Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infested by 10 malwares and cleaned by Malwarebytes


  • This topic is locked This topic is locked
20 replies to this topic

#1 Jecs

Jecs

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 22 July 2010 - 10:08 PM

In 3 of July, when using Avira antivirus my computer was infested by Trojan.downloader, Malware.trace, Trojan. FakeAlert, Trojan. Renos, Disabled. SecurityCenter and more 1 than the Avira stuck. I am using BitDefender now. The computer was clean for the MalwareBytes, but I would like knowing if there were no sequels. The computer is working well.


DDS (Ver_10-03-17.01) - NTFSx86
Run by XP at 15:13:09,53 on qui 22/07/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.419 [GMT -3:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe
C:\Arquivos de programas\BitDefender\BitDefender 2010\vsserv.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\BillP Studios\WinPatrol\winpatrol.exe
C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Arquivos de programas\BitDefender\BitDefender 2010\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\BitDefender\BitDefender 2010\seccenter.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\KeePass Password Safe 2\KeePass.exe
C:\Documents and Settings\XP\Desktop\dds.scr
C:\WINDOWS\system32\wuauclt.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\arquivos de programas\bitdefender\bitdefender 2010\IEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TClockEx] c:\rec. dados\[ntfs]\arquivos de programas\tclockex\TCLOCKEX.EXE
mRun: [WinPatrol] c:\arquivos de programas\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [COMODO Internet Security] "c:\arquivos de programas\comodo\comodo internet security\cfp.exe" -h
mRun: [Malwarebytes' Anti-Malware] "c:\arquivos de programas\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [BDAgent] c:\arquivos de programas\bitdefender\bitdefender 2010\bdagent.exe
mRun: [BitDefender Antiphishing Helper] c:\arquivos de programas\bitdefender\bitdefender 2010\ieshow.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
StartupFolder: c:\docume~1\xp\menuin~1\progra~1\inicia~1\ATALHO~1.LNK -
uPolicies-explorer: EditLevel = 0 (0x0)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276614211953
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276614394218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: {286CF5B2-0150-42D8-B036-0F3EBEDAA8A7} = 156.154.70.22,156.154.71.22
TCP: {C42687A1-A575-4CA0-952D-35CE852245A1} = 156.154.70.22,156.154.71.22
TCP: {CCFB136F-69E9-450E-B9FA-5CBAE98B5BBB} = 156.154.70.22 156.154.71.22
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquivos de programas\microsoft office\office12\GrooveSystemServices.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\xp\dadosd~1\mozilla\firefox\profiles\51p3897q.default\
FF - component: c:\arquivos de programas\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff2.dll
FF - component: c:\arquivos de programas\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff3.6.dll
FF - component: c:\arquivos de programas\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff3.dll
FF - plugin: c:\arquivos de programas\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\arquivos de programas\google\update\1.2.183.27\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\documents and settings\xp\configuraã§ãµes locais\dados de aplicativos\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-6-4 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 25240]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\arquivos de programas\comodo\comodo internet security\cmdagent.exe [2010-6-1 1778480]
R2 MBAMService;MBAMService;c:\arquivos de programas\malwarebytes' anti-malware\mbamservice.exe [2010-6-23 304464]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-2-3 153448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-23 20952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2010-6-14 135664]
S3 Arrakis3;BitDefender Arrakis Server;c:\arquivos de programas\arquivos comuns\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2009-10-19 183880]
S3 cpuz132;cpuz132;\??\c:\docume~1\xp\config~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\xp\config~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-6-25 23456]
S3 OCFFOGKWH;OCFFOGKWH;c:\docume~1\xp\config~1\temp\ocffogkwh.exe --> c:\docume~1\xp\config~1\temp\OCFFOGKWH.exe [?]
S3 OJDCVY;OJDCVY;c:\docume~1\xp\config~1\temp\ojdcvy.exe --> c:\docume~1\xp\config~1\temp\OJDCVY.exe [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WXVAABEQ;WXVAABEQ;c:\docume~1\xp\config~1\temp\wxvaabeq.exe --> c:\docume~1\xp\config~1\temp\WXVAABEQ.exe [?]

=============== Created Last 30 ================

2010-07-21 23:44:43 0 d-----w- c:\arquivos de programas\VS Revo Group
2010-07-21 18:19:47 0 d-----w- c:\docume~1\xp\dadosd~1\Easy Duplicate Finder
2010-07-21 00:09:47 0 d-----w- C:\Recuva
2010-07-20 20:14:20 0 d-----w- C:\Program Files
2010-07-17 15:05:21 0 d-----w- c:\arquivos de programas\PWCracker
2010-07-17 14:56:07 0 d-----w- c:\docume~1\alluse~1\dadosd~1\ParetoLogic
2010-07-17 14:56:07 0 d-----w- c:\arquivos de programas\arquivos comuns\ParetoLogic
2010-07-17 14:56:06 0 d-----w- c:\docume~1\alluse~1\dadosd~1\FileCure
2010-07-17 14:56:04 0 d-----w- c:\arquivos de programas\ParetoLogic
2010-07-16 20:28:24 232 ----a-w- c:\windows\reimage.ini
2010-07-16 20:27:39 0 d-----w- C:\rei
2010-07-16 20:27:31 0 d-----w- c:\arquivos de programas\Reimage
2010-07-07 17:01:37 850 ----a-w- c:\documents and settings\xp\Dados de aplicativosProductTweaks.xml
2010-07-07 17:01:36 385 ----a-w- c:\documents and settings\xp\Dados de aplicativosuser_gensett.xml
2010-07-04 15:23:42 376 ----a-w- c:\documents and settings\xp\Dados de aplicativosprivacy.xml
2010-07-02 19:48:06 69 ----a-w- c:\windows\NeroDigital.ini
2010-07-01 23:20:42 3312 ----a-w- c:\windows\system32\wbem\Outlook_01cb197406591716.mof
2010-07-01 18:40:21 385 ----a-w- c:\windows\system32\user_gensett.xml
2010-07-01 18:38:16 52 ----a-w- c:\windows\system32\ashttpstats.csv
2010-07-01 18:27:23 0 d-----w- c:\docume~1\xp\dadosd~1\BitDefender
2010-07-01 18:27:23 0 d-----w- c:\docume~1\alluse~1\dadosd~1\BitDefender
2010-07-01 18:27:23 0 d-----w- c:\arquivos de programas\BitDefender
2010-07-01 18:25:14 0 d-----w- c:\arquivos de programas\arquivos comuns\BitDefender
2010-06-30 20:08:13 0 dc-h--w- c:\windows\ie8
2010-06-30 16:19:23 0 d-----w- C:\Playboy BR - Anamara BBB10
2010-06-28 14:47:56 352513 ----a-w- c:\windows\system32\savapi3.dll
2010-06-28 14:47:56 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-06-26 01:50:13 0 d-----w- c:\windows\system32\CatRoot2
2010-06-26 01:50:13 0 d-----w- c:\windows\system32\CatRoot
2010-06-25 18:11:11 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-06-24 20:24:17 0 d-----w- c:\arquivos de programas\KeePass Password Safe 2
2010-06-24 18:27:12 0 d-----w- c:\docume~1\alluse~1\dadosd~1\COMODO
2010-06-24 18:23:31 0 d-----w- c:\arquivos de programas\COMODO
2010-06-24 18:20:48 0 d-----w- c:\docume~1\alluse~1\dadosd~1\Comodo Downloader
2010-06-24 12:55:06 0 d-----w- c:\docume~1\xp\dadosd~1\WinPatrol
2010-06-24 12:55:00 0 d-----w- c:\arquivos de programas\BillP Studios
2010-06-23 22:05:43 0 d-----w- c:\docume~1\xp\dadosd~1\Windows Search
2010-06-23 21:58:21 0 d-----w- c:\arquivos de programas\arquivos comuns\Windows Live
2010-06-23 21:51:33 0 d-----w- c:\windows\system32\XPSViewer
2010-06-23 21:50:46 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-23 21:50:46 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-23 21:50:46 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-23 21:50:46 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-23 21:50:46 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-23 21:50:46 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-23 21:50:46 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-23 21:50:45 0 d-----w- C:\108acbfb9eeea7f2b6
2010-06-23 21:45:54 0 d-----w- c:\arquivos de programas\Windows Desktop Search
2010-06-23 21:43:49 0 d-----w- c:\windows\system32\URTTEMP
2010-06-23 19:37:04 0 d-----w- C:\MJWIN
2010-06-23 13:36:33 0 d-----w- c:\docume~1\xp\dadosd~1\Malwarebytes
2010-06-23 13:36:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 13:36:22 0 d-----w- c:\docume~1\alluse~1\dadosd~1\Malwarebytes
2010-06-23 13:36:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-23 13:36:21 0 d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

==================== Find3M ====================

2010-07-17 15:27:57 96860 ----a-w- c:\windows\system32\perfc016.dat
2010-07-17 15:27:57 537184 ----a-w- c:\windows\system32\perfh016.dat
2010-06-22 17:51:05 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-21 21:15:48 47104 --sha-r- c:\windows\system32\mqrt9.dll
2010-06-07 17:40:39 315392 ----a-w- c:\windows\HideWin.exe
2010-06-07 17:39:44 77824 ----a-w- c:\windows\system32\qttask.exe
2010-06-04 21:33:08 21844 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-04 14:55:58 229312 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-06-01 22:00:52 278288 ----a-w- c:\windows\system32\guard32.dll
2010-06-01 22:00:22 25240 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-06-01 22:00:20 15464 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-05-06 10:34:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:08:34 1851392 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 15:18:13,31 ===============

The attachment of ark.txt is in the near post

Attached Files



BC AdBot (Login to Remove)

 


#2 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 22 July 2010 - 10:33 PM

Ark.txt

Attached Files

  • Attached File  ark.txt   498.25KB   4 downloads

Edited by Budapest, 27 July 2010 - 05:51 PM.
Topics merged ~BP


#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:04 AM

Posted 30 July 2010 - 05:13 AM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#4 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 31 July 2010 - 06:48 PM

Hi Mole, I am here

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:04 AM

Posted 31 July 2010 - 06:56 PM

A little trace in the drivers list which we will remove.

We need to execute an OTM script
  1. Please download OTM by OldTimer and save it to your desktop.
  2. Double click the icon on your desktop.
  3. Paste the following code under the area. Do not include the word "Code".
    CODE
    :Services
    OCFFOGKWH
    OJDCVY
    WXVAABEQ
  4. Push the large button.
  5. OTM may ask to reboot the machine. Please do so if asked.
  6. Copy/Paste the contents under the line here in your next reply.
  7. If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
Post the OTM log.


Please download and run OTL, which will do a better scan than DDS
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#6 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 02 August 2010 - 12:59 PM

I m0le! There are the logs.

OTM--------

ÿþ= = = = = = = = = = S E R V I C E S / D R I V E R S = = = = = = = = = =

S e r v i c e O C F F O G K W H s t o p p e d s u c c e s s f u l l y !

S e r v i c e O C F F O G K W H d e l e t e d s u c c e s s f u l l y !

S e r v i c e O J D C V Y s t o p p e d s u c c e s s f u l l y !

S e r v i c e O J D C V Y d e l e t e d s u c c e s s f u l l y !

S e r v i c e W X V A A B E Q s t o p p e d s u c c e s s f u l l y !

S e r v i c e W X V A A B E Q d e l e t e d s u c c e s s f u l l y !



O T M b y O l d T i m e r - V e r s i o n 3 . 1 . 1 5 . 0 l o g c r e a t e d o n 0 8 0 2 2 0 1 0 _ 1 2 2 7 1 3

EXTRAS----------
OTL Extras logfile created on: 2/8/2010 12:54:54 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\XP\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1.023,00 Mb Total Physical Memory | 539,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1534 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,05 Gb Total Space | 82,65 Gb Free Space | 55,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XP-3A6BA1B2A032
Current User Name: XP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Arquivos de programas\ParetoLogic\FileCure\FileCure_noapp.exe %1 (ParetoLogic)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\ARQUIV~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Modo de Compatibilidade (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Arquivos de programas\Messenger\msmsgs.exe" = C:\Arquivos de programas\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Assistente de Conexão do Windows Live ID
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}" = Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack
"{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2DF215E0-BD3C-4C98-8616-AFEF09747285}" = Windows Live Sync
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87A9C015-C2BA-44EE-9C20-6E1A764B8E23}" = Windows Live Galeria de Fotos
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D7A8160-B777-4073-B1BE-62CFDD14A1D3}" = BitDefender Antivirus 2010
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0416-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3.3 - Português
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}" = ParetoLogic FileCure
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C50BF854-E881-434F-9C67-5A73EBB58F06}" = Windows Live Toolbar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CD104A82-D92A-484B-90F9-4CA044315DEC}" = UpdateMyDrivers
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D575FBAA-D6D6-4221-A2C4-67541DB7AB5E}_is1" = Device Doctor 1.0.0.1
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FFF5DEE7-8107-436B-9726-7573458FE6AE}" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"DriverAgent.exe" = DriverAgent by eSupport.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"hp deskjet 3420 series_Driver" = hp deskjet 3420 series
"ie8" = Windows Internet Explorer 8
"JDownloader" = JDownloader
"Karen's Time Sync" = Karen's Time Sync
"Karen's WhoIs" = Karen's WhoIs
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.12
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero PhotoShow Express" = Nero PhotoShow Express
"NeroMultiInstaller!UninstallKey" = Nero Suite
"ophcrack" = ophcrack 3.3.1
"Recuva" = Recuva
"Reimage Repair" = Reimage Repair
"Revo Uninstaller" = Revo Uninstaller 1.89
"Smart Defrag_is1" = Smart Defrag
"SpeedFan" = SpeedFan (remove only)
"UpdateMyDrivers" = UpdateMyDrivers
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPatrol" = WinPatrol
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/7/2010 12:35:30 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: Esta conexão de rede não existe.

Error - 1/7/2010 12:50:10 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 1/7/2010 12:50:10 | Computer Name = XP-3A6BA1B2A032 | Source = MsiInstaller | ID = 1008
Description = A instalação de C:\Documents and Settings\XP\Meus documentos\Downloads\eav_nt32_ptb.msi
não é permitida devido a um erro no processamento da diretiva de restrição de software.
O objeto não é confiável.

Error - 1/7/2010 12:50:22 | Computer Name = XP-3A6BA1B2A032 | Source = MsiInstaller | ID = 11718
Description = Produto: ESET NOD32 Antivirus -- Erro 1718. O arquivo C:\Documents
and Settings\XP\Meus documentos\Downloads\eav_nt32_ptb.msi foi rejeitado devido
à política da assinatura digital.

Error - 1/7/2010 12:51:03 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 1/7/2010 12:51:04 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: Esta conexão de rede não existe.

Error - 1/7/2010 12:52:14 | Computer Name = XP-3A6BA1B2A032 | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.

Error - 1/7/2010 12:52:14 | Computer Name = XP-3A6BA1B2A032 | Source = PerfNet | ID = 2002
Description = Não foi possível abrir o serviço do Redirecionador. Os dados do desempenho
do Redirecionador não serão retornados. O código de erro retornado está no dado
DWORD 0.

Error - 1/7/2010 14:24:31 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: Esta operação foi retornada porque o tempo limite expirou.

Error - 1/7/2010 14:24:31 | Computer Name = XP-3A6BA1B2A032 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: O servidor especificado não pode executar a operação solicitada.

[ System Events ]
Error - 31/7/2010 22:36:14 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Google Update Service (gupdate)
devido ao seguinte erro: %%2

Error - 31/7/2010 22:36:14 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviços IPSEC terminou com o erro: %%1747

Error - 31/7/2010 22:39:29 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Google Update Service (gupdate)
devido ao seguinte erro: %%2

Error - 31/7/2010 22:39:29 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviços IPSEC terminou com o erro: %%1747

Error - 1/8/2010 06:00:37 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Google Update Service (gupdate)
devido ao seguinte erro: %%2

Error - 1/8/2010 06:00:37 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviços IPSEC terminou com o erro: %%1747

Error - 2/8/2010 06:52:38 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Google Update Service (gupdate)
devido ao seguinte erro: %%2

Error - 2/8/2010 06:52:38 | Computer Name = XP-3A6BA1B2A032 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviços IPSEC terminou com o erro: %%1747

Error - 2/8/2010 11:40:50 | Computer Name = XP-3A6BA1B2A032 | Source = ipnathlp | ID = 31008
Description = O agente proxy DNS não pôde ler a lista local de servidores de resolução
de nomes no Registro. Os dados são o código de erro.

Error - 2/8/2010 11:54:11 | Computer Name = XP-3A6BA1B2A032 | Source = ipnathlp | ID = 31008
Description = O agente proxy DNS não pôde ler a lista local de servidores de resolução
de nomes no Registro. Os dados são o código de erro.


