Guest User

Untitled

a guest
Mar 23rd, 2013
34
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. OTL logfile created on: 23/03/2013 13:15:36 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Desirée Jastes\Desktop
  3. 64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  6.  
  7. 3,95 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 63,14% Memory free
  8. 7,90 Gb Paging File | 6,36 Gb Available in Paging File | 80,54% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 551,74 Gb Total Space | 482,86 Gb Free Space | 87,51% Space Free | Partition Type: NTFS
  13. Drive D: | 20,73 Gb Total Space | 2,21 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
  14. Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,33% Space Free | Partition Type: FAT32
  15.  
  16. Computer Name: DESIRÉEJASTES | User Name: Desirée Jastes | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2013/03/23 13:12:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Desirée Jastes\Desktop\OTL.exe
  23. PRC - [2013/01/25 19:48:27 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
  24. PRC - [2012/12/23 16:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
  25. PRC - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  26. PRC - [2012/11/29 19:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
  27. PRC - [2012/11/23 12:05:54 | 003,211,776 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe
  28. PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
  29. PRC - [2011/06/28 06:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
  30. PRC - [2011/06/15 17:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
  31. PRC - [2011/06/13 16:47:12 | 000,336,440 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
  32. PRC - [2011/05/31 09:18:04 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
  33. PRC - [2011/05/05 23:06:46 | 000,263,496 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
  34. PRC - [2011/05/05 23:06:28 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
  35. PRC - [2011/05/05 23:06:02 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
  36. PRC - [2011/04/30 05:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  37. PRC - [2011/04/08 12:01:16 | 000,586,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
  38. PRC - [2011/04/08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
  39. PRC - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
  40. PRC - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
  41. PRC - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
  42. PRC - [2011/03/30 14:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
  43. PRC - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
  44. PRC - [2011/02/22 17:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  45. PRC - [2011/02/22 17:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  46. PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
  47. PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
  48.  
  49.  
  50. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  51.  
  52. MOD - [2013/01/11 06:59:27 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
  53. MOD - [2012/05/30 03:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.3.0.36\wincfi39.dll
  54. MOD - [2004/12/10 08:51:50 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Ares\MP3Source.ax
  55.  
  56.  
  57. [color=#E56717]========== Services (SafeList) ==========[/color]
  58.  
  59. SRV:[b]64bit:[/b] - [2011/05/27 11:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
  60. SRV - [2013/01/08 11:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  61. SRV - [2012/12/23 16:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe -- (NIS)
  62. SRV - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  63. SRV - [2012/11/29 19:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
  64. SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
  65. SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
  66. SRV - [2011/05/27 16:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\stacsv64.exe -- (STacSV)
  67. SRV - [2011/05/05 23:06:46 | 000,263,496 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
  68. SRV - [2011/05/02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
  69. SRV - [2011/05/02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
  70. SRV - [2011/05/02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
  71. SRV - [2011/04/30 05:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
  72. SRV - [2011/04/21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
  73. SRV - [2011/04/21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
  74. SRV - [2011/04/08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
  75. SRV - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
  76. SRV - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
  77. SRV - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
  78. SRV - [2011/03/07 21:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
  79. SRV - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
  80. SRV - [2011/02/22 17:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
  81. SRV - [2011/02/22 17:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  82. SRV - [2010/10/12 14:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
  83. SRV - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Arquivos de Programas\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
  84. SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
  85. SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
  86. SRV - [2010/09/21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
  87. SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  88. SRV - [2010/01/09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
  89. SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  90. SRV - [2009/03/03 07:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\AESTSr64.exe -- (AESTFilters)
  91.  
  92.  
  93. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  94.  
