 000,036,864 | ---- | M] () MD5=8443DD41DA93A36428C76AFCAE291B14 -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_es_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll [2010/11/04 22:53:32 | 000,290,816 | ---- | M] () MD5=CD86BDCB5E115635E6AB7DFE77FC1D11 -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll [2009/06/28 14:40:42 | 000,028,672 | ---- | M] () MD5=7B6DDCBEACF72F65CFAE4B8F747917BB -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll [2011/09/16 11:29:17 | 000,028,672 | ---- | M] () MD5=0FDDE93A00A51887D98E178AE9DA8B7A -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll [2009/06/10 18:23:18 | 000,188,416 | ---- | M] () MD5=EE1DCDAA3EA8F53DA56116875CD01653 -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll [2009/06/28 14:40:43 | 000,040,960 | ---- | M] () MD5=C2BCDE9AE2C1AC9925B9D6BB80E94469 -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll [2011/09/16 11:29:17 | 000,040,960 | ---- | M] () MD5=09DF9FAFB484F0C0845B3C480A8031E0 -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll [2010/11/04 22:58:06 | 000,401,408 | ---- | M] () MD5=AF1F47FBADABB9134002359970F5FD1C -- C:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll [2009/06/28 14:40:43 | 000,006,144 | ---- | M] () MD5=B0D2362147E919A323A4A64976B58BF8 -- C:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll [2011/09/16 11:29:18 | 000,006,144 | ---- | M] () MD5=E7BCA6434946B3D2B175D8D1EB428054 -- C:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll [2009/06/10 18:23:18 | 000,081,920 | ---- | M] () MD5=D195A195E3D16A867FD4382D786313B8 -- C:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll [2010/11/12 21:02:56 | 000,024,576 | ---- | M] () MD5=2D280CB93F11C8DE2DF5910972B2032B -- C:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Drawing.Resources.dll [2011/09/16 11:29:18 | 000,024,576 | ---- | M] () MD5=8D164510D3435A235C639A8B6F64F200 -- C:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Drawing.resources.dll [2012/04/23 19:35:09 | 000,630,784 | ---- | M] () MD5=1312BDEE8EC4F13CBB25BDBB359768A0 -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll [2009/06/28 14:40:46 | 000,032,768 | ---- | M] () MD5=A30400FF6644BE4910829341F7827B76 -- C:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll [2011/09/16 11:29:18 | 000,032,768 | ---- | M] () MD5=B8B660DB75198595AF190CC34A71F017 -- C:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll [2009/06/28 14:40:55 | 000,065,536 | ---- | M] () MD5=EF4CB9D42D295F50D904955929794400 -- C:\windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_es_b77a5c561934e089\System.IdentityModel.Resources.dll [2011/09/16 11:29:18 | 000,061,440 | ---- | M] () MD5=FCC7F9472AF2E686A19144487C607D60 -- C:\windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.IdentityModel.Resources.dll [2009/06/28 14:40:55 | 000,053,248 | ---- | M] () MD5=4546136836A8BEEE2FF3152912C45074 -- C:\windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_es_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll [2011/09/16 11:29:18 | 000,053,248 | ---- | M] () MD5=8FA878CAAA9ACBBA6A594E5AF76C33BA -- C:\windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll [2010/11/04 22:52:27 | 000,126,976 | ---- | M] () MD5=DF7FEE2563BF2D59926B786FBF636510 -- C:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll [2010/11/04 22:52:27 | 000,442,368 | ---- | M] () MD5=9638C20A92962CAFC45E8F48AE6238F5 -- C:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll [2009/06/28 14:40:55 | 000,011,264 | ---- | M] () MD5=4C6FE5B9B1D41A968EB9FAE1AF3CE62F -- C:\windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_es_b03f5f7f11d50a3a\System.IO.Log.Resources.dll [2011/09/16 11:29:18 | 000,011,264 | ---- | M] () MD5=23EBF617ED227E2F4ED4A2DCF7B4F2EE -- C:\windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_pt-BR_b03f5f7f11d50a3a\System.IO.Log.Resources.dll [2009/06/10 18:13:54 | 000,131,072 | ---- | M] () MD5=AC45DB17E166ECEBD320D4FA2820C1B6 -- C:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll [2010/11/20 09:19:49 | 000,253,952 | ---- | M] () MD5=53998D919FABB0F5EF2BD7C38533D2B7 -- C:\windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.Resources.dll [2009/06/28 14:40:53 | 000,274,432 | ---- | M] () MD5=EF46F83947F5D8906E6E03ACC489B747 -- C:\windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_es_31bf3856ad364e35\System.Management.Automation.Resources.dll [2011/09/16 11:29:18 | 000,270,336 | ---- | M] () MD5=CDA7AC67EF94E8D1B94FF8FCCE4B0B16 -- C:\windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_pt-BR_31bf3856ad364e35\System.Management.Automation.Resources.dll [2010/11/20 09:36:01 | 003,010,560 | ---- | M] () MD5=4214698AD147EA8E83CC0E7DCF883DB3 -- C:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll [2010/11/04 22:53:32 | 000,143,360 | ---- | M] () MD5=BCD4761D6E2290B490498126C67A35D0 -- C:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll [2009/06/28 14:40:42 | 000,013,312 | ---- | M] () MD5=8343A87FD93EFE7EF40D0A3E1884687C -- C:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Management.Resources.dll [2011/09/16 11:29:18 | 000,013,312 | ---- | M] () MD5=A60357DCB57FCCC60EC0B9E85E0A8EE1 -- C:\windows\assembly\GAC_MSIL\System.Management.