< End of report >
OTL in the next post-------


#7 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 02 August 2010 - 01:11 PM

OTL part 1--------

OTL logfile created on: 2/8/2010 12:54:54 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\XP\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1.023,00 Mb Total Physical Memory | 539,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1534 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,05 Gb Total Space | 82,65 Gb Free Space | 55,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XP-3A6BA1B2A032
Current User Name: XP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\XP\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\XP\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\WINDOWS\system32\guard32.dll (COMODO)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (gupdate) Google Update Service (gupdate) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe File not found
SRV - (cmdAgent) -- C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (MBAMService) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (VSSERV) -- C:\Arquivos de programas\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (scan) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (LIVESRV) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV - (Arrakis3) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (wlidsvc) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (cpuz132) -- C:\DOCUME~1\XP\CONFIG~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (Trufos) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.)
DRV - (bdftdif) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BDSelfPr) -- C:\Arquivos de programas\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender)
DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender)
DRV - (bdfm) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: restart@restart.org:0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: compatibility@addons.mozilla.org:0.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2010/06/22 14:51:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/06/24 15:41:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Arquivos de programas\BitDefender\BitDefender 2010\bdaphffext\ [2010/07/26 12:16:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/08/02 07:52:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/08/02 07:51:30 | 000,000,000 | ---D | M]

[2010/07/20 20:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions
[2010/07/20 20:44:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/08/02 07:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions
[2010/07/23 10:41:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/20 22:45:13 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/07/20 22:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/20 22:45:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/20 22:45:10 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/07/20 22:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\personas@christopher.beard
[2010/07/20 22:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\personasexpression@eddiescorpse.private
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/20 20:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\compatibility@addons.mozilla.org
[2010/08/01 21:55:18 | 000,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2010/07/24 09:42:54 | 000,000,000 | ---D | M] (Default) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/22 14:51:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/24 09:42:37 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\browserdirprovider.dll
[2010/07/24 09:42:37 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\brwsrcmp.dll
[2010/06/22 14:51:07 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/24 09:42:46 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll
[2010/06/19 16:34:11 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nppdf32.dll
[2010/07/13 19:02:35 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml
[2010/07/13 19:02:35 | 000,002,371 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\google.xml
[2010/07/13 19:02:35 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml
[2010/07/13 19:02:35 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml
[2010/07/13 19:02:35 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2001/10/28 14:06:36 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Auxiliar de Conexão do Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Arquivos de programas\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Arquivos de programas\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Arquivos de programas\BitDefender\BitDefender 2010\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HP Component Manager] C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Arquivos de programas\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Arquivos de programas\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TClockEx] C:\Arquivos de programas\TClockEx\TCLOCKEX.EXE (Dale Nurden)
O4 - Startup: C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Atalho para velox.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1276614211953 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1276614394218 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Arquivos de programas\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/04 18:36:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 60 Days ==========