  95. DRV:[b]64bit:[/b] - [2013/03/11 18:41:09 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
  96. DRV:[b]64bit:[/b] - [2013/01/30 16:18:18 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\symnets.sys -- (SymNetS)
  97. DRV:[b]64bit:[/b] - [2013/01/30 16:18:06 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymEFA64.sys -- (SymEFA)
  98. DRV:[b]64bit:[/b] - [2013/01/28 14:45:20 | 000,796,248 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtsp64.sys -- (SRTSP)
  99. DRV:[b]64bit:[/b] - [2013/01/28 14:45:20 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtspx64.sys -- (SRTSPX)
  100. DRV:[b]64bit:[/b] - [2013/01/21 15:15:34 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymDS64.sys -- (SymDS)
  101. DRV:[b]64bit:[/b] - [2012/11/15 15:22:02 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\Ironx64.sys -- (SymIRON)
  102. DRV:[b]64bit:[/b] - [2012/11/15 15:18:04 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403000.024\ccSetx64.sys -- (ccSet_NIS)
  103. DRV:[b]64bit:[/b] - [2012/08/20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
  104. DRV:[b]64bit:[/b] - [2012/08/20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
  105. DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  106. DRV:[b]64bit:[/b] - [2011/08/01 23:06:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  107. DRV:[b]64bit:[/b] - [2011/08/01 23:06:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  108. DRV:[b]64bit:[/b] - [2011/05/27 16:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
  109. DRV:[b]64bit:[/b] - [2011/05/27 11:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
  110. DRV:[b]64bit:[/b] - [2011/05/27 11:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
  111. DRV:[b]64bit:[/b] - [2011/05/17 09:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
  112. DRV:[b]64bit:[/b] - [2011/05/17 09:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
  113. DRV:[b]64bit:[/b] - [2011/05/01 14:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
  114. DRV:[b]64bit:[/b] - [2011/04/26 16:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  115. DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
  116. DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
  117. DRV:[b]64bit:[/b] - [2011/04/15 16:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  118. DRV:[b]64bit:[/b] - [2011/03/24 21:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
  119. DRV:[b]64bit:[/b] - [2011/03/23 15:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
  120. DRV:[b]64bit:[/b] - [2011/03/22 18:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
  121. DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
  122. DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
  123. DRV:[b]64bit:[/b] - [2011/02/22 08:54:22 | 000,351,864 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
  124. DRV:[b]64bit:[/b] - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  125. DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  126. DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  127. DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  128. DRV:[b]64bit:[/b] - [2010/10/19 21:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
  129. DRV:[b]64bit:[/b] - [2010/10/15 06:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  130. DRV:[b]64bit:[/b] - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
  131. DRV:[b]64bit:[/b] - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
  132. DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  133. DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  134. DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  135. DRV:[b]64bit:[/b] - [2009/06/10 18:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
  136. DRV:[b]64bit:[/b] - [2009/06/10 18:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
  137. DRV:[b]64bit:[/b] - [2009/06/10 18:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
  138. DRV:[b]64bit:[/b] - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
  139. DRV:[b]64bit:[/b] - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
  140. DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  141. DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  142. DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  143. DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  144. DRV - [2013/03/11 01:00:00 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\ex64.sys -- (NAVEX15)
  145. DRV - [2013/03/11 01:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
  146. DRV - [2013/03/11 01:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
  147. DRV - [2013/03/11 01:00:00 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\eng64.sys -- (NAVENG)
  148. DRV - [2013/03/09 17:53:52 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130322.001\IDSviA64.sys -- (IDSVia64)
  149. DRV - [2013/01/15 23:57:37 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
  150. DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  151.  
  152.  
  153. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  154.  
  155.  
  156. [color=#E56717]========== Internet Explorer ==========[/color]
  157.  
  158. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/3
  159. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
  160. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
  161. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
  162. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
  163. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
  164. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  165. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/3
  166. IE - HKLM\..\SearchScopes,DefaultScope =
  167. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
  168. IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
  169. IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
  170.  
  171. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pt&pid=NIS&pvid=19.9.0.9
  172. IE - HKCU\..\SearchScopes,DefaultScope =
  173. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
  174. IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
  175. IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
  176. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  177. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
  178.  
  179.  
  180. [color=#E56717]========== FireFox ==========[/color]
  181.  
  182. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  183. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  184. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
  185. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
  186. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  187. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  188. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  189. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  190. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  191. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  192. FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
  193. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
  194. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
  195. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
  196. FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
  197. FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
  198. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
  199. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
  200. FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
  201. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  202.  
  203. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\clikseguro@psafe.com: C:\Program Files (x86)\PSafe\ClikSeguro\\ffext
  204. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/25 19:49:07 | 000,000,000 | ---D | M]
  205. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/25 19:49:07 | 000,000,000 | ---D | M]
  206. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFFPlgn\ [2013/03/11 18:41:59 | 000,000,000 | ---D | M]
  207. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ [2013/03/23 11:22:21 | 000,000,000 | ---D | M]
  208.  
  209. [2012/11/29 14:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
  210.  
  211. [color=#E56717]========== Chrome ==========[/color]
  212.  
  213. CHR - default_search_provider: Search the web (Babylon) (Enabled)
  214. CHR - default_search_provider: search_url = http://isearch.babylon.com/?q={searchTerms}&affID=119849&babsrc=SP_ss&mntrId=0E8B80C16EAB9B99
  215. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
  216. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
  217. CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
  218. CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
  219. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
  220. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  221. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
  222. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
  223. CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
  224. CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
  225. CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
  226. CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
  227. CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
  228. CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  229. CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
  230. CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
  231. CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
  232. CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
  233. CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
  234. CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
  235. CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
  236. CHR - Extension: Website Logon = C:\Users\Desirée Jastes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhihajbmafmgilcciomnamcjfkdhikl\1.0_0\
  237. CHR - Extension: RealDownloader = C:\Users\Desirée Jastes\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
  238. CHR - Extension: Norton Identity Protection = C:\Users\Desirée Jastes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\
  239. CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Desirée Jastes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\
  240.  