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Management.resources.dll [2010/11/04 22:58:09 | 000,385,024 | ---- | M] () MD5=52C875E8F96E4F9E69914A538C129C6E -- C:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll [2009/06/28 14:40:47 | 000,077,824 | ---- | M] () MD5=D4AC31AD9948784D6C3F31D8F0EADE6E -- C:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Messaging.Resources.dll [2011/09/16 11:29:18 | 000,077,824 | ---- | M] () MD5=11264DB88D48C245CEB3A12397687FBA -- C:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Messaging.resources.dll [2010/11/04 22:58:09 | 000,258,048 | ---- | M] () MD5=3035497DE3B9208633BC7F3604D781FB -- C:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll [2010/11/04 22:53:32 | 000,237,568 | ---- | M] () MD5=74446FB0C54CB43A279E735F9C335752 -- C:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll [2009/06/28 14:40:55 | 000,016,896 | ---- | M] () MD5=C318263593645D40639837F05B58B83B -- C:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_es_31bf3856ad364e35\System.Printing.resources.dll [2011/09/16 11:29:18 | 000,016,384 | ---- | M] () MD5=CBAF6CF7320F5261F3D40F49FC0AF6A5 -- C:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_pt-BR_31bf3856ad364e35\System.Printing.resources.dll [2010/11/04 22:59:43 | 000,208,896 | ---- | M] () MD5=EEF321A58A2A16A9A523427A4EB0A5E1 -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\system.Resources.dll [2011/09/16 11:29:18 | 000,204,800 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll [2009/06/28 14:40:42 | 000,032,768 | ---- | M] () MD5=E2CD2703330A3115EA6B5ECB1F16CFF0 -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.Resources.dll [2011/09/16 11:29:18 | 000,032,768 | ---- | M] () MD5=994CE27E6981C9C5B9933D3CC031D8D3 -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Runtime.Remoting.resources.dll [2010/11/04 22:58:10 | 000,303,104 | ---- | M] () MD5=1D4DA021B0AD837B35AFB772CC7C636D -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll [2009/06/28 14:40:40 | 000,011,776 | ---- | M] () MD5=FE359C73912BA750FF88E138BAC46E0E -- C:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll [2011/09/16 11:29:18 | 000,011,776 | ---- | M] () MD5=C43DAE106C6E9BB97471BB005C8E429E -- C:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll [2009/06/10 18:23:19 | 000,131,072 | ---- | M] () MD5=C9781DA4EE6A5BBAE271CC0AC4B25D7C -- C:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll [2009/06/28 14:40:55 | 000,098,304 | ---- | M] () MD5=960A8CF535CF4CAA9743E54730EFB980 -- C:\windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_es_b77a5c561934e089\System.RunTime.Serialization.Resources.dll [2011/09/16 11:29:18 | 000,094,208 | ---- | M] () MD5=498F9659B453E5E527CBFF789CC74590 -- C:\windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.RunTime.Serialization.Resources.dll [2010/11/04 22:52:27 | 000,970,752 | ---- | M] () MD5=01D4E1005C901889517EED7F438DB501 -- C:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll [2009/06/28 14:40:40 | 000,028,672 | ---- | M] () MD5=78C5C22D2EE476C8AB00DE4D98B8FE2E -- C:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Security.Resources.dll [2011/09/16 11:29:18 | 000,028,672 | ---- | M] () MD5=E522DFC569DCD21604288B1EF239DBEF -- C:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Security.resources.dll [2010/11/04 22:58:10 | 000,258,048 | ---- | M] () MD5=A15491BE2D672FCDBFEB250E9594D7ED -- C:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll [2009/06/28 14:40:55 | 000,036,864 | ---- | M] () MD5=A3F8D941C829373B5FA0E4AFDC2356E5 -- C:\windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.Install.Resources.dll [2011/09/16 11:29:18 | 000,036,864 | ---- | M] () MD5=345D2602C293719469F06A25D49C5156 -- C:\windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.Install.Resources.dll [2010/11/04 22:52:40 | 000,073,728 | ---- | M] () MD5=4E0883AF9D5B4F2AAFD19F6663CBAF5F -- C:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll [2010/11/04 23:00:13 | 000,471,040 | ---- | M] () MD5=25D6208B3EF62CCB54A8DF6E036AAB25 -- C:\windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.Resources.dll [2011/09/16 11:29:19 | 000,466,944 | ---- | M] () MD5=6933D14CE847582C09982A19B5983387 -- C:\windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.Resources.dll [2010/11/04 22:52:41 | 000,032,768 | ---- | M] () MD5=9A9827B4F896F40607DF8103B9C438C0 -- C:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll [2010/11/04 22:59:55 | 000,069,632 | ---- | M] () MD5=730994A1FE56422D1CC331268592E329 -- C:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_es_31bf3856ad364e35\System.ServiceModel.Web.resources.dll [2011/09/16 11:29:19 | 000,069,632 | ---- | M] () MD5=D3E88726B20C24067EC82E66608EF318 -- C:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.ServiceModel.Web.resources.dll [2010/11/04 22:52:44 | 000,569,344 | ---- | M] () MD5=EA5213E7090668C917EEB947FDC3CD46 -- C:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll [2010/11/04 22:52:30 | 005,988,352 | ---- | M] () MD5=196D093057DE9D765FF8DDFA24215D3B -- C:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll [2009/06/28 14:40:42 | 000,040,960 | ---- | M] () MD5=CC72E1F4CB45038F2F43DF882DA2FA6C -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll [2011/09/16 11:29:19 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll [2010/11/04 22:58:10 | 000,114,688 | ---- | M] () MD5=F68CAFF425A9F37E498193BDDC5CC652 -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll [2010/11/04 23:00:20 | 000,061,440 | ---- | M] () MD5=0F53499CFD981507644ED23E5D0645F7 -- C:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_es_31bf3856ad364e35\System.Speech.resources.dll [2011/09/16 11:29:19 | 000,061,440 | ---- | M] () MD5=EA8B5AC78948844965A4C5CAD950C6AD -- C:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_pt-BR_31bf3856ad364e35\System.Speech.resources.dll [2009/06/10 18:14:45 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- C:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll [2009/06/28 14:40:47 | 000,016,896 | ---- | M] () MD5=032DFADBECAE5485EE461C6F5FEDC3BD -- C:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_es_b77a5c561934e089\System.Transactions.resources.dll [2011/09/16 11:29:19 | 000,016,384 | ---- | M] () MD5=2051E714F252B56C3917544B7913FAA0 -- C:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Transactions.resources.dll [2009/06/28 14:40:55 | 000,003,584 | ---- | M] () MD5=BAE3786283354D3E6541B7A808DF3695 -- C:\windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.Abstractions.Resources.dll [2011/09/16 11:29:19 | 000,003,584 | ---- | M] () MD5=FB7E2454F09A1201A92567C2BD628FAF -- C:\windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.Abstractions.Resources.dll [2010/11/04 22:53:32 | 000,077,824 | ---- | M] () MD5=DE8831D65E92BC50304F37CC75EC31D5 -- C:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll [2009/06/28 14:40:55 | 000,004,096 | ---- | M] () MD5=EA39F215D9EFC620EA104AD41D89C402 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll [2011/09/16 11:29:19 | 000,004,096 | ---- | M] () MD5=21D04A0769BB1CDEF72357BA729962D5 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll [2010/11/04 22:53:32 | 000,032,768 | ---- | M] () MD5=4A1EF32D7C394D8400870C73B40CA2A4 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll [2009/06/28 14:40:55 | 000,016,384 | ---- | M] () MD5=4DEA2AA10CAABD6F21028FA48D12FA42 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.DynamicData.Resources.dll [2011/09/16 11:29:19 | 000,016,384 | ---- | M] () MD5=8ACC6B3E8D1ACC60B245914CD1C23636 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.DynamicData.Resources.dll [2010/11/04 22:53:32 | 000,229,376 | ---- | M] () MD5=054F8B86C1258EDDB833A38B54155CF7 -- C:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll [2009/06/28 14:40:55 | 000,011,264 | ---- | M] () MD5=E38D8E4D95EB83BA4DE5C770EEAB4447 -- C:\windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_es_b77a5c561934e089\System.Web.Entity.Design.Resources.dll [2011/09/16 11:29:19 | 000,020,480 | ---- | M] () MD5=817AE0FA7395CA03F180F45AFF3D3F22 -- C:\windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Web.Entity.Design.Resources.dll [2010/11/04 22:53:32 | 000,131,072 | ---- | M] () MD5=A282147F21B0DB24DB3B3566E828A8AE -- C:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll [2010/11/04 23:00:03 | 000,024,576 | ---- | M] () MD5=BAFF27DED2706A717E0D89AC8FBAA4F2 -- C:\windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_es_b77a5c561934e089\System.Web.Entity.Resources.dll [2011/09/16 11:29:19 | 000,024,576 | ---- | M] () MD5=B9B31605F45699FF3DCEF295A6FF6A57 -- C:\windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_pt-BR_b77a5c561934e089\System.Web.Entity.Resources.dll [2010/11/04 22:53:33 | 000,139,264 | ---- | M] () MD5=A5722B31B8454EE1CC50753C93CFDB4E -- C:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll [2009/06/28 14:40:55 | 000,049,152 | ---- | M] () MD5=DFD227C9CCDD46DEBA4769D7F0479369 -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll [2011/09/16 11:29:19 | 000,049,152 | ---- | M] () MD5=6988BBEBE3FB9C1A6AF4DECCD8DB3B3E -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll [2010/11/04 22:53:33 | 000,335,872 | ---- | M] () MD5=C935E89C6F71F188282632F35A04D0C1 -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll [2009/06/28 14:40:55 | 000,630,784 | ---- | M] () MD5=32D4ECD3358D62129F0C2F62C61DCF68 -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.Extensions.Resources.dll [2011/09/16 11:29:19 | 000,630,784 | ---- | M] () MD5=2C2D2C6B28D869FD79A876E4337AE1E8 -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.Extensions.Resources.dll [2011/12/25 17:42:15 | 001,277,952 | ---- | M] () MD5=58AD1FECFBAEE633D6326377D8E0982E -- C:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll [2010/11/04 22:59:43 | 000,077,824 | ---- | M] () MD5=358C86EC187F21711F37DD9FDBCB1B9E -- C:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll [2011/09/16 11:29:20 | 000,040,960 | ---- | M] () MD5=44376686DF6A74863005B0A49A47C293 -- C:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll [2010/11/04 22:58:11 | 000,835,584 | ---- | M] () MD5=18FDA35C607C486C0D5B91D7DD06CD17 -- C:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll [2009/06/10 18:23:20 | 000,077,824 | ---- | M] () MD5=1CDB3B55F1330F85A674B0B5927399F4 -- C:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll [2010/11/12 20:35:23 | 000,614,400 | ---- | M] () MD5=79BEBE291F080A38F99450B5A4B107F8 -- C:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Web.Resources.dll [2011/09/16 11:29:20 | 000,602,112 | ---- | M] () MD5=982581C36B6D06CC8949E72E225C75A8 -- C:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Web.resources.dll [2009/06/28 14:40:55 | 000,007,168 | ---- | M] () MD5=622D78740A918124808B5BAAB9E2D71A -- C:\windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_es_31bf3856ad364e35\System.Web.Routing.Resources.dll [2011/09/16 11:29:20 | 000,007,168 | ---- | M] () MD5=16ED9A24B1A3F4033FE81DE013F616FF -- C:\windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.Web.Routing.Resources.dll [2010/11/04 22:53:33 | 000,061,440 | ---- | M] () MD5=6D138BD2348457A5097F2772C78FE094 -- C:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll [2009/06/28 14:40:43 | 000,081,920 | ---- | M] () MD5=A36554B5FC34FF7C06C7B41E664656C8 -- C:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Web.Services.Resources.dll [2011/09/16 11:29:20 | 000,081,920 | ---- | M] () MD5=533A860E9076FD762871208E11DDE2BB -- C:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Web.Services.resources.dll [2010/11/04 22:58:12 | 000,839,680 | ---- | M] () MD5=8C0B098B41A27B08D58CAE7A61A3BA19 -- C:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll [2010/11/12 21:02:56 | 000,425,984 | ---- | M] () MD5=005FFF37A56AE29502983C358332CDB1 -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.Resources.dll [2011/09/16 11:29:20 | 000,417,792 | ---- | M] () MD5=CA59141516961660D3978B8A8C384D0B -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Windows.Forms.resources.dll [2012/03/21 19:32:36 | 005,025,792 | ---- | M] () MD5=68CE18072E9CDFE63DD2E083868C7433 -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll [2009/06/28 14:40:55 | 000,003,584 | ---- | M] () MD5=B54597CC62F6671AD4CF7B35328ACA73 -- C:\windows\assembly\GAC_MSIL\System.Windows.Presentation.resources\3.5.0.0_es_b77a5c561934e089\System.Windows.Presentation.resources.dll [2009/06/10 18:15:18 | 000,012,288 | ---- | M] () MD5=1CCEE8037C8EF9A08DD0ADB7E3E38D78 -- C:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll [2009/06/28 14:40:55 | 000,184,320 | ---- | M] () MD5=7124AD7FB21DE88B8702EDC57EC0D966 -- C:\windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_es_31bf3856ad364e35\System.Workflow.Activities.resources.dll [2011/09/16 11:29:20 | 000,184,320 | ---- | M] () MD5=C43DFEA1CCF5C8E2193339A18993972B -- C:\windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_pt-BR_31bf3856ad364e35\System.Workflow.Activities.resources.dll [2010/11/04 22:53:45 | 001,142,784 | ---- | M] () MD5=A422312AE61E44B166FAC615786296A1 -- C:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll [2009/06/28 14:40:55 | 000,311,296 | ---- | M] () MD5=60A8222037A73396CC2AF42E1867088B -- C:\windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_es_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll [2011/09/16 11:29:20 | 000,307,200 | ---- | M] () MD5=959BF567BCCCB9D494E13A4F5324C62F -- C:\windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_pt-BR_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll [2010/11/04 22:53:46 | 001,630,208 | ---- | M] () MD5=BD0B0F768E7E74C5CD7A34B8B4BCC81D -- C:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll [2009/06/28 14:40:55 | 000,036,864 | ---- | M] () MD5=D3046733CD721F3D525586A7AB78C1B4 -- C:\windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_es_31bf3856ad364e35\System.Workflow.Runtime.resources.dll [2011/09/16 11:29:21 | 000,036,864 | ---- | M] () MD5=3DDA13168281DD60F00D4CDF54314071 -- C:\windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_pt-BR_31bf3856ad364e35\System.Workflow.Runtime.resources.dll [2010/11/04 22:53:46 | 000,540,672 | ---- | M] () MD5=32FF0E945F51F5147A8304026B5C19EA -- C:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll [2009/06/28 14:40:55 | 000,102,400 | ---- | M] () MD5=A1DE19FBF0C546303B7862384959249F -- C:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_es_31bf3856ad364e35\System.WorkflowServices.resources.dll [2011/09/16 11:29:21 | 000,102,400 | ---- | M] () MD5=99F81FA0F0BB7D0E0CBE630755EB1E7D -- C:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_pt-BR_31bf3856ad364e35\System.WorkflowServices.resources.dll [2010/11/04 22:52:45 | 000,507,904 | ---- | M] () MD5=CC3B424ED10A8E477B5D466188531F26 -- C:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll [2010/11/04 22:53:34 | 000,139,264 | ---- | M] () MD5=EF6CEBC989FBDAEEB83E5662F1499FC0 -- C:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll [2009/06/28 14:40:47 | 000,163,840 | ---- | M] () MD5=99E813BE88560B52D4F43B05098C6B0E -- C:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_es_b77a5c561934e089\System.xml.Resources.dll [2011/09/16 11:29:21 | 000,159,744 | ---- | M] () MD5=9E2C0F5C9446054F5C8BD58207E2CE23 -- C:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.xml.resources.dll [2010/11/04 22:58:14 | 002,048,000 | ---- | M] () MD5=5B3FA17E1CD6FBBDF41AC34DAEECC256 -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll [2012/01/03 23:51:03 | 003,190,784 | ---- | M] () MD5=5259AD96BE93F3DC9B649759DAC05B7A -- C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll [2009/07/13 23:12:46 | 000,007,168 | ---- | M] () MD5=ABBF43F681EF160CAAB7C41BC289DA06 -- C:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_en_31bf3856ad364e35\TaskScheduler.resources.dll [2010/11/20 09:17:23 | 000,007,680 | ---- | M] () MD5=3C6387B0CFE4E2CBF35EFA1B78A0EA07 -- C:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_es_31bf3856ad364e35\TaskScheduler.resources.dll [2011/09/16 11:29:21 | 000,007,680 | ---- | M] () MD5=838D53F46E3610A1EED4F7AD7798200F -- C:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\TaskScheduler.resources.dll [2010/11/20 09:36:00 | 000,167,936 | ---- | M] () MD5=1D264989FFABEF36745304F5DD216DC7 -- C:\windows\assembly\GAC_MSIL\TaskScheduler\6.1.0.0__31bf3856ad364e35\TaskScheduler.dll [2009/06/28 14:40:55 | 000,004,096 | ---- | M] () MD5=98F3B19999691EEF15253C8B31671338 -- C:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_es_31bf3856ad364e35\UIAutomationClient.resources.dll [2011/09/16 11:29:21 | 000,004,096 | ---- | M] () MD5=7CE0D3939EC965B3463F8BC656280DFA -- C:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_pt-BR_31bf3856ad364e35\UIAutomationClient.resources.dll [2009/06/10 18:14:45 | 000,172,032 | ---- | M] () MD5=3F47DB8D603A84FBF1154901AAC177CD -- C:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll [2009/06/28 14:40:55 | 000,008,192 | ---- | M] () MD5=9A6BCA7C50FAEA7DB468BBE2607A54E1 -- C:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_es_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll [2011/09/16 11:29:21 | 000,008,192 | ---- | M] () MD5=4326C6B825F755919BBCF81FA2E537CB -- C:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_pt-BR_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll [2009/06/10 18:14:46 | 000,380,928 | ---- | M] () MD5=32D7B8CC805D2DA70D01DA89982DCE1D -- C:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll [2009/06/28 14:40:55 | 000,004,096 | ---- | M] () MD5=DE7FA68FF0A8AE558C20D6C4690C5F2B -- C:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_es_31bf3856ad364e35\UIAutomationProvider.resources.dll [2011/09/16 11:29:21 | 000,004,096 | ---- | M] () MD5=FC7F998B613897EFB4CB7DD6AEBD42BE -- C:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_pt-BR_31bf3856ad364e35\UIAutomationProvider.resources.dll [2009/06/10 18:14:46 | 000,040,960 | ---- | M] () MD5=0D2A84FF4383B4F41EDA8B4DE2D45D6C -- C:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll [2009/06/28 14:40:55 | 000,007,168 | ---- | M] () MD5=D7DB7DDDFFFA8706156253D2CBFE91C7 -- C:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_es_31bf3856ad364e35\UIAutomationTypes.resources.dll [2011/09/16 11:29:21 | 000,007,168 | ---- | M] () MD5=12B29C7ADC7964DE4D43F08D8CE5BA38 -- C:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_pt-BR_31bf3856ad364e35\UIAutomationTypes.resources.dll [2009/06/10 18:14:46 | 000,098,304 | ---- | M] () MD5=62DF8C1D169752DF885E44D21309F7E6 -- C:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll [2009/06/28 14:40:55 | 000,090,112 | ---- | M] () MD5=0BE06889933A429FACDEF054010395CF -- C:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_es_31bf3856ad364e35\WindowsBase.resources.dll [2011/09/16 11:29:21 | 000,086,016 | ---- | M] () MD5=8FEAF3106E2A0F41B163B83F662A3C78 -- C:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_pt-BR_31bf3856ad364e35\WindowsBase.resources.dll [2012/02/10 20:31:42 | 001,253,376 | ---- | M] () MD5=9F668404AB36B97B0FF5C4B140A1F1FE -- C:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll [2009/06/28 14:40:55 | 000,004,608 | ---- | M] () MD5=5ACC2411BEC4ADA523062BCA7243DA9E -- C:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_es_31bf3856ad364e35\WindowsFormsIntegration.resources.dll [2011/09/16 11:29:22 | 000,004,608 | ---- | M] () MD5=06CA9F2CD2FC67DC6F61FDC188BDCDB5 -- C:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_pt-BR_31bf3856ad364e35\WindowsFormsIntegration.resources.dll [2009/06/10 18:14:47 | 000,094,208 | ---- | M] () MD5=D9673C241B14E5526A81B3ABAD3FD3BA -- C:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll [2010/11/04 22:52:42 | 000,149,328 | ---- | M] () MD5=8AB248DD85018CC3232D2F20E45A30E7 -- C:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe < %systemroot%\system32\config\systemprofile\AppData\Local\*.* > [2011/12/22 06:38:01 | 000,110,816 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT < %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* > < %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* > [2012/07/01 22:32:25 | 000,059,440 | ---- | M] () -- C:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes > "DefaultScope" = {006ee092-9658-4fd6-bd8e-a21a348e59f5} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] < HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes > "DefaultScope" = {006ee092-9658-4fd6-bd8e-a21a348e59f5} "DownloadRetries" = 0 "DownloadUpdates" = 1 "Version" = 2 "UpgradeTime" = 11 75 FF 01 61 76 CC 01 [binary data] "bProtectorDefaultScope" = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] < MD5 for: CSRSS.EXE > [2009/07/13 22:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe [2009/07/13 22:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe < MD5 for: EXPLORER.EXE > [2009/07/13 22:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009/10/31 02:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2010/11/20 09:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe [2010/11/20 09:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2009/08/03 02:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009/08/03 02:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009/10/31 03:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: SERVICES.EXE > [2009/07/13 22:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe [2009/07/13 22:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe < MD5 for: SMSS.EXE > [2009/07/13 22:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe [2009/07/13 22:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe < MD5 for: SVCHOST.EXE > [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe [2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe < MD5 for: UNINST.EXE > [2009/08/05 20:14:20 | 000,062,976 | ---- | M] () MD5=14EE5040206C91B98B864C07E365CE3C -- C:\Program Files\ASUS\EPC\EeeSplendid\Uninst.exe [2012/02/12 16:41:31 | 000,252,370 | ---- | M] (eCareme Technologies, Inc.) MD5=693721BEA1ECE6786F3E625ABF406482 -- C:\Program Files\ASUS\Asus WebStorage\uninst.exe [2012/01/12 14:04:36 | 000,163,448 | ---- | M] () MD5=865D793F82B7C131C875EECF5654D5FF -- C:\Program Files\ASUS\AsusVibe\uninst.exe [2012/06/12 21:17:03 | 000,087,544 | ---- | M] (VS Revo Group Ltd.) MD5=C91D2962373AE6B473C61C1F4B3596BD -- C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe < MD5 for: USERINIT.EXE > [2010/11/20 09:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 09:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/13 22:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009/07/13 22:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/13 22:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/10/28 03:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 02:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 09:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 09:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009/07/13 22:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < %systemroot%\system32\tasks\*.