[2010/08/02 12:30:13 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.exe
[2010/08/02 12:27:13 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/08/02 11:30:09 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTM.exe
[2010/08/01 08:39:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Access
[2010/07/31 19:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\crypt32
[2010/07/31 17:41:28 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/07/29 19:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2010/07/29 18:35:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Uniblue
[2010/07/29 18:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Uniblue
[2010/07/29 17:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Meus arquivos recebidos
[2010/07/29 16:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Tracing
[2010/07/29 16:49:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office Outlook Connector
[2010/07/29 16:48:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Sync Framework
[2010/07/29 16:47:05 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010/07/29 16:46:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft SQL Server Compact Edition
[2010/07/29 16:45:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft
[2010/07/29 16:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\microsoft
[2010/07/29 16:44:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live SkyDrive
[2010/07/29 16:43:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live
[2010/07/29 15:50:53 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2010/07/29 14:27:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/07/29 14:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/07/29 14:27:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/07/29 12:42:02 | 000,000,000 | ---D | C] -- C:\8559d7b4b32b1cc6c1b886a1562a
[2010/07/28 19:28:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ophcrack
[2010/07/28 14:36:06 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/07/28 14:36:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/07/26 19:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Eros
[2010/07/26 16:17:00 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/07/25 22:06:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\{7108AEAC-32CF-444E-B0C6-55E51DD8B67A}
[2010/07/25 22:06:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\SmartTweak Software
[2010/07/25 21:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\ATI
[2010/07/25 21:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ATI
[2010/07/25 21:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/07/25 21:41:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ATI Technologies
[2010/07/25 21:39:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\6-11-pre-r300_xp-2k_dd_ccc_wdm_38185
[2010/07/25 15:46:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\JDownloader
[2010/07/25 00:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\PackageAware
[2010/07/23 20:54:27 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2010/07/23 17:47:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Meus documentos\Rascunhos do SharePoint
[2010/07/23 08:36:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4r.dll
[2010/07/23 08:36:20 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4a.dll
[2010/07/23 08:36:19 | 000,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2010/07/23 08:36:19 | 000,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2010/07/23 08:36:19 | 000,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2010/07/23 08:36:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\HP
[2010/07/23 08:35:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Overland
[2010/07/23 08:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\HP
[2010/07/22 13:46:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Hewlett-Packard
[2010/07/21 20:44:43 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\VS Revo Group
[2010/07/21 15:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Easy Duplicate Finder
[2010/07/20 21:09:47 | 000,000,000 | ---D | C] -- C:\Recuva
[2010/07/20 17:14:20 | 000,000,000 | ---D | C] -- C:\Program Files
[2010/07/17 12:05:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\PWCracker
[2010/07/17 11:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic
[2010/07/17 11:56:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\ParetoLogic
[2010/07/17 11:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\FileCure
[2010/07/17 11:56:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ParetoLogic
[2010/07/16 17:27:39 | 000,000,000 | ---D | C] -- C:\rei
[2010/07/16 17:27:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Reimage
[2010/07/14 20:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Ahead
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\BitDefender
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\BitDefender
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\BitDefender
[2010/07/01 15:25:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\BitDefender
[2010/06/30 22:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ESET
[2010/06/30 17:08:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/30 13:19:23 | 000,000,000 | ---D | C] -- C:\Playboy BR - Anamara BBB10
[2010/06/29 15:32:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Adobe
[2010/06/29 15:32:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Adobe
[2010/06/28 21:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Help
[2010/06/28 17:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\Técnico Instalador
[2010/06/28 11:47:56 | 000,352,513 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\savapi3.dll
[2010/06/28 11:47:56 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/06/26 16:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Adobe
[2010/06/25 22:50:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/06/25 22:50:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/06/25 15:11:11 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2010/06/25 15:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\eSupport.com
[2010/06/24 17:24:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\KeePass Password Safe 2
[2010/06/24 15:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ApplicationHistory
[2010/06/24 15:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\COMODO
[2010/06/24 15:23:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\COMODO
[2010/06/24 15:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Comodo Downloader
[2010/06/24 09:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\WinPatrol
[2010/06/24 09:55:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\BillP Studios
[2010/06/23 19:05:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Windows Search
[2010/06/23 18:58:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Windows Live
[2010/06/23 18:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/06/23 18:51:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Reference Assemblies
[2010/06/23 18:50:46 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/06/23 18:50:46 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/06/23 18:50:46 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/06/23 18:50:46 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/06/23 18:50:46 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/06/23 18:50:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/06/23 18:50:45 | 000,000,000 | ---D | C] -- C:\108acbfb9eeea7f2b6
[2010/06/23 18:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Identities
[2010/06/23 18:45:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Desktop Search
[2010/06/23 18:43:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/06/23 16:37:04 | 000,000,000 | ---D | C] -- C:\MJWIN
[2010/06/23 10:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Malwarebytes
[2010/06/23 10:36:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/23 10:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
[2010/06/23 10:36:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/23 10:36:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware
[2010/06/22 14:52:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/06/22 14:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sun
[2010/06/22 14:51:51 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2010/06/22 14:51:24 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/06/22 14:51:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/06/22 14:51:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/06/22 14:51:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/06/22 14:51:24 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/06/22 14:51:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Java
[2010/06/22 14:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Sun
[2010/06/22 13:53:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/06/21 16:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\WinRAR
[2010/06/21 16:28:39 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\WinRAR
[2010/06/21 16:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeApp
[2010/06/21 14:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\IObit
[2010/06/21 14:47:09 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\IObit
[2010/06/21 14:44:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Recuva
[2010/06/21 14:37:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\jskeyfinder
[2010/06/21 14:33:17 | 000,000,000 | ---D | C] -- C:\Work
[2010/06/21 14:12:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner
[2010/06/20 10:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Excel
[2010/06/19 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\KeePass
[2010/06/19 22:22:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\SpeedFan
[2010/06/19 21:29:51 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/06/19 21:29:01 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft.NET
[2010/06/19 21:28:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/06/19 13:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/06/19 13:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Application Data
[2010/06/17 19:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Karen's Power Tools
[2010/06/17 19:23:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Karen's Power Tools
[2010/06/17 19:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Karen's Power Tools
[2010/06/17 18:47:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\IECompatCache
[2010/06/17 18:45:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\PrivacIE
[2010/06/16 14:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Snapfish
[2010/06/16 14:08:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\IETldCache
[2010/06/16 13:28:11 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/06/16 13:28:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/06/16 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/06/15 13:13:50 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/06/15 13:10:33 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/06/15 13:03:22 | 002,194,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/06/15 13:03:18 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/06/15 13:03:17 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/06/15 12:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage
[2010/06/15 12:22:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/06/15 12:22:22 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/06/15 12:22:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/06/15 12:19:18 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/06/15 12:19:18 | 000,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/06/15 12:04:38 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/06/14 13:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Google
[2010/06/14 13:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Google
[2010/06/14 11:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/06/13 15:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Adobe
[2010/06/13 14:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla
[2010/06/13 14:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Mozilla
[2010/06/13 14:29:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox
[2010/06/13 11:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Downloads
[2010/06/13 10:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Temp
[2010/06/10 17:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Google
[2010/06/10 17:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Google
[2010/06/10 17:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Google
[2010/06/10 17:20:34 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Google
[2010/06/09 08:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Macromedia
[2010/06/09 08:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Adobe
[2010/06/08 18:03:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/06/08 18:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Simple Star
[2010/06/08 18:02:59 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2010/06/08 18:02:59 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2010/06/08 18:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Ahead
[2010/06/08 18:00:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Nero
[2010/06/08 17:59:00 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010/06/08 17:58:50 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010/06/08 17:58:49 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010/06/08 17:58:49 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010/06/08 17:58:49 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010/06/08 17:58:45 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010/06/08 17:58:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Ahead
[2010/06/08 17:58:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Ahead
[2010/06/08 17:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink
[2010/06/08 17:56:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\CyberLink
[2010/06/08 09:38:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\TClockEx
[2010/06/08 08:29:19 | 000,000,000 | ---D | C] -- C:\Rec. Dados
[2010/06/08 08:28:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/07 15:00:19 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2010/06/07 14:59:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Works
[2010/06/07 14:58:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSBuild
[2010/06/07 14:58:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio
[2010/06/07 14:58:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\DESIGNER
[2010/06/07 14:53:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/06/07 14:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft Help
[2010/06/07 14:52:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office
[2010/06/07 14:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
[2010/06/07 14:51:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/06/07 14:45:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Meus vídeos
[2010/06/07 14:41:30 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/06/07 14:41:30 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/06/07 14:41:28 | 009,709,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010/06/07 14:41:28 | 004,474,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/06/07 14:41:28 | 002,879,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/06/07 14:41:28 | 002,157,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/06/07 14:41:28 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010/06/07 14:41:28 | 000,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2010/06/07 14:41:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/06/07 14:40:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Realtek
[2010/06/07 14:40:39 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010/06/07 14:40:39 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/06/07 14:39:44 | 000,077,824 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\qttask.exe
[2010/06/07 14:39:37 | 000,045,056 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\WNASPI32.DLL
[2010/06/07 14:39:37 | 000,016,877 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2010/06/07 14:39:37 | 000,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.DLL
[2010/06/07 14:39:37 | 000,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.EXE
[2010/06/07 14:37:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/06/07 14:37:39 | 000,122,880 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\directx.cpl
[2010/06/07 14:37:39 | 000,106,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tweakui.cpl
[2010/06/07 14:37:37 | 000,233,472 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\NetSource.ax
[2010/06/07 14:37:37 | 000,196,608 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\NetRender.ax
[2010/06/07 14:37:34 | 000,086,528 | R--- | C] (Fraunhofer) -- C:\WINDOWS\System32\DVDVideo.ax
[2010/06/07 14:37:34 | 000,065,536 | R--- | C] (Fraunhofer) -- C:\WINDOWS\System32\DVDAudio.ax
[2010/06/07 14:37:33 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/06/07 14:37:33 | 000,147,495 | ---- | C] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/06/07 14:37:31 | 004,544,512 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/06/07 14:37:31 | 000,409,600 | ---- | C] (Apple Computer, Inc) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/06/07 14:37:31 | 000,327,736 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QTPlugin.ocx
[2010/06/07 14:37:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2010/06/07 14:37:30 | 000,747,008 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\Indeo4.qtx
[2010/06/07 14:37:30 | 000,692,224 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vsscore.dll
[2010/06/07 14:37:30 | 000,295,936 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QuickTime.cpl
[2010/06/07 14:37:30 | 000,221,184 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vssconf.dll
[2010/06/07 14:37:30 | 000,143,360 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vssv.ax
[2010/06/07 14:37:30 | 000,098,304 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vsscodec.dll
[2010/06/07 14:37:30 | 000,051,200 | ---- | C] (RenderSoft Software.) -- C:\WINDOWS\System32\camcodec.dll
[2010/06/07 14:37:30 | 000,034,304 | ---- | C] (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany) -- C:\WINDOWS\System32\Qpeg32.dll
[2010/06/07 14:37:29 | 000,889,468 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvm2.dll
[2010/06/07 14:37:29 | 000,583,168 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvvd.dll
[2010/06/07 14:37:29 | 000,136,704 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvve.dll
[2010/06/07 14:37:29 | 000,099,840 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvau.dll
[2010/06/07 14:37:29 | 000,077,824 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydv.dll
[2010/06/07 14:37:29 | 000,045,568 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sdvvd.ax
[2010/06/07 14:37:28 | 000,219,648 | R--- | C] (QDesign Corporation) -- C:\WINDOWS\System32\qmpeg.acm
[2010/06/07 14:37:28 | 000,211,968 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\rtmjpgcdc.dll
[2010/06/07 14:37:28 | 000,045,056 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\pclepim1.dll
[2010/06/07 14:37:28 | 000,038,400 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Doveov32.dll
[2010/06/07 14:37:28 | 000,036,864 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\AVI_PASS.ax
[2010/06/07 14:37:27 | 000,360,448 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvwv220.dll
[2010/06/07 14:37:27 | 000,319,488 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvmjpg21.dll
[2010/06/07 14:37:27 | 000,228,864 | R--- | C] (Matsubleepa Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.) -- C:\WINDOWS\System32\idvcodec.dll
[2010/06/07 14:37:27 | 000,196,608 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvljpg20.dll
[2010/06/07 14:37:27 | 000,122,880 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\mirodv2avi.dll
[2010/06/07 14:37:27 | 000,113,152 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Avhal32.dll
[2010/06/07 14:37:27 | 000,099,840 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Avwin32.dll
[2010/06/07 14:37:27 | 000,057,344 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDVenc.dll
[2010/06/07 14:37:27 | 000,050,688 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDV4un.dll
[2010/06/07 14:37:27 | 000,045,056 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDVun.dll
[2010/06/07 14:37:27 | 000,043,008 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDV16un.dll
[2010/06/07 14:37:27 | 000,041,472 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\AVIPR.dll
[2010/06/07 14:37:27 | 000,024,576 | R--- | C] (Matsubleepa Electric Ind.Co.,LTD.) -- C:\WINDOWS\System32\DvWrite.dll
[2010/06/07 14:37:27 | 000,024,064 | R--- | C] (Matsubleepa Electric Ind.Co.,LTD.) -- C:\WINDOWS\System32\DvRead.dll
[2010/06/07 14:37:26 | 001,294,336 | R--- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm
[2010/06/07 14:37:26 | 000,069,632 | R--- | C] (NewTek, Inc) -- C:\WINDOWS\System32\NTCodec.dll
[2010/06/07 14:37:26 | 000,053,248 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTrayLSI.exe
[2010/06/07 14:37:26 | 000,051,712 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMSwitch.ax
[2010/06/07 14:37:25 | 000,422,912 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JP2K32.dll
[2010/06/07 14:37:25 | 000,270,336 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTVMJ.dll
[2010/06/07 14:37:25 | 000,176,128 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Dest.ax
[2010/06/07 14:37:25 | 000,172,032 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Desc.dll
[2010/06/07 14:37:25 | 000,126,976 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Source.ax
[2010/06/07 14:37:25 | 000,063,488 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JP2KdecVFW.ax
[2010/06/07 14:37:25 | 000,062,976 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEGdec.ax
[2010/06/07 14:37:25 | 000,053,248 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTray.exe
[2010/06/07 14:37:25 | 000,051,200 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEGenc.ax
[2010/06/07 14:37:24 | 000,255,488 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEG32.DLL
[2010/06/07 14:37:24 | 000,224,256 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMIJG32.dll
[2010/06/07 14:37:24 | 000,094,208 | R--- | C] (Moonlight Cordless Ltd.) -- C:\WINDOWS\System32\Mpeg2Mux.ax
[2010/06/07 14:37:24 | 000,066,048 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\MIROXL32.DLL
[2010/06/07 14:37:24 | 000,053,248 | R--- | C] (Moonlight Cordless) -- C:\WINDOWS\System32\dumppos.ax
[2010/06/07 14:37:20 | 000,306,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h263_32.ax
[2010/06/07 14:37:19 | 000,277,264 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h261_32.ax
[2010/06/07 14:37:19 | 000,102,492 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\swcmpegvfw.dll
[2010/06/07 14:37:18 | 000,163,932 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\swcjpegvfw.dll
[2010/06/07 14:37:17 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2010/06/07 14:37:17 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2010/06/07 14:37:17 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2010/06/07 14:37:17 | 001,409,119 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\DigiVCap.dll
[2010/06/07 14:37:17 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2010/06/07 14:37:17 | 000,263,680 | R--- | C] (MainConcept) -- C:\WINDOWS\System32\MCDVD_32.DLL
[2010/06/07 14:37:17 | 000,229,464 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\SwcDvvfw.dll
[2010/06/07 14:37:17 | 000,155,734 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\MtxOcx.ocx
[2010/06/07 14:37:17 | 000,098,816 | R--- | C] (MainConcept) -- C:\WINDOWS\System32\mcmjpg32.dll
[2010/06/07 14:37:17 | 000,098,398 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\DGcolorXVFW.dll
[2010/06/07 14:37:17 | 000,094,208 | R--- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2010/06/07 14:37:16 | 000,755,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\Ir50_32.dll
[2010/06/07 14:37:16 | 000,343,552 | R--- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LCodcCMP.dll
[2010/06/07 14:37:16 | 000,294,912 | R--- | C] (InterVideo Inc.) -- C:\WINDOWS\System32\iviaudio.ax
[2010/06/07 14:37:16 | 000,200,192 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qc.dll
[2010/06/07 14:37:16 | 000,183,808 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qcx.dll
[2010/06/07 14:37:16 | 000,094,208 | R--- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mpeg2parser.ax
[2010/06/07 14:37:16 | 000,090,112 | R--- | C] (I-Media) -- C:\WINDOWS\System32\avi_renderer.ax
[2010/06/07 14:37:16 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2010/06/07 14:37:16 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2010/06/07 14:37:16 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2010/06/07 14:37:16 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2010/06/07 14:37:16 | 000,047,616 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2010/06/07 14:37:16 | 000,040,960 | R--- | C] (I-Media) -- C:\WINDOWS\System32\multiple_mpeg2_source.ax
[2010/06/07 14:37:16 | 000,027,648 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_lcs.dll
[2010/06/07 14:37:15 | 000,848,384 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\Ir41_32.ax
[2010/06/07 14:37:15 | 000,756,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.dll
[2010/06/07 14:37:15 | 000,391,168 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\i263_32.drv
[2010/06/07 14:37:15 | 000,338,432 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/06/07 14:37:15 | 000,199,680 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/06/07 14:37:15 | 000,120,320 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010/06/07 14:37:15 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\IMC32.ACM
[2010/06/07 14:37:14 | 000,733,184 | ---- | C] (Gabest) -- C:\WINDOWS\System32\VSFilter.dll
[2010/06/07 14:37:14 | 000,458,752 | ---- | C] (Gabest) -- C:\WINDOWS\System32\subtitlesource.ax
[2010/06/07 14:37:14 | 000,241,664 | ---- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaSplitter.ax
[2010/06/07 14:37:14 | 000,192,512 | ---- | C] (Gabest) -- C:\WINDOWS\System32\vtsreader.ax
[2010/06/07 14:37:14 | 000,188,416 | ---- | C] (Gabest) -- C:\WINDOWS\System32\shoutcastsource.ax
[2010/06/07 14:37:14 | 000,172,032 | ---- | C] (Gabest) -- C:\WINDOWS\System32\streamdrivethru.ax
[2010/06/07 14:37:13 | 000,212,992 | ---- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaMuxer.ax
[2010/06/07 14:37:13 | 000,212,992 | ---- | C] (Gabest) -- C:\WINDOWS\System32\D2VSource.ax
[2010/06/07 14:37:13 | 000,188,416 | ---- | C] (Gabest) -- C:\WINDOWS\System32\cdxareader.ax
[2010/06/07 14:37:13 | 000,172,032 | ---- | C] (Gabest) -- C:\WINDOWS\System32\cddareader.ax
[2010/06/07 14:37:13 | 000,167,936 | ---- | C] (Gabest) -- C:\WINDOWS\System32\flicsource.ax
[2010/06/07 14:37:13 | 000,167,936 | ---- | C] (Gabest) -- C:\WINDOWS\System32\dtsac3source.ax
[2010/06/07 14:37:13 | 000,155,648 | ---- | C] (Gabest) -- C:\WINDOWS\System32\avi2ac3filter.ax
[2010/06/07 14:37:13 | 000,143,360 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwt.dll
[2010/06/07 14:37:13 | 000,143,360 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwd.dll
[2010/06/07 14:37:13 | 000,114,688 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwu.dll
[2010/06/07 14:37:13 | 000,040,960 | R--- | C] (Gabest) -- C:\WINDOWS\System32\Gpeg.dll
[2010/06/07 14:37:13 | 000,036,864 | R--- | C] (Gabest) -- C:\WINDOWS\System32\Glzw.dll
[2010/06/07 14:37:12 | 000,491,520 | ---- | C] (Elecard Ltd.) -- C:\WINDOWS\System32\mpeg2dmx.ax
[2010/06/07 14:37:12 | 000,155,648 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\Sync2Async.ax
[2010/06/07 14:37:12 | 000,110,592 | R--- | C] (Digital Processing Systems Inc.) -- C:\WINDOWS\System32\DpsToAvi.dll
[2010/06/07 14:37:12 | 000,069,632 | R--- | C] (Moonlight Cordless) -- C:\WINDOWS\System32\pva_dmx.ax
[2010/06/07 14:37:12 | 000,065,536 | R--- | C] (Elecard Ltd) -- C:\WINDOWS\System32\ElecardFileListSource.ax
[2010/06/07 14:37:12 | 000,061,440 | R--- | C] (Elecard Ltd.) -- C:\WINDOWS\System32\SimplePump.ax
[2010/06/07 14:37:12 | 000,053,248 | R--- | C] (Digital Processing Systems Inc.) -- C:\WINDOWS\System32\DpsAviCC.dll
[2010/06/07 14:37:12 | 000,045,056 | R--- | C] (Digital Processing Systems Inc) -- C:\WINDOWS\System32\DpsVidCap.drv
[2010/06/07 14:37:12 | 000,026,624 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\pim2null.ax
[2010/06/07 14:37:11 | 000,507,904 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\clvsd.ax
[2010/06/07 14:37:11 | 000,352,256 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\clnav.ax
[2010/06/07 14:37:11 | 000,086,016 | R--- | C] (CyberLink Corporation) -- C:\WINDOWS\System32\claudfx.ax
[2010/06/07 14:37:10 | 000,303,104 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\claud.ax
[2010/06/07 14:37:10 | 000,148,992 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSEDV.DLL
[2010/06/07 14:37:10 | 000,104,448 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSCCDVC.DLL
[2010/06/07 14:37:10 | 000,100,352 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSCdvsd.DLL
[2010/06/07 14:37:10 | 000,062,976 | R--- | C] (Brooktree Corporation) -- C:\WINDOWS\System32\BTVVC32.DRV
[2010/06/07 14:37:10 | 000,032,256 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\cdvccodc.dll
[2010/06/07 14:37:10 | 000,030,208 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\deccdvc.dll
[2010/06/07 14:37:10 | 000,010,752 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\pcdv.acm
[2010/06/07 14:37:09 | 000,315,392 | R--- | C] (Aware Inc.) -- C:\WINDOWS\System32\ICMW_32.DLL
[2010/06/07 14:37:09 | 000,150,016 | R--- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcr2.dll
[2010/06/07 14:37:09 | 000,075,200 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ATIVCR1.DLL
[2010/06/07 14:37:08 | 000,306,176 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\DVcodec.dll
[2010/06/07 14:37:08 | 000,098,304 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\dvsoft.dll
[2010/06/07 14:37:08 | 000,095,232 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\dvavi.dll
[2010/06/07 14:37:08 | 000,079,360 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\Acodec.dll
[2010/06/07 14:37:08 | 000,077,824 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\ASUSASV2.ax
[2010/06/07 14:37:08 | 000,056,832 | R--- | C] (Adaptec Inc.) -- C:\WINDOWS\System32\dvoutput.dll
[2010/06/07 14:37:08 | 000,040,960 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\FLCCODEC32.DLL
[2010/06/07 14:37:08 | 000,032,768 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\wnpapi32.dll
[2010/06/07 14:37:08 | 000,029,696 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\fwcall.dll
[2010/06/07 14:37:08 | 000,024,064 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\AASC32.DLL
[2010/06/07 14:37:08 | 000,016,896 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\flcfile32.dll
[2010/06/07 14:37:08 | 000,008,704 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\Dvc.dll
[2010/06/07 14:37:07 | 000,291,408 | R--- | C] (Hacked With Joy !) -- C:\WINDOWS\System32\DivXa32.acm
[2010/06/07 14:37:07 | 000,112,640 | R--- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010/06/07 14:37:07 | 000,086,016 | R--- | C] (Winnov) -- C:\WINDOWS\System32\WNVPLAY1.DLL
[2010/06/07 14:37:06 | 001,048,576 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010/06/07 14:37:06 | 000,475,136 | R--- | C] (nico) -- C:\WINDOWS\System32\Rududu.dll
[2010/06/07 14:37:06 | 000,446,464 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll
[2010/06/07 14:37:06 | 000,160,256 | R--- | C] (White Pine Software and Paradigm Matrix) -- C:\WINDOWS\System32\pmjpeg32.dll
[2010/06/07 14:37:06 | 000,135,168 | R--- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\L3CODECX.ACM
[2010/06/07 14:37:06 | 000,121,856 | R--- | C] (Kristal Studio) -- C:\WINDOWS\System32\Mp3cnfg.cpl
[2010/06/07 14:37:06 | 000,034,816 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\mpgaudio.ax
[2010/06/07 14:37:06 | 000,034,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2010/06/07 14:37:06 | 000,018,944 | R--- | C] (Kristal Studio) -- C:\WINDOWS\System32\Mp3cnfg.exe
[2010/06/07 14:37:05 | 001,541,120 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010/06/07 14:37:05 | 000,569,344 | R--- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx4.dll
[2010/06/07 14:37:05 | 000,520,704 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec.ax
[2010/06/07 14:37:05 | 000,303,104 | R--- | C] (Etymonix Inc.) -- C:\WINDOWS\System32\ETXCodec.dll
[2010/06/07 14:37:05 | 000,057,344 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Dump.ax
[2010/06/07 14:37:05 | 000,033,280 | R--- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2010/06/07 14:37:04 | 000,414,272 | R--- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32f.dll
[2010/06/07 14:37:04 | 000,414,272 | R--- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32.dll
[2010/06/07 14:37:04 | 000,240,400 | R--- | C] (Hacked With Joy ! ) -- C:\WINDOWS\System32\DivX_c32.ax
[2010/06/07 14:37:04 | 000,155,648 | R--- | C] (Avid Technology, Inc) -- C:\WINDOWS\System32\AvidAVICodec.dll
[2010/06/07 14:37:04 | 000,049,152 | R--- | C] (BST) -- C:\WINDOWS\System32\bfsource.ax
[2010/06/07 14:37:04 | 000,033,280 | R--- | C] (Miguel Angel Horna) -- C:\WINDOWS\System32\DSOUND3D.AX
[2010/06/07 14:37:00 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxVfWCodec.dll
[2010/06/07 14:37:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ACE Mega CoDecS Pack
[2010/06/07 14:36:59 | 000,835,584 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivx.dll
[2010/06/07 14:36:59 | 000,360,448 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSAudioDecoder.ax
[2010/06/07 14:36:59 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSMediaSplitter.ax
[2010/06/07 14:36:59 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSDecoder.ax
[2010/06/07 14:35:35 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2010/06/07 14:35:35 | 000,023,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2010/06/07 14:35:35 | 000,018,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2010/06/07 14:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/06/07 14:35:34 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2010/06/07 14:32:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Realtek Sound Manager
[2010/06/07 14:32:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AvRack
[2010/06/07 14:32:26 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2010/06/07 14:32:25 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2010/06/07 14:32:25 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2010/06/07 14:32:23 | 000,391,424 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2010/06/07 14:32:22 | 000,601,100 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2010/06/07 14:32:21 | 000,065,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2010/06/07 14:32:18 | 005,672,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2010/06/07 14:31:59 | 014,204,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2010/06/07 14:31:57 | 000,208,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2010/06/07 14:31:57 | 000,139,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe
[2010/06/07 14:31:57 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\InstallShield Installation Information
[2010/06/07 14:31:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\InstallShield
[2010/06/07 14:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
[2010/06/07 14:29:35 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Lavalys
[2010/06/07 14:26:32 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/06/04 18:48:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AVG
[2010/06/04 18:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Identities
[2010/06/04 18:44:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Minhas músicas
[2010/06/04 18:44:12 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\Uninstall Information
[2010/06/04 18:44:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Minhas imagens
[2010/06/04 18:44:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Microsoft
[2010/06/04 18:44:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\SendTo
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Recent
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Dados de aplicativos
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Menu Iniciar
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Favoritos
[2010/06/04 18:44:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\Cookies
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Modelos
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Configurações locais
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Ambiente de rede
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Ambiente de impressão
[2010/06/04 18:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop
[2010/06/04 18:41:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/06/04 18:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/06/04 18:41:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/06/04 18:41:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft
[2010/06/04 18:41:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft
[2010/06/04 18:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:39:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/06/04 18:39:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/06/04 18:39:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/06/04 18:39:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/06/04 18:39:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/06/04 18:39:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/06/04 18:38:59 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/06/04 18:38:59 | 000,031,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/06/04 18:38:58 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/06/04 18:38:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/06/04 18:38:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/06/04 18:38:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/06/04 18:38:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/06/04 18:38:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/06/04 18:38:57 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/06/04 18:38:57 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/06/04 18:38:57 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/06/04 18:38:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/06/04 18:38:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/06/04 18:38:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/06/04 18:38:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/06/04 18:38:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/06/04 18:38:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/06/04 18:38:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/06/04 18:38:52 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/06/04 18:38:52 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/06/04 18:38:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/06/04 18:38:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/06/04 18:38:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/06/04 18:38:51 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/06/04 18:38:51 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/06/04 18:38:50 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/06/04 18:38:49 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/06/04 18:38:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/06/04 18:38:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/06/04 18:38:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/06/04 18:38:47 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/06/04 18:38:46 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/06/04 18:38:46 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/06/04 18:38:46 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/06/04 18:38:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/06/04 18:38:46 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/06/04 18:38:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/06/04 18:38:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/06/04 18:38:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/06/04 18:38:45 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/06/04 18:38:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/06/04 18:38:45 | 000,012,800 | ---- | C] (Microsoft Corporation
) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/06/04 18:38:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/06/04 18:38:44 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/06/04 18:38:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/06/04 18:38:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/06/04 18:38:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/06/04 18:38:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/06/04 18:38:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/06/04 18:38:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/06/04 18:38:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/06/04 18:38:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/06/04 18:38:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/06/04 18:38:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/06/04 18:38:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/06/04 18:38:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/06/04 18:38:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/06/04 18:38:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/06/04 18:38:39 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/06/04 18:38:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/06/04 18:38:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/06/04 18:38:37 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/06/04 18:38:37 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/06/04 18:38:37 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/06/04 18:38:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/06/04 18:38:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/06/04 18:38:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/06/04 18:38:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/06/04 18:38:35 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/06/04 18:38:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/06/04 18:38:34 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/06/04 18:38:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/06/04 18:38:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/06/04 18:38:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/06/04 18:38:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/06/04 18:38:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/06/04 18:38:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/06/04 18:38:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/06/04 18:38:30 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/06/04 18:38:30 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/06/04 18:38:30 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/06/04 18:38:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/06/04 18:38:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/06/04 18:38:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/06/04 18:38:28 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/06/04 18:38:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/06/04 18:38:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/06/04 18:38:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/06/04 18:38:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/06/04 18:38:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/06/04 18:38:25 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/06/04 18:38:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/06/04 18:38:22 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/06/04 18:38:22 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/06/04 18:38:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/06/04 18:38:18 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/06/04 18:38:18 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/06/04 18:38:12 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/06/04 18:38:12 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/06/04 18:38:12 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/06/04 18:38:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/06/04 18:38:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/06/04 18:38:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/06/04 18:38:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/06/04 18:38:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/06/04 18:38:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/06/04 18:38:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/06/04 18:38:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/06/04 18:38:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/06/04 18:38:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/06/04 18:38:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/06/04 18:38:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/06/04 18:38:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/06/04 18:38:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/06/04 18:38:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/06/04 18:38:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/06/04 18:38:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/06/04 18:38:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/06/04 18:38:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/06/04 18:38:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/06/04 18:38:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/06/04 18:38:03 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/06/04 18:38:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/06/04 18:38:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/06/04 18:38:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/06/04 18:38:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/06/04 18:38:01 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/06/04 18:38:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/06/04 18:38:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/06/04 18:38:00 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/06/04 18:38:00 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/06/04 18:38:00 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/06/04 18:38:00 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/06/04 18:38:00 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/06/04 18:38:00 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/06/04 18:38:00 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/06/04 18:38:00 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/06/04 18:37:59 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/06/04 18:37:59 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/06/04 18:37:59 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/06/04 18:37:59 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/06/04 18:37:59 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/06/04 18:37:59 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/06/04 18:37:58 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/06/04 18:37:58 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/06/04 18:37:58 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/06/04 18:37:58 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/06/04 18:37:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/06/04 18:37:58 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/06/04 18:37:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/06/04 18:37:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/06/04 18:37:57 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/06/04 18:37:57 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/06/04 18:37:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/06/04 18:37:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/06/04 18:37:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/06/04 18:37:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/06/04 18:37:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/06/04 18:37:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/06/04 18:37:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/06/04 18:37:52 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/06/04 18:37:46 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/06/04 18:37:45 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/06/04 18:37:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/06/04 18:37:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/06/04 18:37:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/06/04 18:37:44 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/06/04 18:37:44 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/06/04 18:37:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/06/04 18:37:43 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/06/04 18:37:43 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/06/04 18:37:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/06/04 18:37:42 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/06/04 18:37:42 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/06/04 18:37:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/06/04 18:37:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/06/04 18:37:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/06/04 18:37:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/06/04 18:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/06/04 18:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/06/04 18:37:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/06/04 18:37:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/06/04 18:37:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/06/04 18:37:41 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/06/04 18:37:41 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/06/04 18:37:41 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/06/04 18:37:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/06/04 18:37:41 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/06/04 18:37:41 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/06/04 18:37:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/06/04 18:37:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/06/04 18:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/06/04 18:37:40 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/06/04 18:37:40 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/06/04 18:37:40 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/06/04 18:37:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/06/04 18:37:40 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/06/04 18:37:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/06/04 18:37:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/06/04 18:37:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/06/04 18:37:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/06/04 18:37:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/06/04 18:37:38 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/06/04 18:37:38 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/06/04 18:37:38 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/06/04 18:37:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/06/04 18:37:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/06/04 18:37:37 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/06/04 18:37:37 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/06/04 18:37:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/06/04 18:37:32 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/06/04 18:37:31 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/06/04 18:37:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/06/04 18:37:30 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/06/04 18:37:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/06/04 18:37:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/06/04 18:37:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/06/04 18:37:29 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/06/04 18:37:28 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/06/04 18:37:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/06/04 18:37:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/06/04 18:37:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/06/04 18:37:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/06/04 18:37:27 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/06/04 18:37:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/06/04 18:37:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/06/04 18:37:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/06/04 18:37:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/06/04 18:37:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/06/04 18:37:25 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/06/04 18:37:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/06/04 18:37:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/06/04 18:37:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/06/04 18:37:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/06/04 18:37:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/06/04 18:37:16 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/06/04 18:37:16 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/06/04 18:37:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/06/04 18:37:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/06/04 18:37:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/06/04 18:37:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/06/04 18:37:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/06/04 18:37:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/06/04 18:37:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/06/04 18:37:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/06/04 18:37:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/06/04 18:37:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/06/04 18:37:09 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/06/04 18:37:09 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/06/04 18:37:09 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/06/04 18:37:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/06/04 18:37:08 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/06/04 18:37:08 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/06/04 18:37:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/06/04 18:37:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/06/04 18:37:04 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/06/04 18:37:04 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/06/04 18:37:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/06/04 18:37:04 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/06/04 18:37:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/06/04 18:37:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/06/04 18:37:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/06/04 18:37:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/06/04 18:37:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/06/04 18:37:03 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/06/04 18:37:03 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/06/04 18:37:03 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/06/04 18:37:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/06/04 18:37:03 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/06/04 18:37:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/06/04 18:37:02 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/06/04 18:37:02 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/06/04 18:37:02 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/06/04 18:37:02 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/06/04 18:37:02 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/06/04 18:37:02 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/06/04 18:37:02 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/06/04 18:37:01 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/06/04 18:37:01 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/06/04 18:37:01 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/06/04 18:37:01 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/06/04 18:37:01 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/06/04 18:37:01 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/06/04 18:37:01 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/06/04 18:37:00 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/06/04 18:37:00 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/06/04 18:37:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/06/04 18:37:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/06/04 18:37:00 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/06/04 18:37:00 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/06/04 18:36:59 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/06/04 18:36:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/06/04 18:36:59 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/06/04 18:36:58 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/06/04 18:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