  241. O1 HOSTS File: ([2013/03/23 09:19:18 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  242. O1 - Hosts: 127.0.0.1 localhost
  243. O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  244. O2:[b]64bit:[/b] - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
  245. O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  246. O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  247. O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
  248. O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
  249. O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
  250. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
  251. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  252. O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
  253. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
  254. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  255. O2 - BHO: (DealPly) - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll File not found
  256. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
  257. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
  258. O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
  259. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  260. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  261. O4:[b]64bit:[/b] - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
  262. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  263. O4:[b]64bit:[/b] - HKLM..\Run: [SetDefault] C:\Arquivos de Programas\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
  264. O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
  265. O4 - HKLM..\Run: [] File not found
  266. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
  267. O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
  268. O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
  269. O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
  270. O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
  271. O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
  272. O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
  273. O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
  274. O4 - HKLM..\RunOnce: [Aplicativo de Inicialização do Windows ®] C:\Windows\SysWOW64\wlnotify.exe ()
  275. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  276. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  277. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  278. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  279. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  280. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  281. O8:[b]64bit:[/b] - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  282. O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  283. O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Desirée Jastes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
  284. O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  285. O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  286. O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Desirée Jastes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
  287. O9:[b]64bit:[/b] - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  288. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  289. O9:[b]64bit:[/b] - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  290. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  291. O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
  292. O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
  293. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
  294. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
  295. O13 - gopher Prefix: missing
  296. O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  297. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.0.1
  298. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4BEE8013-9E91-48D9-87F0-32319410B7A7}: DhcpNameServer = 10.10.0.2
  299. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF233140-1546-48C0-B5AE-1269076529BB}: DhcpNameServer = 192.168.254.254 192.168.0.1
  300. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  301. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  302. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  303. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  304. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  305. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  306. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  307. O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
  308. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  309. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  310. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  311. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
  312. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  313. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  314. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  315. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  316. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
  317. O32 - HKLM CDRom: AutoRun - 1
  318. O34 - HKLM BootExecute: (autocheck autochk *)
  319. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  320. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  321. O35 - HKLM\..comfile [open] -- "%1" %*
  322. O35 - HKLM\..exefile [open] -- "%1" %*
  323. O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
  324. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  325. O37 - HKLM\...com [@ = ComFile] -- "%1" %*
  326. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  327. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  328. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  329. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  330.  
  331. CREATERESTOREPOINT
  332. Restore point Set: OTL Restore Point
  333.  
  334.  
  335. [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
  336.  
  337. [2013/03/23 13:12:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Desirée Jastes\Desktop\OTL.exe
  338. [2013/03/23 10:26:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  339. [2013/03/23 09:23:50 | 000,000,000 | ---D | C] -- C:\Windows\temp
  340. [2013/03/23 09:04:20 | 000,000,000 | ---D | C] -- C:\Qoobox
  341. [2013/03/23 09:01:05 | 005,042,224 | R--- | C] (Swearware) -- C:\Users\Desirée Jastes\Desktop\ComboFix.exe
  342. [2013/03/23 08:54:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
  343. [2013/03/23 08:54:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
  344. [2013/03/23 08:54:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
  345. [2013/03/23 08:52:54 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
  346. [2013/03/20 17:53:56 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Desktop\RK_Quarantine
  347. [2013/03/20 17:49:13 | 000,354,265 | ---- | C] (Farbar) -- C:\Users\Desirée Jastes\Desktop\FSS.exe
  348. [2013/03/17 21:41:17 | 000,147,456 | ---- | C] (Eric_71) -- C:\Users\Desirée Jastes\Desktop\MbrScan.exe
  349. [2013/03/17 19:43:21 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\Malwarebytes
  350. [2013/03/17 19:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
  351. [2013/03/17 19:42:30 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\Programs
  352. [2013/03/17 19:42:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
  353. [2013/03/17 19:42:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
  354. [2013/03/17 19:41:56 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\0B1T1L2V1T1J1L
  355. [2013/03/17 17:01:53 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Desktop\HijackThis