* /s /64 > [2012/06/12 23:33:47 | 000,003,426 | ---- | M] () -- C:\windows\system32\tasks\bProtector [2012/04/16 16:15:13 | 000,003,796 | ---- | M] () -- C:\windows\system32\tasks\GoogleUpdateTaskMachineCore [2012/04/16 16:15:14 | 000,004,048 | ---- | M] () -- C:\windows\system32\tasks\GoogleUpdateTaskMachineUA [2012/03/24 15:30:40 | 000,003,634 | ---- | M] () -- C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001Core [2012/03/24 15:30:44 | 000,004,030 | ---- | M] () -- C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001UA [2012/06/08 14:33:17 | 000,003,148 | ---- | M] () -- C:\windows\system32\tasks\SidebarExecute [2012/03/07 20:18:57 | 000,003,126 | ---- | M] () -- C:\windows\system32\tasks\{190C51D8-1F36-4877-9B84-D41E372B8BBA} [2012/06/08 14:03:56 | 000,003,274 | ---- | M] () -- C:\windows\system32\tasks\{494023E9-ADA7-4D74-B64A-107F16E9DDE5} [2012/06/03 14:33:23 | 000,004,744 | ---- | M] () -- C:\windows\system32\tasks\Games\UpdateCheck_S-1-5-21-1853207788-3405432505-2801168943-1000 [2012/07/01 14:09:02 | 000,003,856 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan [2012/07/01 14:07:17 | 000,003,404 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows Defender\MpIdleTask [2009/07/14 01:41:15 | 000,004,472 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) [2009/07/14 01:41:15 | 000,003,854 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) [2009/07/14 01:42:10 | 000,002,900 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter [2009/07/14 01:42:10 | 000,003,790 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck [2009/07/14 01:41:45 | 000,003,458 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent [2009/07/14 01:41:45 | 000,003,614 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater [2009/07/14 01:37:26 | 000,003,026 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy [2009/07/14 01:42:29 | 000,001,862 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask [2009/07/14 01:41:10 | 000,004,130 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\SystemTask [2009/07/14 01:41:10 | 000,003,868 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask [2009/07/14 01:53:58 | 000,003,134 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam [2009/07/14 01:42:29 | 000,002,934 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator [2009/07/14 01:41:20 | 000,003,946 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask [2012/07/01 14:04:12 | 000,003,516 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader [2009/07/14 01:41:47 | 000,003,598 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip [2012/06/08 20:58:50 | 000,004,326 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag [2009/07/14 01:42:30 | 000,004,018 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Diagnosis\Scheduled [2009/07/14 01:42:31 | 000,003,554 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications [2011/09/16 12:39:12 | 000,004,036 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Maintenance\WinSAT [2009/07/14 01:41:20 | 000,003,304 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector [2009/07/14 01:41:20 | 000,003,510 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector [2009/07/14 01:42:30 | 000,002,602 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Multimedia\SystemSoundsService [2009/07/14 01:42:09 | 000,002,044 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo [2011/11/28 06:49:10 | 000,002,940 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor [2009/07/14 01:41:30 | 000,003,752 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem [2009/07/14 01:42:30 | 000,004,370 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\RAC\RacTask [2009/07/14 01:37:40 | 000,003,052 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Ras\MobilityManager [2009/07/14 01:42:07 | 000,003,956 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Registry\RegIdleBackup [2009/07/14 01:42:29 | 000,004,596 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask [2009/07/14 01:42:30 | 000,003,616 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControls [2009/07/14 01:54:03 | 000,003,912 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration [2009/07/14 01:37:20 | 000,003,942 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask [2009/07/14 01:46:35 | 000,003,506 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR [2009/07/14 01:41:33 | 000,002,614 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Task Manager\Interactive [2009/07/14 01:41:09 | 000,003,950 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 [2009/07/14 01:41:09 | 000,004,066 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 [2009/07/14 01:41:29 | 000,002,978 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor [2009/07/14 01:37:51 | 000,003,388 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime [2009/07/14 01:37:30 | 000,001,730 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig [2009/07/14 01:41:23 | 000,003,420 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\User Profile Service\HiveUploadTask [2009/07/14 01:37:28 | 000,002,682 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\WDI\ResolutionHost [2009/07/14 01:37:20 | 000,003,048 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting [2009/07/14 01:37:44 | 000,003,290 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange [2009/07/14 01:46:36 | 000,003,304 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary [2009/07/27 07:08:39 | 000,004,330 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification [2009/07/14 01:54:01 | 000,003,532 | ---- | M] () -- C:\windows\system32\tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader < %windir%\tasks\*.