OTL part 2 in the next post

OTL part 1--------

OTL logfile created on: 2/8/2010 12:54:54 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\XP\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1.023,00 Mb Total Physical Memory | 539,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1534 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,05 Gb Total Space | 82,65 Gb Free Space | 55,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XP-3A6BA1B2A032
Current User Name: XP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\XP\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\BitDefender\BitDefender 2010\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
PRC - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\XP\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\WINDOWS\system32\guard32.dll (COMODO)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Arquivos de programas\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_66\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (gupdate) Google Update Service (gupdate) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe File not found
SRV - (cmdAgent) -- C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (MBAMService) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (VSSERV) -- C:\Arquivos de programas\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (scan) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (LIVESRV) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV - (Arrakis3) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (wlidsvc) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (cpuz132) -- C:\DOCUME~1\XP\CONFIG~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (Trufos) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.)
DRV - (bdftdif) -- C:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BDSelfPr) -- C:\Arquivos de programas\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender)
DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender)
DRV - (bdfm) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: restart@restart.org:0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: compatibility@addons.mozilla.org:0.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2010/06/22 14:51:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/06/24 15:41:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Arquivos de programas\BitDefender\BitDefender 2010\bdaphffext\ [2010/07/26 12:16:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/08/02 07:52:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/08/02 07:51:30 | 000,000,000 | ---D | M]

[2010/07/20 20:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions
[2010/07/20 20:44:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/08/02 07:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions
[2010/07/23 10:41:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/20 22:45:13 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/07/20 22:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/20 22:45:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/20 22:45:10 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/07/20 22:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\personas@christopher.beard
[2010/07/20 22:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\51p3897q.default\extensions\personasexpression@eddiescorpse.private
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/20 20:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/20 20:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Firefox\Profiles\as6frgps.default\extensions\compatibility@addons.mozilla.org
[2010/08/01 21:55:18 | 000,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2010/07/24 09:42:54 | 000,000,000 | ---D | M] (Default) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/22 14:51:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/24 09:42:37 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\browserdirprovider.dll
[2010/07/24 09:42:37 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\brwsrcmp.dll
[2010/06/22 14:51:07 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/24 09:42:46 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll
[2010/06/19 16:34:11 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nppdf32.dll
[2010/07/13 19:02:35 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml
[2010/07/13 19:02:35 | 000,002,371 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\google.xml
[2010/07/13 19:02:35 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml
[2010/07/13 19:02:35 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml
[2010/07/13 19:02:35 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2001/10/28 14:06:36 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Auxiliar de Conexão do Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Arquivos de programas\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Arquivos de programas\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Arquivos de programas\BitDefender\BitDefender 2010\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HP Component Manager] C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Arquivos de programas\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Arquivos de programas\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TClockEx] C:\Arquivos de programas\TClockEx\TCLOCKEX.EXE (Dale Nurden)
O4 - Startup: C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Atalho para velox.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1276614211953 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1276614394218 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Arquivos de programas\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/04 18:36:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 60 Days ==========

[2010/08/02 12:30:13 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.exe
[2010/08/02 12:27:13 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/08/02 11:30:09 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTM.exe
[2010/08/01 08:39:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Access
[2010/07/31 19:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\crypt32
[2010/07/31 17:41:28 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/07/29 19:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2010/07/29 18:35:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Uniblue
[2010/07/29 18:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Uniblue
[2010/07/29 17:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Meus arquivos recebidos
[2010/07/29 16:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Tracing
[2010/07/29 16:49:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office Outlook Connector
[2010/07/29 16:48:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Sync Framework
[2010/07/29 16:47:05 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010/07/29 16:46:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft SQL Server Compact Edition
[2010/07/29 16:45:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft
[2010/07/29 16:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\microsoft
[2010/07/29 16:44:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live SkyDrive
[2010/07/29 16:43:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live
[2010/07/29 15:50:53 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2010/07/29 14:27:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/07/29 14:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/07/29 14:27:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/07/29 12:42:02 | 000,000,000 | ---D | C] -- C:\8559d7b4b32b1cc6c1b886a1562a
[2010/07/28 19:28:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ophcrack
[2010/07/28 14:36:06 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/07/28 14:36:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/07/26 19:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Eros
[2010/07/26 16:17:00 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/07/25 22:06:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\{7108AEAC-32CF-444E-B0C6-55E51DD8B67A}
[2010/07/25 22:06:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\SmartTweak Software
[2010/07/25 21:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\ATI
[2010/07/25 21:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ATI
[2010/07/25 21:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/07/25 21:41:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ATI Technologies
[2010/07/25 21:39:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\6-11-pre-r300_xp-2k_dd_ccc_wdm_38185
[2010/07/25 15:46:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\JDownloader
[2010/07/25 00:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\PackageAware
[2010/07/23 20:54:27 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2010/07/23 17:47:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Meus documentos\Rascunhos do SharePoint
[2010/07/23 08:36:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4r.dll
[2010/07/23 08:36:20 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4a.dll
[2010/07/23 08:36:19 | 000,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2010/07/23 08:36:19 | 000,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2010/07/23 08:36:19 | 000,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2010/07/23 08:36:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\HP
[2010/07/23 08:35:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Overland
[2010/07/23 08:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\HP
[2010/07/22 13:46:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Hewlett-Packard
[2010/07/21 20:44:43 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\VS Revo Group
[2010/07/21 15:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Easy Duplicate Finder
[2010/07/20 21:09:47 | 000,000,000 | ---D | C] -- C:\Recuva
[2010/07/20 17:14:20 | 000,000,000 | ---D | C] -- C:\Program Files
[2010/07/17 12:05:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\PWCracker
[2010/07/17 11:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic
[2010/07/17 11:56:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\ParetoLogic
[2010/07/17 11:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\FileCure
[2010/07/17 11:56:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ParetoLogic
[2010/07/16 17:27:39 | 000,000,000 | ---D | C] -- C:\rei
[2010/07/16 17:27:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Reimage
[2010/07/14 20:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Ahead
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\BitDefender
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\BitDefender
[2010/07/01 15:27:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\BitDefender
[2010/07/01 15:25:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\BitDefender
[2010/06/30 22:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ESET
[2010/06/30 17:08:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/30 13:19:23 | 000,000,000 | ---D | C] -- C:\Playboy BR - Anamara BBB10
[2010/06/29 15:32:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Adobe
[2010/06/29 15:32:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Adobe
[2010/06/28 21:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Help
[2010/06/28 17:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\Técnico Instalador
[2010/06/28 11:47:56 | 000,352,513 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\savapi3.dll
[2010/06/28 11:47:56 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/06/26 16:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Adobe
[2010/06/25 22:50:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/06/25 22:50:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/06/25 15:11:11 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2010/06/25 15:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\eSupport.com
[2010/06/24 17:24:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\KeePass Password Safe 2
[2010/06/24 15:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\ApplicationHistory
[2010/06/24 15:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\COMODO
[2010/06/24 15:23:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\COMODO
[2010/06/24 15:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Comodo Downloader
[2010/06/24 09:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\WinPatrol
[2010/06/24 09:55:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\BillP Studios
[2010/06/23 19:05:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Windows Search
[2010/06/23 18:58:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Windows Live
[2010/06/23 18:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/06/23 18:51:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Reference Assemblies
[2010/06/23 18:50:46 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/06/23 18:50:46 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/06/23 18:50:46 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/06/23 18:50:46 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/06/23 18:50:46 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/06/23 18:50:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/06/23 18:50:45 | 000,000,000 | ---D | C] -- C:\108acbfb9eeea7f2b6
[2010/06/23 18:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Identities
[2010/06/23 18:45:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Desktop Search
[2010/06/23 18:43:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/06/23 16:37:04 | 000,000,000 | ---D | C] -- C:\MJWIN
[2010/06/23 10:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Malwarebytes
[2010/06/23 10:36:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/23 10:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
[2010/06/23 10:36:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/23 10:36:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware
[2010/06/22 14:52:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/06/22 14:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sun
[2010/06/22 14:51:51 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2010/06/22 14:51:24 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/06/22 14:51:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/06/22 14:51:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/06/22 14:51:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/06/22 14:51:24 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/06/22 14:51:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Java
[2010/06/22 14:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Sun
[2010/06/22 13:53:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/06/21 16:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\WinRAR
[2010/06/21 16:28:39 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\WinRAR
[2010/06/21 16:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeApp
[2010/06/21 14:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\IObit
[2010/06/21 14:47:09 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\IObit
[2010/06/21 14:44:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Recuva
[2010/06/21 14:37:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\jskeyfinder
[2010/06/21 14:33:17 | 000,000,000 | ---D | C] -- C:\Work
[2010/06/21 14:12:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner
[2010/06/20 10:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Excel
[2010/06/19 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\KeePass
[2010/06/19 22:22:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\SpeedFan
[2010/06/19 21:29:51 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/06/19 21:29:01 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft.NET
[2010/06/19 21:28:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/06/19 13:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/06/19 13:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Application Data
[2010/06/17 19:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Karen's Power Tools
[2010/06/17 19:23:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Karen's Power Tools
[2010/06/17 19:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Karen's Power Tools
[2010/06/17 18:47:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\IECompatCache
[2010/06/17 18:45:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\PrivacIE
[2010/06/16 14:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Snapfish
[2010/06/16 14:08:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\IETldCache
[2010/06/16 13:28:11 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/06/16 13:28:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/06/16 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/06/15 13:13:50 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/06/15 13:10:33 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/06/15 13:03:22 | 002,194,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/06/15 13:03:18 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/06/15 13:03:17 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/06/15 12:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage
[2010/06/15 12:22:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/06/15 12:22:22 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/06/15 12:22:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/06/15 12:19:18 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/06/15 12:19:18 | 000,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/06/15 12:04:38 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/06/14 13:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Google
[2010/06/14 13:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Google
[2010/06/14 11:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/06/13 15:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Adobe
[2010/06/13 14:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla
[2010/06/13 14:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Mozilla
[2010/06/13 14:29:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox
[2010/06/13 11:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\Downloads
[2010/06/13 10:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Temp
[2010/06/10 17:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Google
[2010/06/10 17:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Google
[2010/06/10 17:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Google
[2010/06/10 17:20:34 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Google
[2010/06/09 08:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Macromedia
[2010/06/09 08:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Adobe
[2010/06/08 18:03:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/06/08 18:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Simple Star
[2010/06/08 18:02:59 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2010/06/08 18:02:59 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2010/06/08 18:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Ahead
[2010/06/08 18:00:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Nero
[2010/06/08 17:59:00 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010/06/08 17:58:50 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010/06/08 17:58:49 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010/06/08 17:58:49 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010/06/08 17:58:49 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010/06/08 17:58:45 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010/06/08 17:58:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Ahead
[2010/06/08 17:58:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Ahead
[2010/06/08 17:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink
[2010/06/08 17:56:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\CyberLink
[2010/06/08 09:38:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\TClockEx
[2010/06/08 08:29:19 | 000,000,000 | ---D | C] -- C:\Rec. Dados
[2010/06/08 08:28:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/07 15:00:19 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2010/06/07 14:59:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Works
[2010/06/07 14:58:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSBuild
[2010/06/07 14:58:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio
[2010/06/07 14:58:31 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\DESIGNER
[2010/06/07 14:53:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/06/07 14:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft Help
[2010/06/07 14:52:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office
[2010/06/07 14:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
[2010/06/07 14:51:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/06/07 14:45:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Meus vídeos
[2010/06/07 14:41:30 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/06/07 14:41:30 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/06/07 14:41:28 | 009,709,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010/06/07 14:41:28 | 004,474,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/06/07 14:41:28 | 002,879,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/06/07 14:41:28 | 002,157,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/06/07 14:41:28 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010/06/07 14:41:28 | 000,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2010/06/07 14:41:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/06/07 14:40:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Realtek
[2010/06/07 14:40:39 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010/06/07 14:40:39 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/06/07 14:39:44 | 000,077,824 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\qttask.exe
[2010/06/07 14:39:37 | 000,045,056 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\WNASPI32.DLL
[2010/06/07 14:39:37 | 000,016,877 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2010/06/07 14:39:37 | 000,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.DLL
[2010/06/07 14:39:37 | 000,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.EXE
[2010/06/07 14:37:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/06/07 14:37:39 | 000,122,880 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\directx.cpl
[2010/06/07 14:37:39 | 000,106,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tweakui.cpl
[2010/06/07 14:37:37 | 000,233,472 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\NetSource.ax
[2010/06/07 14:37:37 | 000,196,608 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\NetRender.ax
[2010/06/07 14:37:34 | 000,086,528 | R--- | C] (Fraunhofer) -- C:\WINDOWS\System32\DVDVideo.ax
[2010/06/07 14:37:34 | 000,065,536 | R--- | C] (Fraunhofer) -- C:\WINDOWS\System32\DVDAudio.ax
[2010/06/07 14:37:33 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/06/07 14:37:33 | 000,147,495 | ---- | C] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/06/07 14:37:31 | 004,544,512 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/06/07 14:37:31 | 000,409,600 | ---- | C] (Apple Computer, Inc) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/06/07 14:37:31 | 000,327,736 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QTPlugin.ocx
[2010/06/07 14:37:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2010/06/07 14:37:30 | 000,747,008 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\Indeo4.qtx
[2010/06/07 14:37:30 | 000,692,224 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vsscore.dll
[2010/06/07 14:37:30 | 000,295,936 | ---- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System32\QuickTime.cpl
[2010/06/07 14:37:30 | 000,221,184 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vssconf.dll
[2010/06/07 14:37:30 | 000,143,360 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vssv.ax
[2010/06/07 14:37:30 | 000,098,304 | ---- | C] (Vanguard Software Solutions, Inc.) -- C:\WINDOWS\System32\vsscodec.dll
[2010/06/07 14:37:30 | 000,051,200 | ---- | C] (RenderSoft Software.) -- C:\WINDOWS\System32\camcodec.dll
[2010/06/07 14:37:30 | 000,034,304 | ---- | C] (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany) -- C:\WINDOWS\System32\Qpeg32.dll
[2010/06/07 14:37:29 | 000,889,468 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvm2.dll
[2010/06/07 14:37:29 | 000,583,168 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvvd.dll
[2010/06/07 14:37:29 | 000,136,704 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvve.dll
[2010/06/07 14:37:29 | 000,099,840 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydvau.dll
[2010/06/07 14:37:29 | 000,077,824 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sonydv.dll
[2010/06/07 14:37:29 | 000,045,568 | R--- | C] (Sony Corporation) -- C:\WINDOWS\System32\sdvvd.ax
[2010/06/07 14:37:28 | 000,219,648 | R--- | C] (QDesign Corporation) -- C:\WINDOWS\System32\qmpeg.acm
[2010/06/07 14:37:28 | 000,211,968 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\rtmjpgcdc.dll
[2010/06/07 14:37:28 | 000,045,056 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\pclepim1.dll
[2010/06/07 14:37:28 | 000,038,400 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Doveov32.dll
[2010/06/07 14:37:28 | 000,036,864 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\AVI_PASS.ax
[2010/06/07 14:37:27 | 000,360,448 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvwv220.dll
[2010/06/07 14:37:27 | 000,319,488 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvmjpg21.dll
[2010/06/07 14:37:27 | 000,228,864 | R--- | C] (Matsubleepa Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.) -- C:\WINDOWS\System32\idvcodec.dll
[2010/06/07 14:37:27 | 000,196,608 | R--- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\pvljpg20.dll
[2010/06/07 14:37:27 | 000,122,880 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\mirodv2avi.dll
[2010/06/07 14:37:27 | 000,113,152 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Avhal32.dll
[2010/06/07 14:37:27 | 000,099,840 | R--- | C] (AuraVision Corporation) -- C:\WINDOWS\System32\Avwin32.dll
[2010/06/07 14:37:27 | 000,057,344 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDVenc.dll
[2010/06/07 14:37:27 | 000,050,688 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDV4un.dll
[2010/06/07 14:37:27 | 000,045,056 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDVun.dll
[2010/06/07 14:37:27 | 000,043,008 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\miroDV16un.dll
[2010/06/07 14:37:27 | 000,041,472 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\AVIPR.dll
[2010/06/07 14:37:27 | 000,024,576 | R--- | C] (Matsubleepa Electric Ind.Co.,LTD.) -- C:\WINDOWS\System32\DvWrite.dll
[2010/06/07 14:37:27 | 000,024,064 | R--- | C] (Matsubleepa Electric Ind.Co.,LTD.) -- C:\WINDOWS\System32\DvRead.dll
[2010/06/07 14:37:26 | 001,294,336 | R--- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm
[2010/06/07 14:37:26 | 000,069,632 | R--- | C] (NewTek, Inc) -- C:\WINDOWS\System32\NTCodec.dll
[2010/06/07 14:37:26 | 000,053,248 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTrayLSI.exe
[2010/06/07 14:37:26 | 000,051,712 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMSwitch.ax
[2010/06/07 14:37:25 | 000,422,912 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JP2K32.dll
[2010/06/07 14:37:25 | 000,270,336 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTVMJ.dll
[2010/06/07 14:37:25 | 000,176,128 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Dest.ax
[2010/06/07 14:37:25 | 000,172,032 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Desc.dll
[2010/06/07 14:37:25 | 000,126,976 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MJ2Source.ax
[2010/06/07 14:37:25 | 000,063,488 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JP2KdecVFW.ax
[2010/06/07 14:37:25 | 000,062,976 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEGdec.ax
[2010/06/07 14:37:25 | 000,053,248 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMTray.exe
[2010/06/07 14:37:25 | 000,051,200 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEGenc.ax
[2010/06/07 14:37:24 | 000,255,488 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\M3JPEG32.DLL
[2010/06/07 14:37:24 | 000,224,256 | R--- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMIJG32.dll
[2010/06/07 14:37:24 | 000,094,208 | R--- | C] (Moonlight Cordless Ltd.) -- C:\WINDOWS\System32\Mpeg2Mux.ax
[2010/06/07 14:37:24 | 000,066,048 | R--- | C] (Pinnacle Systems) -- C:\WINDOWS\System32\MIROXL32.DLL
[2010/06/07 14:37:24 | 000,053,248 | R--- | C] (Moonlight Cordless) -- C:\WINDOWS\System32\dumppos.ax
[2010/06/07 14:37:20 | 000,306,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h263_32.ax
[2010/06/07 14:37:19 | 000,277,264 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h261_32.ax
[2010/06/07 14:37:19 | 000,102,492 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\swcmpegvfw.dll
[2010/06/07 14:37:18 | 000,163,932 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\swcjpegvfw.dll
[2010/06/07 14:37:17 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2010/06/07 14:37:17 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2010/06/07 14:37:17 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2010/06/07 14:37:17 | 001,409,119 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\DigiVCap.dll
[2010/06/07 14:37:17 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2010/06/07 14:37:17 | 000,263,680 | R--- | C] (MainConcept) -- C:\WINDOWS\System32\MCDVD_32.DLL
[2010/06/07 14:37:17 | 000,229,464 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\SwcDvvfw.dll
[2010/06/07 14:37:17 | 000,155,734 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\MtxOcx.ocx
[2010/06/07 14:37:17 | 000,098,816 | R--- | C] (MainConcept) -- C:\WINDOWS\System32\mcmjpg32.dll
[2010/06/07 14:37:17 | 000,098,398 | R--- | C] (Matrox Electronic Systems) -- C:\WINDOWS\System32\DGcolorXVFW.dll
[2010/06/07 14:37:17 | 000,094,208 | R--- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2010/06/07 14:37:16 | 000,755,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\Ir50_32.dll
[2010/06/07 14:37:16 | 000,343,552 | R--- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LCodcCMP.dll
[2010/06/07 14:37:16 | 000,294,912 | R--- | C] (InterVideo Inc.) -- C:\WINDOWS\System32\iviaudio.ax
[2010/06/07 14:37:16 | 000,200,192 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qc.dll
[2010/06/07 14:37:16 | 000,183,808 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qcx.dll
[2010/06/07 14:37:16 | 000,094,208 | R--- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mpeg2parser.ax
[2010/06/07 14:37:16 | 000,090,112 | R--- | C] (I-Media) -- C:\WINDOWS\System32\avi_renderer.ax
[2010/06/07 14:37:16 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2010/06/07 14:37:16 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2010/06/07 14:37:16 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2010/06/07 14:37:16 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2010/06/07 14:37:16 | 000,047,616 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2010/06/07 14:37:16 | 000,040,960 | R--- | C] (I-Media) -- C:\WINDOWS\System32\multiple_mpeg2_source.ax
[2010/06/07 14:37:16 | 000,027,648 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_lcs.dll
[2010/06/07 14:37:15 | 000,848,384 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\Ir41_32.ax
[2010/06/07 14:37:15 | 000,756,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.dll
[2010/06/07 14:37:15 | 000,391,168 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\i263_32.drv
[2010/06/07 14:37:15 | 000,338,432 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/06/07 14:37:15 | 000,199,680 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/06/07 14:37:15 | 000,120,320 | R--- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010/06/07 14:37:15 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\IMC32.ACM
[2010/06/07 14:37:14 | 000,733,184 | ---- | C] (Gabest) -- C:\WINDOWS\System32\VSFilter.dll
[2010/06/07 14:37:14 | 000,458,752 | ---- | C] (Gabest) -- C:\WINDOWS\System32\subtitlesource.ax
[2010/06/07 14:37:14 | 000,241,664 | ---- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaSplitter.ax
[2010/06/07 14:37:14 | 000,192,512 | ---- | C] (Gabest) -- C:\WINDOWS\System32\vtsreader.ax
[2010/06/07 14:37:14 | 000,188,416 | ---- | C] (Gabest) -- C:\WINDOWS\System32\shoutcastsource.ax
[2010/06/07 14:37:14 | 000,172,032 | ---- | C] (Gabest) -- C:\WINDOWS\System32\streamdrivethru.ax
[2010/06/07 14:37:13 | 000,212,992 | ---- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaMuxer.ax
[2010/06/07 14:37:13 | 000,212,992 | ---- | C] (Gabest) -- C:\WINDOWS\System32\D2VSource.ax
[2010/06/07 14:37:13 | 000,188,416 | ---- | C] (Gabest) -- C:\WINDOWS\System32\cdxareader.ax
[2010/06/07 14:37:13 | 000,172,032 | ---- | C] (Gabest) -- C:\WINDOWS\System32\cddareader.ax
[2010/06/07 14:37:13 | 000,167,936 | ---- | C] (Gabest) -- C:\WINDOWS\System32\flicsource.ax
[2010/06/07 14:37:13 | 000,167,936 | ---- | C] (Gabest) -- C:\WINDOWS\System32\dtsac3source.ax
[2010/06/07 14:37:13 | 000,155,648 | ---- | C] (Gabest) -- C:\WINDOWS\System32\avi2ac3filter.ax
[2010/06/07 14:37:13 | 000,143,360 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwt.dll
[2010/06/07 14:37:13 | 000,143,360 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwd.dll
[2010/06/07 14:37:13 | 000,114,688 | R--- | C] (Darim Vision Co.) -- C:\WINDOWS\System32\frwu.dll
[2010/06/07 14:37:13 | 000,040,960 | R--- | C] (Gabest) -- C:\WINDOWS\System32\Gpeg.dll
[2010/06/07 14:37:13 | 000,036,864 | R--- | C] (Gabest) -- C:\WINDOWS\System32\Glzw.dll
[2010/06/07 14:37:12 | 000,491,520 | ---- | C] (Elecard Ltd.) -- C:\WINDOWS\System32\mpeg2dmx.ax
[2010/06/07 14:37:12 | 000,155,648 | R--- | C] (Moonlight) -- C:\WINDOWS\System32\Sync2Async.ax
[2010/06/07 14:37:12 | 000,110,592 | R--- | C] (Digital Processing Systems Inc.) -- C:\WINDOWS\System32\DpsToAvi.dll
[2010/06/07 14:37:12 | 000,069,632 | R--- | C] (Moonlight Cordless) -- C:\WINDOWS\System32\pva_dmx.ax
[2010/06/07 14:37:12 | 000,065,536 | R--- | C] (Elecard Ltd) -- C:\WINDOWS\System32\ElecardFileListSource.ax
[2010/06/07 14:37:12 | 000,061,440 | R--- | C] (Elecard Ltd.) -- C:\WINDOWS\System32\SimplePump.ax
[2010/06/07 14:37:12 | 000,053,248 | R--- | C] (Digital Processing Systems Inc.) -- C:\WINDOWS\System32\DpsAviCC.dll
[2010/06/07 14:37:12 | 000,045,056 | R--- | C] (Digital Processing Systems Inc) -- C:\WINDOWS\System32\DpsVidCap.drv
[2010/06/07 14:37:12 | 000,026,624 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\pim2null.ax
[2010/06/07 14:37:11 | 000,507,904 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\clvsd.ax
[2010/06/07 14:37:11 | 000,352,256 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\clnav.ax
[2010/06/07 14:37:11 | 000,086,016 | R--- | C] (CyberLink Corporation) -- C:\WINDOWS\System32\claudfx.ax
[2010/06/07 14:37:10 | 000,303,104 | R--- | C] (CyberLink Corp.) -- C:\WINDOWS\System32\claud.ax
[2010/06/07 14:37:10 | 000,148,992 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSEDV.DLL
[2010/06/07 14:37:10 | 000,104,448 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSCCDVC.DLL
[2010/06/07 14:37:10 | 000,100,352 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CSCdvsd.DLL
[2010/06/07 14:37:10 | 000,062,976 | R--- | C] (Brooktree Corporation) -- C:\WINDOWS\System32\BTVVC32.DRV
[2010/06/07 14:37:10 | 000,032,256 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\cdvccodc.dll
[2010/06/07 14:37:10 | 000,030,208 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\deccdvc.dll
[2010/06/07 14:37:10 | 000,010,752 | R--- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\pcdv.acm
[2010/06/07 14:37:09 | 000,315,392 | R--- | C] (Aware Inc.) -- C:\WINDOWS\System32\ICMW_32.DLL
[2010/06/07 14:37:09 | 000,150,016 | R--- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcr2.dll
[2010/06/07 14:37:09 | 000,075,200 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ATIVCR1.DLL
[2010/06/07 14:37:08 | 000,306,176 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\DVcodec.dll
[2010/06/07 14:37:08 | 000,098,304 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\dvsoft.dll
[2010/06/07 14:37:08 | 000,095,232 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\dvavi.dll
[2010/06/07 14:37:08 | 000,079,360 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\Acodec.dll
[2010/06/07 14:37:08 | 000,077,824 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\ASUSASV2.ax
[2010/06/07 14:37:08 | 000,056,832 | R--- | C] (Adaptec Inc.) -- C:\WINDOWS\System32\dvoutput.dll
[2010/06/07 14:37:08 | 000,040,960 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\FLCCODEC32.DLL
[2010/06/07 14:37:08 | 000,032,768 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\wnpapi32.dll
[2010/06/07 14:37:08 | 000,029,696 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\fwcall.dll
[2010/06/07 14:37:08 | 000,024,064 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\AASC32.DLL
[2010/06/07 14:37:08 | 000,016,896 | R--- | C] (Autodesk, Inc.) -- C:\WINDOWS\System32\flcfile32.dll
[2010/06/07 14:37:08 | 000,008,704 | R--- | C] (Adaptec) -- C:\WINDOWS\System32\Dvc.dll
[2010/06/07 14:37:07 | 000,291,408 | R--- | C] (Hacked With Joy !) -- C:\WINDOWS\System32\DivXa32.acm
[2010/06/07 14:37:07 | 000,112,640 | R--- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010/06/07 14:37:07 | 000,086,016 | R--- | C] (Winnov) -- C:\WINDOWS\System32\WNVPLAY1.DLL
[2010/06/07 14:37:06 | 001,048,576 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010/06/07 14:37:06 | 000,475,136 | R--- | C] (nico) -- C:\WINDOWS\System32\Rududu.dll
[2010/06/07 14:37:06 | 000,446,464 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll
[2010/06/07 14:37:06 | 000,160,256 | R--- | C] (White Pine Software and Paradigm Matrix) -- C:\WINDOWS\System32\pmjpeg32.dll
[2010/06/07 14:37:06 | 000,135,168 | R--- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\L3CODECX.ACM
[2010/06/07 14:37:06 | 000,121,856 | R--- | C] (Kristal Studio) -- C:\WINDOWS\System32\Mp3cnfg.cpl
[2010/06/07 14:37:06 | 000,034,816 | R--- | C] (MyCompanyName) -- C:\WINDOWS\System32\mpgaudio.ax
[2010/06/07 14:37:06 | 000,034,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2010/06/07 14:37:06 | 000,018,944 | R--- | C] (Kristal Studio) -- C:\WINDOWS\System32\Mp3cnfg.exe
[2010/06/07 14:37:05 | 001,541,120 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010/06/07 14:37:05 | 000,569,344 | R--- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx4.dll
[2010/06/07 14:37:05 | 000,520,704 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec.ax
[2010/06/07 14:37:05 | 000,303,104 | R--- | C] (Etymonix Inc.) -- C:\WINDOWS\System32\ETXCodec.dll
[2010/06/07 14:37:05 | 000,057,344 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Dump.ax
[2010/06/07 14:37:05 | 000,033,280 | R--- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2010/06/07 14:37:04 | 000,414,272 | R--- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32f.dll
[2010/06/07 14:37:04 | 000,414,272 | R--- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32.dll
[2010/06/07 14:37:04 | 000,240,400 | R--- | C] (Hacked With Joy ! ) -- C:\WINDOWS\System32\DivX_c32.ax
[2010/06/07 14:37:04 | 000,155,648 | R--- | C] (Avid Technology, Inc) -- C:\WINDOWS\System32\AvidAVICodec.dll
[2010/06/07 14:37:04 | 000,049,152 | R--- | C] (BST) -- C:\WINDOWS\System32\bfsource.ax
[2010/06/07 14:37:04 | 000,033,280 | R--- | C] (Miguel Angel Horna) -- C:\WINDOWS\System32\DSOUND3D.AX
[2010/06/07 14:37:00 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxVfWCodec.dll
[2010/06/07 14:37:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ACE Mega CoDecS Pack
[2010/06/07 14:36:59 | 000,835,584 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivx.dll
[2010/06/07 14:36:59 | 000,360,448 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSAudioDecoder.ax
[2010/06/07 14:36:59 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSMediaSplitter.ax
[2010/06/07 14:36:59 | 000,339,968 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSDecoder.ax
[2010/06/07 14:35:35 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2010/06/07 14:35:35 | 000,023,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2010/06/07 14:35:35 | 000,018,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2010/06/07 14:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/06/07 14:35:34 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2010/06/07 14:32:37 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Realtek Sound Manager
[2010/06/07 14:32:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AvRack
[2010/06/07 14:32:26 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2010/06/07 14:32:25 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2010/06/07 14:32:25 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2010/06/07 14:32:23 | 000,391,424 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2010/06/07 14:32:22 | 000,601,100 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2010/06/07 14:32:21 | 000,065,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2010/06/07 14:32:18 | 005,672,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2010/06/07 14:31:59 | 014,204,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2010/06/07 14:31:57 | 000,208,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2010/06/07 14:31:57 | 000,139,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe
[2010/06/07 14:31:57 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\InstallShield Installation Information
[2010/06/07 14:31:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\InstallShield
[2010/06/07 14:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
[2010/06/07 14:29:35 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Lavalys
[2010/06/07 14:26:32 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/06/04 18:48:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AVG
[2010/06/04 18:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Identities
[2010/06/04 18:44:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Minhas músicas
[2010/06/04 18:44:12 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\Uninstall Information
[2010/06/04 18:44:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos\Minhas imagens
[2010/06/04 18:44:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Dados de aplicativos\Microsoft
[2010/06/04 18:44:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\SendTo
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Recent
[2010/06/04 18:44:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Dados de aplicativos
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Meus documentos
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Menu Iniciar
[2010/06/04 18:44:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\XP\Favoritos
[2010/06/04 18:44:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\Cookies
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Modelos
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Configurações locais
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Ambiente de rede
[2010/06/04 18:44:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\XP\Ambiente de impressão
[2010/06/04 18:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop
[2010/06/04 18:41:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/06/04 18:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/06/04 18:41:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/06/04 18:41:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft
[2010/06/04 18:41:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft
[2010/06/04 18:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft
[2010/06/04 18:39:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/06/04 18:39:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/06/04 18:39:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/06/04 18:39:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/06/04 18:39:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/06/04 18:39:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/06/04 18:38:59 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/06/04 18:38:59 | 000,031,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/06/04 18:38:58 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/06/04 18:38:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/06/04 18:38:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/06/04 18:38:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/06/04 18:38:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/06/04 18:38:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/06/04 18:38:57 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/06/04 18:38:57 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/06/04 18:38:57 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/06/04 18:38:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/06/04 18:38:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/06/04 18:38:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/06/04 18:38:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/06/04 18:38:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/06/04 18:38:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/06/04 18:38:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/06/04 18:38:52 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/06/04 18:38:52 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/06/04 18:38:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/06/04 18:38:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/06/04 18:38:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/06/04 18:38:51 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/06/04 18:38:51 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/06/04 18:38:50 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/06/04 18:38:49 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/06/04 18:38:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/06/04 18:38:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/06/04 18:38:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/06/04 18:38:47 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/06/04 18:38:46 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/06/04 18:38:46 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/06/04 18:38:46 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/06/04 18:38:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/06/04 18:38:46 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/06/04 18:38:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/06/04 18:38:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/06/04 18:38:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/06/04 18:38:45 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/06/04 18:38:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/06/04 18:38:45 | 000,012,800 | ---- | C] (Microsoft Corporation
) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/06/04 18:38:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/06/04 18:38:44 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/06/04 18:38:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/06/04 18:38:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/06/04 18:38:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/06/04 18:38:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/06/04 18:38:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/06/04 18:38:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/06/04 18:38:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/06/04 18:38:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/06/04 18:38:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/06/04 18:38:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/06/04 18:38:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/06/04 18:38:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/06/04 18:38:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/06/04 18:38:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/06/04 18:38:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/06/04 18:38:39 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/06/04 18:38:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/06/04 18:38:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/06/04 18:38:37 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/06/04 18:38:37 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/06/04 18:38:37 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/06/04 18:38:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/06/04 18:38:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/06/04 18:38:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/06/04 18:38:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/06/04 18:38:35 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/06/04 18:38:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/06/04 18:38:34 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/06/04 18:38:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/06/04 18:38:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/06/04 18:38:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/06/04 18:38:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/06/04 18:38:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/06/04 18:38:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/06/04 18:38:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/06/04 18:38:30 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/06/04 18:38:30 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/06/04 18:38:30 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/06/04 18:38:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/06/04 18:38:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/06/04 18:38:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/06/04 18:38:28 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/06/04 18:38:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/06/04 18:38:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/06/04 18:38:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/06/04 18:38:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/06/04 18:38:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/06/04 18:38:25 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/06/04 18:38:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/06/04 18:38:22 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/06/04 18:38:22 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/06/04 18:38:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/06/04 18:38:18 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/06/04 18:38:18 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/06/04 18:38:12 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/06/04 18:38:12 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/06/04 18:38:12 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/06/04 18:38:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/06/04 18:38:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/06/04 18:38:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/06/04 18:38:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/06/04 18:38:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/06/04 18:38:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/06/04 18:38:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/06/04 18:38:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/06/04 18:38:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/06/04 18:38:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/06/04 18:38:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/06/04 18:38:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/06/04 18:38:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/06/04 18:38:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/06/04 18:38:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/06/04 18:38:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/06/04 18:38:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/06/04 18:38:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/06/04 18:38:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/06/04 18:38:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/06/04 18:38:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/06/04 18:38:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/06/04 18:38:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/06/04 18:38:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/06/04 18:38:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/06/04 18:38:03 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/06/04 18:38:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/06/04 18:38:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/06/04 18:38:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/06/04 18:38:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/06/04 18:38:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/06/04 18:38:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/06/04 18:38:01 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/06/04 18:38:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/06/04 18:38:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/06/04 18:38:00 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/06/04 18:38:00 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/06/04 18:38:00 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/06/04 18:38:00 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/06/04 18:38:00 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/06/04 18:38:00 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/06/04 18:38:00 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/06/04 18:38:00 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/06/04 18:37:59 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/06/04 18:37:59 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/06/04 18:37:59 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/06/04 18:37:59 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/06/04 18:37:59 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/06/04 18:37:59 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/06/04 18:37:58 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/06/04 18:37:58 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/06/04 18:37:58 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/06/04 18:37:58 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/06/04 18:37:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/06/04 18:37:58 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/06/04 18:37:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/06/04 18:37:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/06/04 18:37:57 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/06/04 18:37:57 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/06/04 18:37:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/06/04 18:37:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/06/04 18:37:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/06/04 18:37:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/06/04 18:37:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/06/04 18:37:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/06/04 18:37:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/06/04 18:37:52 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/06/04 18:37:46 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/06/04 18:37:45 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/06/04 18:37:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/06/04 18:37:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/06/04 18:37:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/06/04 18:37:44 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/06/04 18:37:44 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/06/04 18:37:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/06/04 18:37:43 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/06/04 18:37:43 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/06/04 18:37:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/06/04 18:37:42 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/06/04 18:37:42 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/06/04 18:37:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/06/04 18:37:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/06/04 18:37:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/06/04 18:37:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/06/04 18:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/06/04 18:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/06/04 18:37:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/06/04 18:37:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/06/04 18:37:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/06/04 18:37:41 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/06/04 18:37:41 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/06/04 18:37:41 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/06/04 18:37:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/06/04 18:37:41 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/06/04 18:37:41 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/06/04 18:37:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/06/04 18:37:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/06/04 18:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/06/04 18:37:40 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/06/04 18:37:40 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/06/04 18:37:40 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/06/04 18:37:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/06/04 18:37:40 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/06/04 18:37:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/06/04 18:37:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/06/04 18:37:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/06/04 18:37:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/06/04 18:37:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/06/04 18:37:38 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/06/04 18:37:38 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/06/04 18:37:38 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/06/04 18:37:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/06/04 18:37:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/06/04 18:37:37 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/06/04 18:37:37 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/06/04 18:37:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/06/04 18:37:32 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/06/04 18:37:31 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/06/04 18:37:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/06/04 18:37:30 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/06/04 18:37:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/06/04 18:37:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/06/04 18:37:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/06/04 18:37:29 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/06/04 18:37:28 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/06/04 18:37:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/06/04 18:37:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/06/04 18:37:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/06/04 18:37:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/06/04 18:37:27 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/06/04 18:37:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/06/04 18:37:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/06/04 18:37:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/06/04 18:37:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/06/04 18:37:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/06/04 18:37:25 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/06/04 18:37:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/06/04 18:37:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/06/04 18:37:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/06/04 18:37:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/06/04 18:37:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/06/04 18:37:16 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/06/04 18:37:16 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/06/04 18:37:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/06/04 18:37:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/06/04 18:37:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/06/04 18:37:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/06/04 18:37:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/06/04 18:37:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/06/04 18:37:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/06/04 18:37:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/06/04 18:37:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/06/04 18:37:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/06/04 18:37:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/06/04 18:37:09 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/06/04 18:37:09 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/06/04 18:37:09 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/06/04 18:37:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/06/04 18:37:08 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/06/04 18:37:08 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/06/04 18:37:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/06/04 18:37:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/06/04 18:37:04 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/06/04 18:37:04 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/06/04 18:37:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/06/04 18:37:04 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/06/04 18:37:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/06/04 18:37:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/06/04 18:37:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/06/04 18:37:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/06/04 18:37:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/06/04 18:37:03 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/06/04 18:37:03 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/06/04 18:37:03 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/06/04 18:37:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/06/04 18:37:03 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/06/04 18:37:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/06/04 18:37:02 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/06/04 18:37:02 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/06/04 18:37:02 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/06/04 18:37:02 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/06/04 18:37:02 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/06/04 18:37:02 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/06/04 18:37:02 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/06/04 18:37:01 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/06/04 18:37:01 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/06/04 18:37:01 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/06/04 18:37:01 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/06/04 18:37:01 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/06/04 18:37:01 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/06/04 18:37:01 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/06/04 18:37:00 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/06/04 18:37:00 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/06/04 18:37:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/06/04 18:37:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/06/04 18:37:00 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/06/04 18:37:00 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/06/04 18:36:59 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/06/04 18:36:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/06/04 18:36:59 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/06/04 18:36:58 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/06/04 18:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