* /s > [2012/07/01 21:27:38 | 000,001,048 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/01 23:20:05 | 000,001,052 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/01 15:35:07 | 000,001,014 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001Core.job [2012/07/01 22:35:00 | 000,001,066 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1853207788-3405432505-2801168943-1001UA.job [2012/07/01 13:59:24 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2012/05/29 11:57:12 | 000,032,608 | ---- | M] () -- C:\windows\tasks\SCHEDLGU.TXT ========== Alternate Data Streams ========== @Alternate Data Stream - 212 bytes -> C:\windows\System32\drivers:GbpKmAp.lst @Alternate Data Stream - 2 bytes -> C:\windows\System32:2E419B83_Cef.gbp < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Julho 2, 2012 Bom Dia! Ionara |- Baixe: < AD-Remover > ( ... de C-XX ) |- Ou... < Aqui! > <- Link! |- Salve-o em C:\ ( Disco local ) |- Duplo clique em AD-R.exe |- Para Windows Vista ou 7,dê clique direito no arquivo e execute-o como administrador! |- Aperte a opção "Clean". |- Ao concluir,aceite ou confirme o reboot. |- O computador irá reiniciar! |- Poste o relatório: C:\Ad-Report-CLEAN[1].txt -/- |- Execute o OTL.exe. |- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) :OTL IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} FF - prefs.js..browser.search.defaultenginename: "search the web (babylon)"*/ FF - prefs.js..browser.search.order.1: "search the web (babylon)"*/ FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.selectedengine: "search the web (babylon)"*/ FF - prefs.js..browser.startup.homepage: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=hp&babsrc=lnkry" FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q=" FF - prefs.js..keyword.url: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="*/ FF - user.js - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\Shell - "" = AutoRun O33 - MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell - "" = AutoRun O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\directx\command - "" = G:\DirectX9\dxsetup.exe O33 - MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\Shell\setup\command - "" = G:\instalar.exe O33 - MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\Shell - "" = AutoRun O33 - MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\Shell\AutoRun\command - "" = E:\AutoRun.exe :Files Type C:\windows\system32\tasks\{190C51D8-1F36-4877-9B84-D41E372B8BBA} /C Type C:\windows\system32\tasks\{494023E9-ADA7-4D74-B64A-107F16E9DDE5} /C :reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes] "Gopher"="gopher://" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] ""=""%1" %*" :Commands [CLEARALLRESTOREPOINTS] [purity] [emptytemp] [Reboot] |- Clique no botão Consertar -> Aguarde a conclusão! |- O computador vai reiniciar! -> Clique em "Executar". |- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar. |- Poste o relatório: C:\_OTL\MovedFiles\*.log Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Julho 3, 2012 Boa noite, seguem logs.... ======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 21:35:59 on 02/07/2012, Normal boot Microsoft Windows 7 Starter Service Pack 1 (X86) User@USER-PC (ASUSTeK Computer INC. 1201HA) ============== ACTION(S) ============== (!) -- Temporary files deleted. ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [9.0.1 (pt-BR)] **** Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura) Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk) Searchplugins\twitter.xml (hxxps://twitter.com/search/{searchTerms}) Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca) Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\s5vkdz39.default -- Extensions\helperbar@helperbar.com (Linkury Smartbar) Searchplugins\Web Search.xml (hxxp://feed.helperbar.com/) Prefs.js - browser.search.selectedEngine, Web Search Prefs.js - browser.startup.homepage, hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-... Prefs.js - browser.startup.homepage_override.buildID, 20111220165912 Prefs.js - browser.startup.homepage_override.buildid, 20111220165912 Prefs.js - browser.startup.homepage_override.mstone, rv:9.0.1 Prefs.js - keyword.URL, hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15c... ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.dll) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) BHO\{000123B4-9B42-4900-B3F7-F4B073EFC214} - "Octh Class" (C:\Program Files\Orbitdownloader\orbitcth.dll) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540003} - "GbIehObj Class" (C:\Program Files\GbPlugin\gbiehCef.dll) BHO\{D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - "ASUS Windows 7 Starter Helper" (C:\Program Files\asus\SystemSetting\StarterHelper.