OTL part 2 in the next post

#8 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 02 August 2010 - 01:15 PM

OTL part 2--------


[2010/06/04 18:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/06/04 18:36:57 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\xerox
[2010/06/04 18:36:57 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\microsoft frontpage
[2010/06/04 18:36:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/06/04 18:35:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/06/04 18:35:10 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\WindowsUpdate
[2010/06/04 18:35:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Serviços on-line
[2010/06/04 18:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/06/04 18:34:44 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/06/04 18:34:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/06/04 18:34:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/06/04 18:34:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/06/04 18:34:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/06/04 18:34:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/06/04 18:34:36 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/06/04 18:34:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/06/04 18:34:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/06/04 18:34:35 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/06/04 18:34:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/06/04 18:34:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/06/04 18:34:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/06/04 18:34:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/06/04 18:34:34 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Serviços
[2010/06/04 18:34:31 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/06/04 18:34:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/06/04 18:34:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/06/04 18:34:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/06/04 18:34:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/06/04 18:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/06/04 18:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/06/04 18:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/06/04 18:34:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/06/04 18:34:30 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/06/04 18:34:30 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/06/04 18:34:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\MSSoap
[2010/06/04 18:34:27 | 000,727,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/06/04 18:34:27 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/06/04 18:34:26 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/06/04 18:34:26 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/06/04 18:34:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/06/04 18:34:25 | 001,674,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/06/04 18:34:25 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/06/04 18:34:25 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/06/04 18:34:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/06/04 18:34:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/06/04 18:34:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/06/04 18:34:24 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/06/04 18:34:24 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/06/04 18:34:24 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/06/04 18:34:24 | 000,209,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/06/04 18:34:24 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/06/04 18:34:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/06/04 18:34:24 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/06/04 18:34:23 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/06/04 18:34:23 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/06/04 18:34:23 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/06/04 18:34:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/06/04 18:34:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/06/04 18:34:23 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/06/04 18:34:23 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/06/04 18:34:23 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/06/04 18:34:23 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/06/04 18:34:23 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/06/04 18:34:23 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/06/04 18:34:23 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/06/04 18:34:23 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/06/04 18:34:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/06/04 18:34:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/06/04 18:34:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/06/04 18:34:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/06/04 18:34:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/06/04 18:34:22 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/06/04 18:34:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/06/04 18:34:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/06/04 18:34:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/06/04 18:34:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/06/04 18:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/06/04 18:34:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/06/04 18:34:20 | 004,274,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/06/04 18:34:20 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/06/04 18:34:20 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/06/04 18:34:20 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/06/04 18:34:20 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/06/04 18:34:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/06/04 18:34:19 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/06/04 18:34:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Movie Maker
[2010/06/04 18:34:05 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/06/04 18:34:05 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/06/04 18:34:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/06/04 18:34:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/06/04 18:34:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/06/04 18:34:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/06/04 18:34:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/06/04 18:34:01 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/06/04 18:34:01 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/06/04 18:34:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/06/04 18:34:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/06/04 18:34:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/06/04 18:34:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/06/04 18:34:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/06/04 18:34:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/06/04 18:34:01 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/06/04 18:34:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/06/04 18:34:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/06/04 18:33:59 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/06/04 18:33:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/06/04 18:33:59 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/06/04 18:33:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/06/04 18:33:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/06/04 18:33:57 | 000,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/06/04 18:33:57 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/06/04 18:33:57 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/06/04 18:33:57 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/06/04 18:33:57 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/06/04 18:33:57 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/06/04 18:33:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/06/04 18:33:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/06/04 18:33:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/06/04 18:33:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/06/04 18:33:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/06/04 18:33:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/06/04 18:33:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/06/04 18:33:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/06/04 18:33:56 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/06/04 18:33:56 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/06/04 18:33:56 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/06/04 18:33:56 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/06/04 18:33:56 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/06/04 18:33:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/06/04 18:33:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/06/04 18:33:55 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/06/04 18:33:55 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/06/04 18:33:55 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/06/04 18:33:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/06/04 18:33:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/06/04 18:33:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/06/04 18:33:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/06/04 18:33:54 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/06/04 18:33:54 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/06/04 18:33:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/06/04 18:33:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/06/04 18:33:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/06/04 18:33:54 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/06/04 18:33:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/06/04 18:33:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/06/04 18:33:53 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/06/04 18:33:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/06/04 18:33:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/06/04 18:33:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/06/04 18:33:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/06/04 18:33:53 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/06/04 18:33:53 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NetMeeting
[2010/06/04 18:33:52 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/06/04 18:33:52 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/06/04 18:33:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/06/04 18:33:52 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/06/04 18:33:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/06/04 18:33:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/06/04 18:33:52 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/06/04 18:33:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/06/04 18:33:51 | 002,512,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/06/04 18:33:51 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/06/04 18:33:51 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/06/04 18:33:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/06/04 18:33:50 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/06/04 18:33:50 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/06/04 18:33:50 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/06/04 18:33:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/06/04 18:33:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Outlook Express
[2010/06/04 18:33:49 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/06/04 18:33:49 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/06/04 18:33:49 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/06/04 18:33:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/06/04 18:33:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/06/04 18:33:49 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/06/04 18:33:49 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/06/04 18:33:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/06/04 18:33:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/06/04 18:33:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/06/04 18:33:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/06/04 18:33:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/06/04 18:33:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/06/04 18:33:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/06/04 18:33:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/06/04 18:33:47 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/06/04 18:33:47 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/06/04 18:33:47 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/06/04 18:33:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/06/04 18:33:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/06/04 18:33:46 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/06/04 18:33:46 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/06/04 18:33:46 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/06/04 18:33:46 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/06/04 18:33:46 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/06/04 18:33:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/06/04 18:33:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/06/04 18:33:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/06/04 18:33:45 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/06/04 18:33:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/06/04 18:33:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/06/04 18:33:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/06/04 18:33:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/06/04 18:33:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/06/04 18:33:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/06/04 18:33:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/06/04 18:33:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/06/04 18:33:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/06/04 18:33:44 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/06/04 18:33:44 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/06/04 18:33:44 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/06/04 18:33:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/06/04 18:33:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/06/04 18:33:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/06/04 18:33:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/06/04 18:33:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/06/04 18:33:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/06/04 18:33:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/06/04 18:33:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/06/04 18:33:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/06/04 18:33:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/06/04 18:33:43 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/06/04 18:33:43 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/06/04 18:33:43 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/06/04 18:33:43 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/06/04 18:33:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/06/04 18:33:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/06/04 18:33:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/06/04 18:33:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/06/04 18:33:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/06/04 18:33:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/06/04 18:33:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/06/04 18:33:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/06/04 18:33:43 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\System
[2010/06/04 18:33:42 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/06/04 18:33:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/06/04 18:33:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/06/04 18:33:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Internet Explorer
[2010/06/04 18:33:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas imagens
[2010/06/04 18:33:01 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ComPlus Applications
[2010/06/04 18:32:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/06/04 18:32:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Connect 2
[2010/06/04 18:32:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Player
[2010/06/04 18:32:39 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Messenger
[2010/06/04 18:32:38 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/06/04 18:32:38 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/06/04 18:32:38 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/06/04 18:32:38 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/06/04 18:32:38 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/06/04 18:32:38 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/06/04 18:32:37 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/06/04 18:32:37 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/06/04 18:32:37 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/06/04 18:32:37 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/06/04 18:32:37 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/06/04 18:32:37 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/06/04 18:32:37 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/06/04 18:32:37 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/06/04 18:32:37 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/06/04 18:32:37 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/06/04 18:32:36 | 001,042,003 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/06/04 18:32:36 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/06/04 18:32:36 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/06/04 18:32:36 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/06/04 18:32:36 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/06/04 18:32:36 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/06/04 18:32:35 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/06/04 18:32:35 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/06/04 18:32:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/06/04 18:32:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/06/04 18:32:35 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSN Gaming Zone
[2010/06/04 18:32:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/06/04 18:32:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/06/04 18:32:25 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/06/04 18:32:25 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/06/04 18:32:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/06/04 18:32:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/06/04 18:32:25 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/06/04 18:32:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/06/04 18:32:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/06/04 18:32:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/06/04 18:32:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/06/04 18:32:25 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/06/04 18:32:18 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/06/04 18:32:18 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/06/04 18:32:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/06/04 18:32:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/06/04 18:32:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/06/04 18:32:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/06/04 18:32:17 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/06/04 18:32:17 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/06/04 18:32:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/06/04 18:32:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/06/04 18:32:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/06/04 18:32:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/06/04 18:32:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/06/04 18:32:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/06/04 18:32:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/06/04 18:32:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/06/04 18:32:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/06/04 18:32:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/06/04 18:32:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/06/04 18:32:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/06/04 18:32:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/06/04 18:32:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/06/04 18:32:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/06/04 18:32:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/06/04 18:32:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/06/04 18:32:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/06/04 18:32:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/06/04 18:32:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/06/04 18:32:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/06/04 18:32:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/06/04 18:32:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/06/04 18:32:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/06/04 18:32:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/06/04 18:32:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/06/04 18:32:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/06/04 18:32:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/06/04 18:32:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/06/04 18:32:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/06/04 18:32:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/06/04 18:32:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/06/04 18:32:15 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/06/04 18:32:15 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/06/04 18:32:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/06/04 18:32:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/06/04 18:32:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/06/04 18:32:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/06/04 18:32:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/06/04 18:32:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/06/04 18:32:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/06/04 18:32:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/06/04 18:32:10 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/06/04 18:32:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/06/04 18:32:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/06/04 18:32:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/06/04 18:32:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/06/04 18:32:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/06/04 18:32:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/06/04 18:32:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/06/04 18:32:09 | 000,283,648 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/06/04 18:32:09 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/06/04 18:32:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/06/04 18:32:08 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/06/04 18:32:08 | 000,352,768 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/06/04 18:32:08 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/06/04 18:32:08 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/06/04 18:32:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/06/04 18:32:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/06/04 18:32:08 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/06/04 18:32:08 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/06/04 18:32:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/06/04 18:32:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/06/04 18:32:07 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/06/04 18:32:07 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/06/04 18:32:07 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/06/04 18:32:07 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/06/04 18:32:07 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/06/04 18:32:07 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/06/04 18:32:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows NT
[2010/06/04 18:32:06 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/06/04 18:32:06 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2010/06/04 18:32:06 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/06/04 18:32:06 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/06/04 18:32:06 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/06/04 18:32:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/06/04 18:32:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2010/06/04 18:32:06 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/06/04 18:32:06 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/06/04 18:32:05 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2010/06/04 18:32:05 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2010/06/04 18:32:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2010/06/04 18:32:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/06/04 18:32:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/06/04 18:32:04 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/06/04 18:32:04 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/06/04 18:32:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/06/04 18:32:04 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/06/04 18:32:04 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/06/04 18:32:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/06/04 18:32:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/06/04 18:32:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/06/04 18:32:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/06/04 18:32:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/06/04 18:32:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/06/04 18:32:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/06/04 18:32:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/06/04 18:32:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/06/04 18:32:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/06/04 18:32:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/06/04 18:32:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/06/04 18:32:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/06/04 18:32:03 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/06/04 18:32:03 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/06/04 18:32:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/06/04 18:32:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/06/04 18:32:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/06/04 18:32:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/06/04 18:32:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/06/04 18:32:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/06/04 18:32:03 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/06/04 18:32:03 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/06/04 18:32:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/06/04 18:32:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/06/04 18:32:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/06/04 18:32:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/06/04 18:32:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/06/04 18:32:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/06/04 18:32:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/06/04 18:32:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/06/04 18:32:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/06/04 18:32:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/06/04 18:32:01 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/06/04 18:32:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/06/04 18:32:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/06/04 18:32:01 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/06/04 18:32:01 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/06/04 18:32:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/06/04 18:32:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/06/04 18:32:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/06/04 18:32:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/06/04 18:32:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/06/04 18:32:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/06/04 18:32:01 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/06/04 18:32:01 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/06/04 18:32:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/06/04 18:32:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/06/04 18:32:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/06/04 18:32:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/06/04 18:32:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/06/04 18:32:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/06/04 18:32:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/06/04 18:32:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/06/04 18:32:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/06/04 18:32:00 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/06/04 18:32:00 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/06/04 18:32:00 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/06/04 18:32:00 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/06/04 18:32:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/06/04 18:32:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/06/04 18:32:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/06/04 18:32:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/06/04 18:32:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/06/04 18:31:57 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/06/04 18:31:57 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/06/04 18:31:57 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/06/04 18:31:57 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/06/04 18:31:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/06/04 18:31:57 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/06/04 18:31:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/06/04 18:31:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/06/04 18:31:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/06/04 18:31:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/06/04 18:31:56 | 000,531,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/06/04 18:31:56 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/06/04 18:31:56 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/06/04 18:31:56 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/06/04 18:31:56 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/06/04 18:31:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/06/04 18:31:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/06/04 18:31:56 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/06/04 18:31:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/06/04 18:31:56 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/06/04 18:31:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/06/04 18:31:56 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/06/04 18:31:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/06/04 18:31:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/06/04 18:31:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/06/04 18:31:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/06/04 18:31:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/06/04 18:31:55 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/06/04 18:31:55 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/06/04 18:31:55 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/06/04 18:31:55 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/06/04 18:31:55 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/06/04 18:31:55 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/06/04 18:31:55 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/06/04 18:31:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/06/04 18:31:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/06/04 18:31:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/06/04 18:31:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/06/04 18:31:53 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/06/04 18:31:53 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/06/04 18:31:53 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/06/04 18:31:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/06/04 18:31:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/06/04 18:31:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/06/04 18:31:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/06/04 18:31:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/06/04 18:31:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/06/04 18:31:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Meus vídeos
[2010/06/04 15:29:22 | 002,693,280 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010/06/04 15:29:22 | 001,540,608 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/06/04 15:29:22 | 001,540,608 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2010/06/04 15:29:22 | 001,408,000 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010/06/04 15:29:21 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/06/04 15:29:21 | 000,282,624 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010/06/04 15:29:21 | 000,258,048 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010/06/04 15:29:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/06/04 15:29:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/06/04 15:29:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/06/04 15:29:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/06/04 15:29:00 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/06/04 15:29:00 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/06/04 15:29:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/06/04 15:29:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/06/04 15:29:00 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2010/06/04 15:28:58 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2010/06/04 15:28:45 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2010/06/04 15:28:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/06/04 15:27:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas músicas
[2010/06/04 15:27:30 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/06/04 15:27:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\ODBC
[2010/06/04 15:27:27 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/06/04 15:27:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/06/04 15:27:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/06/04 15:27:26 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/06/04 15:27:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/06/04 15:27:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\SpeechEngines
[2010/06/04 15:27:25 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/06/04 15:27:25 | 000,000,000 | R--D | C] -- C:\Arquivos de programas
[2010/06/04 15:27:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared
[2010/06/04 15:27:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns
[2010/06/04 15:27:24 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/06/04 15:27:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/06/04 15:27:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/06/04 15:27:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/06/04 15:27:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/06/04 15:27:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/06/04 15:27:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/06/04 15:27:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/06/04 15:27:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/06/04 15:27:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/06/04 15:27:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/06/04 15:27:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/06/04 15:27:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/06/04 15:27:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/06/04 15:27:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/06/04 15:27:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/06/04 15:27:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/06/04 15:27:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/06/04 15:27:18 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/06/04 15:27:18 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/06/04 15:27:18 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/06/04 15:27:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/06/04 15:27:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/06/04 15:27:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/06/04 15:27:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/06/04 15:27:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/06/04 15:27:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/06/04 15:27:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/06/04 15:27:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/06/04 15:27:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/06/04 15:27:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/06/04 15:27:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/06/04 15:27:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/06/04 15:27:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/06/04 15:27:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/06/04 15:27:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/06/04 15:27:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/06/04 15:27:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/06/04 15:27:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/06/04 15:27:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/06/04 15:27:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/06/04 15:27:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/06/04 15:27:15 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/06/04 15:27:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/06/04 15:27:15 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/06/04 15:27:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/06/04 15:27:15 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/06/04 15:27:15 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/06/04 15:27:15 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/06/04 15:27:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/06/04 15:27:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/06/04 15:27:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/06/04 15:27:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/06/04 15:27:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/06/04 15:27:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/06/04 15:27:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/06/04 15:27:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/06/04 15:27:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/06/04 15:27:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/06/04 15:27:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/06/04 15:27:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/06/04 15:27:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/06/04 15:27:09 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/06/04 15:27:09 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/06/04 15:27:09 | 000,009,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/06/04 15:27:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/06/04 15:27:09 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/06/04 15:27:09 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/06/04 15:27:09 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/06/04 15:27:08 | 000,127,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/06/04 15:27:08 | 000,109,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/06/04 15:27:08 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/06/04 15:27:08 | 000,073,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/06/04 15:27:08 | 000,033,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/06/04 15:27:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/06/04 15:27:08 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/06/04 15:27:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/06/04 15:27:08 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/06/04 15:27:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/06/04 15:27:08 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/06/04 15:27:08 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/06/04 15:27:08 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/06/04 15:27:07 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/06/04 15:27:07 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/06/04 15:27:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/06/04 15:27:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/06/04 15:27:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/06/04 15:27:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/06/04 15:27:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/06/04 15:27:06 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/06/04 15:27:06 | 000,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/06/04 15:26:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar
[2010/06/04 15:26:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos
[2010/06/04 15:26:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modelos
[2010/06/04 15:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoritos
[2010/06/04 15:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/06/04 15:26:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft
[2010/06/04 15:26:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos
[2010/06/04 15:26:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/06/04 15:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/06/04 15:22:11 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/06/04 15:22:11 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/06/04 15:22:11 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/06/04 15:22:11 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/06/04 15:22:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1046
[2010/06/04 15:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/06/04 11:55:58 | 000,229,312 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2010/08/02 12:30:16 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.exe
[2010/08/02 11:30:09 | 000,520,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTM.exe
[2010/08/02 10:14:35 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\freecell.reg
[2010/08/02 07:52:39 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\XP\Dados de aplicativosprivacy.xml
[2010/08/02 07:52:35 | 000,000,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/08/02 07:52:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/02 07:51:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/02 07:51:05 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\tasks\vvxtiwsuec.job
[2010/08/02 07:50:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/02 07:50:56 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/01 22:44:32 | 005,668,864 | ---- | M] () -- C:\Documents and Settings\XP\ntuser.dat
[2010/08/01 22:44:32 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\XP\ntuser.ini
[2010/08/01 22:44:17 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/08/01 22:44:02 | 017,670,088 | -H-- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\IconCache.db
[2010/08/01 22:40:19 | 000,000,726 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/01 18:10:55 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\CB2010.lnk
[2010/08/01 18:00:14 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2010/08/01 00:01:08 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010/07/31 21:47:19 | 000,000,232 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2010/07/31 17:40:43 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/31 17:40:43 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/31 16:22:44 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/29 23:17:40 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/29 19:58:21 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DriverScanner.lnk
[2010/07/29 18:35:17 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SpeedUpMyPC.lnk
[2010/07/29 14:23:16 | 001,191,374 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/29 14:23:16 | 000,537,184 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2010/07/29 14:23:16 | 000,497,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/29 14:23:16 | 000,096,860 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2010/07/29 14:23:16 | 000,085,564 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/28 19:28:38 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ophcrack.lnk
[2010/07/28 14:36:06 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010/07/28 14:36:02 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010/07/27 20:26:08 | 000,001,309 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\juliana.jpg
[2010/07/26 16:27:46 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk
[2010/07/25 22:06:46 | 000,001,069 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UpdateMyDrivers.lnk
[2010/07/25 21:56:08 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\fusioncache.dat
[2010/07/25 21:52:08 | 000,001,954 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Catalyst Control Center.lnk
[2010/07/25 15:47:40 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\JDownloader.lnk
[2010/07/24 13:35:19 | 000,001,902 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\Senhas anteriores ao crash.kdbx
[2010/07/23 17:33:43 | 002,519,202 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\aOffice Registration.reg
[2010/07/23 10:00:17 | 000,000,492 | ---- | M] () -- C:\hpfr3420.xml
[2010/07/21 21:17:47 | 000,010,086 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100721_211624.reg
[2010/07/21 20:44:44 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Revo Uninstaller.lnk
[2010/07/20 20:30:42 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\CCleaner.lnk
[2010/07/20 13:24:56 | 000,578,028 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\f1mane.jar
[2010/07/18 13:42:42 | 000,079,154 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\BitDefender20100718_1342.xml
[2010/07/16 13:26:36 | 000,137,259 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\Bitdefender_Antivirus_2010_32B.html
[2010/07/07 14:01:37 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\XP\Dados de aplicativosProductTweaks.xml
[2010/07/07 14:01:36 | 000,000,385 | ---- | M] () -- C:\Documents and Settings\XP\Dados de aplicativosuser_gensett.xml
[2010/07/07 00:09:55 | 000,077,594 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\1278458475_1_00.xml
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_video.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_sign.slf
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_news.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_im.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_games.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010/07/01 15:40:21 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/06/29 15:35:01 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/06/28 11:47:56 | 000,352,513 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\savapi3.dll
[2010/06/28 11:47:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/06/25 21:11:55 | 000,015,912 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100625_211149.reg
[2010/06/25 15:12:03 | 000,001,071 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\BiosAgent Plus.lnk
[2010/06/25 15:10:46 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2010/06/25 14:35:39 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\EVEREST Ultimate Edition.lnk
[2010/06/23 19:04:23 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/23 18:58:04 | 000,068,480 | ---- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT
[2010/06/23 16:38:08 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\MJWIN.lnk
[2010/06/22 14:51:06 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/06/22 14:51:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/06/22 14:51:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/06/22 14:51:06 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/06/22 14:51:05 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/06/22 13:56:38 | 000,000,434 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/06/21 18:15:48 | 000,047,104 | RHS- | M] () -- C:\WINDOWS\System32\mqrt9.dll
[2010/06/21 14:47:11 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/06/21 14:44:38 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Recuva.lnk
[2010/06/21 14:22:51 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100621_142246.reg
[2010/06/21 14:22:07 | 000,041,444 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100621_142133.reg
[2010/06/19 22:23:27 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\speedfanparams.cfg
[2010/06/19 22:22:59 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\SpeedFan.lnk
[2010/06/19 22:22:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/06/19 19:18:50 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Atalho para velox.lnk
[2010/06/17 18:12:13 | 000,001,976 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/06/14 11:31:20 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/06/13 14:30:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/06/13 11:23:17 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2010/06/09 13:20:00 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Freecell.lnk
[2010/06/08 18:03:08 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero PhotoShow Express.lnk
[2010/06/08 18:00:54 | 000,001,360 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2010/06/08 17:56:25 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/06/08 08:25:25 | 000,008,370 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\Pasta1.xlsx
[2010/06/07 14:40:39 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/06/07 14:39:44 | 000,077,824 | ---- | M] (Apple Computer, Inc.) -- C:\WINDOWS\System32\qttask.exe
[2010/06/07 14:37:41 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
[2010/06/07 14:37:35 | 000,001,537 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BSPlayer.lnk
[2010/06/07 14:37:30 | 000,002,850 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/07 14:26:51 | 000,002,539 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/06/04 18:41:16 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/06/04 18:39:17 | 000,000,630 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/06/04 18:36:28 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/04 18:36:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/06/04 18:36:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/04 18:36:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/06/04 18:36:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/06/04 18:36:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/04 18:36:19 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/06/04 18:36:11 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/04 18:35:19 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/06/04 18:35:18 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/06/04 18:33:08 | 000,021,844 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/04 18:33:00 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/06/04 18:33:00 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/06/04 18:31:06 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/06/04 15:30:47 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/06/04 11:55:58 | 000,229,312 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/01 18:03:57 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\CB2010.lnk
[2010/07/31 21:34:15 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/31 20:55:27 | 005,668,864 | ---- | C] () -- C:\Documents and Settings\XP\ntuser.dat
[2010/07/29 19:58:21 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DriverScanner.lnk
[2010/07/29 18:35:17 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SpeedUpMyPC.lnk
[2010/07/28 19:28:38 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ophcrack.lnk
[2010/07/27 20:26:01 | 000,001,309 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\juliana.jpg
[2010/07/26 16:27:46 | 000,001,068 | ---- | C] () -- C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk
[2010/07/25 22:06:46 | 000,001,069 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\UpdateMyDrivers.lnk
[2010/07/25 21:56:08 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\fusioncache.dat
[2010/07/25 21:52:08 | 000,001,954 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Catalyst Control Center.lnk
[2010/07/25 21:42:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/07/25 15:47:40 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\JDownloader.lnk
[2010/07/24 13:35:18 | 000,001,902 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\Senhas anteriores ao crash.kdbx
[2010/07/23 17:33:43 | 002,519,202 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\aOffice Registration.reg
[2010/07/23 10:00:16 | 000,000,492 | ---- | C] () -- C:\hpfr3420.xml
[2010/07/22 15:09:38 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\dds.scr
[2010/07/22 15:07:14 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Defogger.exe
[2010/07/21 21:16:29 | 000,010,086 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100721_211624.reg
[2010/07/21 20:44:44 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Revo Uninstaller.lnk
[2010/07/20 13:24:55 | 000,578,028 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\f1mane.jar
[2010/07/18 13:42:42 | 000,079,154 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\BitDefender20100718_1342.xml
[2010/07/17 13:42:31 | 000,000,482 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2010/07/16 17:28:24 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/07/16 15:09:03 | 000,137,259 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\Bitdefender_Antivirus_2010_32B.html
[2010/07/09 18:25:16 | 000,000,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/07/07 14:01:37 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\XP\Dados de aplicativosProductTweaks.xml
[2010/07/07 14:01:36 | 000,000,385 | ---- | C] () -- C:\Documents and Settings\XP\Dados de aplicativosuser_gensett.xml
[2010/07/07 00:09:54 | 000,077,594 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\1278458475_1_00.xml
[2010/07/04 12:23:42 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\XP\Dados de aplicativosprivacy.xml
[2010/07/02 16:48:08 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/02 16:48:06 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/02 13:17:14 | 000,000,410 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_sign.slf
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/07/01 15:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010/07/01 15:40:21 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/07/01 15:38:16 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010/06/29 15:33:12 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/06/25 21:11:52 | 000,015,912 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100625_211149.reg
[2010/06/25 15:11:14 | 000,001,071 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\BiosAgent Plus.lnk
[2010/06/25 14:35:39 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\EVEREST Ultimate Edition.lnk
[2010/06/24 01:14:11 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\freecell.reg
[2010/06/23 16:38:08 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\MJWIN.lnk
[2010/06/22 13:56:38 | 000,000,434 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/06/21 18:15:48 | 000,047,104 | RHS- | C] () -- C:\WINDOWS\System32\mqrt9.dll
[2010/06/21 18:15:48 | 000,000,298 | -HS- | C] () -- C:\WINDOWS\tasks\vvxtiwsuec.job
[2010/06/21 14:47:11 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/06/21 14:44:38 | 000,001,589 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Recuva.lnk
[2010/06/21 14:22:48 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100621_142246.reg
[2010/06/21 14:21:40 | 000,041,444 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\cc_20100621_142133.reg
[2010/06/21 14:12:08 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\CCleaner.lnk
[2010/06/19 22:23:27 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\speedfanparams.cfg
[2010/06/19 22:22:59 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\SpeedFan.lnk
[2010/06/19 22:22:57 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/06/19 19:18:50 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\XP\Menu Iniciar\Programas\Inicializar\Atalho para velox.lnk
[2010/06/17 18:12:13 | 000,001,976 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/06/13 14:30:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/13 11:23:17 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/06/09 13:20:00 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Freecell.lnk
[2010/06/08 18:03:08 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero PhotoShow Express.lnk
[2010/06/08 18:03:07 | 000,421,888 | ---- | C] () -- C:\WINDOWS\Nero PhotoShow.scr
[2010/06/08 18:00:54 | 000,001,360 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2010/06/08 17:56:25 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/06/08 08:25:24 | 000,008,370 | ---- | C] () -- C:\Documents and Settings\XP\Meus documentos\Pasta1.xlsx
[2010/06/07 14:41:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/06/07 14:37:41 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
[2010/06/07 14:37:39 | 000,098,304 | R--- | C] () -- C:\WINDOWS\System32\Startup.cpl
[2010/06/07 14:37:39 | 000,051,238 | R--- | C] () -- C:\WINDOWS\System32\tweakui.hlp
[2010/06/07 14:37:35 | 000,001,537 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BSPlayer.lnk
[2010/06/07 14:37:31 | 000,009,086 | ---- | C] () -- C:\WINDOWS\System32\QuickTime.qtp
[2010/06/07 14:37:29 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\rmp4.dll
[2010/06/07 14:37:29 | 000,095,292 | R--- | C] () -- C:\WINDOWS\System32\atrac3.acm
[2010/06/07 14:37:29 | 000,067,072 | R--- | C] () -- C:\WINDOWS\System32\dtssource.ax
[2010/06/07 14:37:29 | 000,058,880 | R--- | C] () -- C:\WINDOWS\System32\avi2ac3dts.ax
[2010/06/07 14:37:29 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\dsrmp4.dll
[2010/06/07 14:37:29 | 000,011,264 | R--- | C] () -- C:\WINDOWS\System32\TEKYUV.DLL
[2010/06/07 14:37:28 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\mpegdecoder.dll
[2010/06/07 14:37:28 | 000,023,552 | R--- | C] () -- C:\WINDOWS\System32\pdi.dll
[2010/06/07 14:37:27 | 000,107,057 | R--- | C] () -- C:\WINDOWS\System32\pvmjpg21.hlp
[2010/06/07 14:37:26 | 000,921,600 | R--- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010/06/07 14:37:26 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2010/06/07 14:37:26 | 000,188,416 | R--- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010/06/07 14:37:26 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\ogg.dll
[2010/06/07 14:37:25 | 000,057,344 | R--- | C] () -- C:\WINDOWS\System32\MMTray2k.exe
[2010/06/07 14:37:25 | 000,000,761 | R--- | C] () -- C:\WINDOWS\M3JP2K.INI
[2010/06/07 14:37:25 | 000,000,714 | R--- | C] () -- C:\WINDOWS\m3jpeg.ini
[2010/06/07 14:37:25 | 000,000,702 | R--- | C] () -- C:\WINDOWS\MMTVMJ.INI
[2010/06/07 14:37:20 | 000,413,760 | R--- | C] () -- C:\WINDOWS\System32\mpg4c32.dll
[2010/06/07 14:37:16 | 000,077,664 | R--- | C] () -- C:\WINDOWS\System32\IR21_R.DLL
[2010/06/07 14:37:16 | 000,056,832 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2010/06/07 14:37:16 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010/06/07 14:37:15 | 000,020,170 | R--- | C] () -- C:\WINDOWS\System32\Indeo.hlp
[2010/06/07 14:37:15 | 000,008,491 | R--- | C] () -- C:\WINDOWS\System32\i263_32.hlp
[2010/06/07 14:37:14 | 000,152,064 | R--- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/06/07 14:37:09 | 000,066,560 | R--- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2010/06/07 14:37:08 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2010/06/07 14:37:08 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010/06/07 14:37:08 | 000,092,672 | R--- | C] () -- C:\WINDOWS\System32\ASUSASV2.dll
[2010/06/07 14:37:08 | 000,071,680 | R--- | C] () -- C:\WINDOWS\System32\ASUSASV1.DLL
[2010/06/07 14:37:07 | 000,482,816 | R--- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[2010/06/07 14:37:07 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\Rududu.ax
[2010/06/07 14:37:07 | 000,047,104 | R--- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2010/06/07 14:37:07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AVIWRAP.DLL
[2010/06/07 14:37:07 | 000,024,848 | R--- | C] () -- C:\WINDOWS\System32\WAVDEST.AX
[2010/06/07 14:37:06 | 000,000,401 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010/06/07 14:37:05 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\DivXAF.ax
[2010/06/07 14:37:04 | 000,114,688 | R--- | C] () -- C:\WINDOWS\System32\AVIZLIB.DLL
[2010/06/07 14:37:04 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\AVIMSZH.DLL
[2010/06/07 14:37:04 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\dedynamic.ax
[2010/06/07 14:37:02 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.cpl
[2010/06/07 14:37:02 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax
[2010/06/07 14:37:02 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\AACDEC.AX
[2010/06/07 14:37:00 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2010/06/07 14:36:59 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\libfaad.dll
[2010/06/07 14:32:27 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010/06/07 14:32:26 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/06/07 14:32:11 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2010/06/07 14:31:57 | 000,000,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2010/06/07 14:26:51 | 000,002,539 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/06/07 14:26:49 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/06/04 18:44:07 | 000,000,210 | -HS- | C] () -- C:\Documents and Settings\XP\ntuser.ini
[2010/06/04 18:44:06 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\XP\ntuser.dat.LOG
[2010/06/04 18:41:16 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/06/04 18:39:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 18:39:10 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/06/04 18:38:31 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/06/04 18:38:31 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/06/04 18:38:30 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/06/04 18:38:08 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/06/04 18:38:08 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/06/04 18:38:00 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/06/04 18:37:59 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/06/04 18:37:57 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/06/04 18:37:49 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/06/04 18:37:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/06/04 18:37:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/06/04 18:37:28 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/06/04 18:37:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/06/04 18:37:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/06/04 18:37:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/06/04 18:37:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/06/04 18:37:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/06/04 18:37:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/06/04 18:37:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/06/04 18:37:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/06/04 18:37:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/06/04 18:37:23 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/06/04 18:37:23 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/06/04 18:37:23 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/06/04 18:37:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/06/04 18:37:22 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/06/04 18:37:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/06/04 18:37:21 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/06/04 18:37:21 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/06/04 18:37:21 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/06/04 18:37:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/06/04 18:37:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/06/04 18:37:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/06/04 18:37:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/06/04 18:37:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/06/04 18:37:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/06/04 18:37:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/06/04 18:37:20 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/06/04 18:37:20 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/06/04 18:37:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/06/04 18:37:19 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/06/04 18:37:19 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/06/04 18:37:18 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/06/04 18:37:18 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/06/04 18:36:28 | 000,002,969 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/04 18:36:28 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/06/04 18:36:28 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/06/04 18:36:28 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/06/04 18:36:28 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/06/04 18:36:20 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/06/04 18:36:20 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/06/04 18:36:19 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/06/04 18:35:18 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/06/04 18:35:18 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/06/04 18:35:15 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/06/04 18:35:00 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/06/04 18:34:42 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/06/04 18:34:42 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/06/04 18:34:36 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/06/04 18:33:59 | 000,381,440 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/06/04 18:33:08 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/04 18:32:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Deserto.bmp
[2010/06/04 18:32:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Leques.bmp
[2010/06/04 18:32:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Tapete.bmp
[2010/06/04 18:32:19 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/06/04 18:32:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bolhas de sabão.bmp
[2010/06/04 18:32:19 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Bruma.bmp
[2010/06/04 18:32:19 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Areia.bmp
[2010/06/04 18:32:19 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododentro.bmp
[2010/06/04 18:32:19 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Pescaria.bmp
[2010/06/04 18:32:19 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Cafezinho.bmp
[2010/06/04 18:32:19 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Seda.bmp
[2010/06/04 18:32:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Renda azul 16.bmp
[2010/06/04 18:32:18 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/06/04 18:32:18 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/06/04 18:32:18 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/06/04 18:32:18 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/06/04 18:32:18 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/06/04 18:32:18 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/06/04 18:32:18 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/06/04 18:32:16 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/06/04 18:32:16 | 000,001,221 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/06/04 18:32:15 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/06/04 18:32:09 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/06/04 15:30:47 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/06/04 15:27:27 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/06/04 15:27:27 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/06/04 15:27:26 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/06/04 15:27:26 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/06/04 15:27:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/06/04 15:27:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/06/04 15:27:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/06/04 15:27:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/06/04 15:27:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/06/04 15:27:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/06/04 15:27:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/06/04 15:27:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/06/04 15:27:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/06/04 15:27:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/06/04 15:27:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/06/04 15:27:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/06/04 15:27:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/06/04 15:27:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/06/04 15:27:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/06/04 15:27:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/06/04 15:27:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/06/04 15:27:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/06/04 15:27:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/06/04 15:27:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/06/04 15:27:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/06/04 15:27:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/06/04 15:27:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/06/04 15:27:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/06/04 15:27:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/06/04 15:27:07 | 000,000,515 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/06/04 15:26:56 | 000,809,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/06/04 15:26:56 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/06/04 15:26:56 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/06/04 15:26:56 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/06/04 15:26:56 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/06/04 15:26:56 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/06/04 15:26:56 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/06/04 15:26:56 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/06/04 15:26:56 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/06/04 15:26:56 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/06/04 15:26:56 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/06/04 15:26:56 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/06/04 15:26:56 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/06/04 15:26:56 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/06/04 15:26:55 | 002,038,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/06/04 15:26:55 | 001,233,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/06/04 15:26:55 | 000,634,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/06/04 15:26:16 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/04 15:25:28 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/06/04 15:25:25 | 000,000,630 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[1996/04/03 16:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/07/01 15:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\BitDefender
[2010/07/18 16:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FileCure
[2010/06/22 11:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeApp
[2010/07/29 22:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Karen's Power Tools
[2010/07/17 11:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic
[2010/07/25 22:06:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{7108AEAC-32CF-444E-B0C6-55E51DD8B67A}
[2010/07/01 15:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\BitDefender
[2010/07/21 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Easy Duplicate Finder
[2010/06/24 21:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\IObit
[2010/08/01 13:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\KeePass
[2010/06/08 18:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Simple Star
[2010/06/16 14:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Snapfish
[2010/07/29 20:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Uniblue
[2010/06/23 19:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Windows Search
[2010/07/10 20:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\WinPatrol
[2010/08/01 18:00:14 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2010/08/01 22:44:17 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2010/08/02 07:51:05 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\Tasks\vvxtiwsuec.job

========== Purity Check ==========


< End of report >

Thanks for your attention

P.S.
I ordered 60 days report because the infection was in early June!

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:04 AM

Posted 02 August 2010 - 06:13 PM

Looks okay, we can do a little tidying up.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

CODE
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
[2010/08/02 07:51:05 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\tasks\vvxtiwsuec.job
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Please then follow that with the ESET online scan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Leave the top box checked and then check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push
NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
Posted Image
m0le is a proud member of UNITE

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:04 AM

Posted 05 August 2010 - 08:37 PM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#11 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 07 August 2010 - 12:37 AM

Apologies for the delay. I am running now OTL 5:30 AM GM time . I have not received notification of your post, although on track.

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:04 AM

Posted 07 August 2010 - 12:44 AM

QUOTE
I have not received notification of your post, although on track.


Click My Controls, then on the left look for Options and click Email Settings. Make sure that the last option (Enable 'Email Notification' by default?
If ticked, choose default type:) is set for Immediate notification on the drop down menu.

I await your post, Jecs thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#13 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 07 August 2010 - 01:23 AM

No log. reboot needed! I' m going to next.

#14 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 07 August 2010 - 02:14 AM

Error: Unable to interpret <O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context!
Error: Unable to interpret <[2010/08/02 07:51:05 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\tasks\vvxtiwsuec.job> in the current context!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_024354
===============================================

========== OTL ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File move failed. C:\WINDOWS\tasks\vvxtiwsuec.job scheduled to be moved on reboot.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E!

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_024452

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
====================================
========== OTL ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File move failed. C:\WINDOWS\tasks\vvxtiwsuec.job scheduled to be moved on reboot.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E!

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_025908

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
============================================
========== OTL ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File move failed. C:\WINDOWS\tasks\vvxtiwsuec.job scheduled to be moved on reboot.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E!

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_030715

sorry for my ignorance!


ESET is running!!




#15 Jecs

Jecs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 07 August 2010 - 07:36 AM

Eset results----------------------

C:\Arquivos de programas\Reimage\Reimage Repair\REI_AxControl.dll probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined.

I delete that archive!

Last scan by OTL-------------------
========== OTL ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File move failed. C:\WINDOWS\tasks\vvxtiwsuec.job scheduled to be moved on reboot.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E!

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_095220
-----------------------------------------------------
Sorry for the delay, but there it is.
Tx,all the best for you>

Edited by Jecs, 07 August 2010 - 08:01 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users