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 02/07/2012 21:36:26 (3734 Byte(s)) End at: 21:40:46, 02/07/2012 ============== E.O.F ============== ------------- All processes killed ========== OTL ========== HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully! HKU\S-1-5-21-1853207788-3405432505-2801168943-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! HKEY_USERS\S-1-5-21-1853207788-3405432505-2801168943-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-21-1853207788-3405432505-2801168943-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Prefs.js: "search the web (babylon)"*/ removed from browser.search.defaultenginename Prefs.js: "search the web (babylon)"*/ removed from browser.search.order.1 Prefs.js: "Web Search" removed from browser.search.selectedEngine Prefs.js: "search the web (babylon)"*/ removed from browser.search.selectedengine Prefs.js: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=hp&babsrc=lnkry" removed from browser.startup.homepage Prefs.js: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=28ece9e3-3515-41d1-b18e-15cdcb435642&affid=110774&searchtype=ds&babsrc=lnkry&q=" removed from keyword.URL Prefs.js: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=c6d8a698000000000000e0cb4ea27b89&q="*/ removed from keyword.url Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-1853207788-3405432505-2801168943-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c114ded-f45c-11e0-ac02-1c4bd6037440}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. File G:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. File G:\DirectX9\dxsetup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0d46d907-b1b1-11e1-b08a-c41332706671}\ not found. File G:\instalar.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ef4590b-f4c5-11e0-a8c9-1c4bd6037440}\ not found. File E:\AutoRun.exe not found. ========== FILES ========== < Type C:\windows\system32\tasks\{190C51D8-1F36-4877-9B84-D41E372B8BBA} /C > <?xml version="1.0" encoding="UTF-16"?> <Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"> <RegistrationInfo /> <Triggers> <RegistrationTrigger> <Enabled>true</Enabled> </RegistrationTrigger> </Triggers> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>false</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <Duration>PT10M</Duration> <WaitTimeout>PT1H</WaitTimeout> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>false</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT72H</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context="Author"> <Exec> <Command>C:\windows\system32\pcalua.exe</Command> <Arguments>-a C:\Users\User\Desktop\Metin2_Brasil_v11.exe -d C:\Users\User\Desktop</Arguments> </Exec> </Actions> <Principals> <Principal id="Author"> <UserId>User-PC\User</UserId> <LogonType>InteractiveToken</LogonType> <RunLevel>LeastPrivilege</RunLevel> </Principal> </Principals> </Task> C:\Users\User\Desktop\cmd.bat deleted successfully. C:\Users\User\Desktop\cmd.txt deleted successfully. < Type C:\windows\system32\tasks\{494023E9-ADA7-4D74-B64A-107F16E9DDE5} /C > <?xml version="1.0" encoding="UTF-16"?> <Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"> <RegistrationInfo /> <Triggers> <RegistrationTrigger> <Enabled>true</Enabled> </RegistrationTrigger> </Triggers> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>false</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <Duration>PT10M</Duration> <WaitTimeout>PT1H</WaitTimeout> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>false</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT72H</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context="Author"> <Exec> <Command>C:\windows\system32\pcalua.exe</Command> <Arguments>-a "C:\Users\User\Desktop\My Shared Folder\age of empires iii (castellano) (juego completo) (am).exe" -d "C:\Users\User\Desktop\My Shared Folder"</Arguments> </Exec> </Actions> <Principals> <Principal id="Author"> <UserId>User-PC\User</UserId> <LogonType>InteractiveToken</LogonType> <RunLevel>LeastPrivilege</RunLevel> </Principal> </Principals> </Task> C:\Users\User\Desktop\cmd.bat deleted successfully. C:\Users\User\Desktop\cmd.txt deleted successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: eu ->Temp folder emptied: 39735629 bytes ->Temporary Internet Files folder emptied: 4174118 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 126638071 bytes ->Flash cache emptied: 24597 bytes User: Public User: User ->Temp folder emptied: 379371892 bytes ->Temporary Internet Files folder emptied: 84896932 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 66178617 bytes ->Flash cache emptied: 1362 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1696463 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 670,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07022012_215317 Files\Folders moved on Reboot... File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... [2012/07/02 22:05:54 | 000,000,000 | ---- | M] () C:\windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5 Registry entries deleted on Reboot... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Julho 3, 2012 Boa Noite! Ionara |- Execute o OTL.exe. |- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) :Commands [CLEARALLRESTOREPOINTS] [emptytemp] [Reboot] |- Clique no botão Consertar -> Aguarde a conclusão! |- O computador vai reiniciar! -> Clique em "Executar". |- Abra,novamente,o OTL.exe -> Clique em Limpeza. <-- Confirme! |- Ps: O computador irá reiniciar! -/- |- Seus logs estão limpos! |- Tudo OK? |- Caso queira,execute scan online em Eset. -/- |- Execute escaneamento online em | Eset | |- Utilize o navegador "Internet Explorer",para essa tarefa! |- Siga,conforme a imagem,essa verificação ou scan. |- Ao concluir,marque a caixa "Delete Quarantined files". |- Clique em "Finish". |- <1> C:\Arquivos de programas\EsetOnlineScanner\log.txt |- <2> C:\Arquivos de programas\ESET\EsetOnlineScanner\log.txt |- Poste o relatório que estará em um destes caminhos. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Julho 5, 2012 Boa noite, seguidas as recomendações, é durante o scan com o eset, surgiram 03 arquivos suspeitos, antes de finalizar removi da quarentena, e não localizei o log... mas acredito que está tudo OK Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Julho 5, 2012 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