  356. [2013/03/17 16:31:28 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\{D488BF21-9C2F-4A97-A7D5-AF92654EFB89}
  357. [2013/03/17 16:31:27 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\{B9CBE839-C02C-4378-8028-EFE92BCF99ED}
  358. [2013/03/17 16:31:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\Windows Live Writer
  359. [2013/03/17 16:31:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\Windows Live Writer
  360. [2013/03/17 13:32:21 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva
  361. [2013/03/16 03:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
  362. [2013/03/16 03:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
  363. [2013/03/16 03:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
  364. [2013/03/11 20:07:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
  365. [2013/03/11 19:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark X1100 Series
  366. [2013/03/11 19:00:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
  367. [2013/03/11 18:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
  368. [2013/03/11 18:42:50 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\Symantec
  369. [2013/03/11 18:41:09 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
  370. [2013/03/11 18:40:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
  371. [2013/03/11 18:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
  372. [2013/03/11 18:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
  373. [2013/03/11 18:39:17 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\Symantec
  374. [2013/03/11 18:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
  375. [2013/03/11 18:05:12 | 006,259,608 | ---- | C] (Symantec Corporation) -- C:\Users\Desirée Jastes\Desktop\NRnR.exe
  376. [2013/03/11 17:24:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
  377. [2013/03/11 16:53:05 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\ElevatedDiagnostics
  378. [2013/03/11 16:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86) (x86)
  379. [2013/02/21 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Desktop\Registros Acidente (21-02-13)
  380. [2013/02/18 21:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
  381. [2013/02/16 08:15:17 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\{AB5DD7CF-A47C-4EF0-8031-AF55DCE39996}
  382. [2013/02/13 12:49:28 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\SLIDES IFT
  383. [2013/02/13 12:49:08 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\Livro - Cons. Cul. Solos Plant. Florestais
  384. [2013/02/13 12:46:33 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\INSTALADORES DE PROGRAMAS
  385. [2013/02/13 12:46:30 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\ESTÁGIO - SOLOS
  386. [2013/02/13 12:46:30 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\DOCUMENTOS
  387. [2013/02/13 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\DESIRÉE MINICURSO AUTOCAD
  388. [2013/02/13 12:46:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\YouCam
  389. [2013/02/13 12:46:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\CyberLink
  390. [2013/02/13 12:46:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\Adobe
  391. [2013/02/13 12:46:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\Add-in Express
  392. [2013/02/13 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Documents\TCC - QUALIDADE DA MADEIRA
  393. [2013/02/13 12:41:38 | 000,000,000 | ---D | C] -- C:\DESIRÉE ARQUIVOS
  394. [2013/02/07 20:58:53 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\Microsoft Games
  395. [2013/01/28 16:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
  396. [2013/01/26 12:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  397. [2013/01/26 12:05:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
  398. [2013/01/26 12:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
  399. [2013/01/25 20:50:31 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
  400. [2013/01/25 19:50:02 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\RealNetworks
  401. [2013/01/25 19:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
  402. [2013/01/25 19:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
  403. [2013/01/25 19:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
  404. [2013/01/25 19:48:29 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
  405. [2013/01/25 19:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
  406. [2013/01/25 19:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
  407. [2013/01/25 19:46:59 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\Real
  408. [2013/01/25 19:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
  409. [2013/01/10 19:33:55 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\GameHouse
  410. [2013/01/10 19:32:38 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\Desktop\Bjeld3
  411. [2013/01/10 18:19:24 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\WildTangent
  412. [2013/01/10 15:23:04 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Local\Wild Tangent
  413. [2013/01/08 18:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
  414. [2013/01/06 10:38:27 | 000,288,688 | R--- | C] (360.cn) -- C:\Windows\SysNative\drivers\360FltOEM.sys
  415. [2013/01/05 20:38:16 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\DVDVideoSoft
  416. [2013/01/05 20:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
  417. [2013/01/05 20:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
  418. [2013/01/05 20:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
  419. [2013/01/04 19:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  420. [2013/01/04 19:09:44 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  421. [2013/01/04 19:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
  422. [2013/01/04 19:03:27 | 000,000,000 | ---D | C] -- C:\Users\Desirée Jastes\AppData\Roaming\WinRAR
  423. [2012/12/27 00:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
  424. [2012/12/27 00:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
  425. [2012/12/27 00:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
  426.  
  427. [color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
  428.  
  429. [2013/03/23 13:12:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Desirée Jastes\Desktop\OTL.exe
  430. [2013/03/23 13:05:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  431. [2013/03/23 13:04:02 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDesirée Jastes.job
  432. [2013/03/23 12:48:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  433. [2013/03/23 12:02:30 | 000,007,613 | ---- | M] () -- C:\Users\Desirée Jastes\AppData\Local\Resmon.ResmonCfg
  434. [2013/03/23 11:29:34 | 000,022,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  435. [2013/03/23 11:29:34 | 000,022,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  436. [2013/03/23 11:26:33 | 001,517,030 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  437. [2013/03/23 11:26:33 | 000,663,804 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
  438. [2013/03/23 11:26:33 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  439. [2013/03/23 11:26:33 | 000,128,094 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
  440. [2013/03/23 11:26:33 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  441. [2013/03/23 11:22:40 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  442. [2013/03/23 11:21:41 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
  443. [2013/03/23 09:19:18 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
  444. [2013/03/23 09:01:50 | 005,042,224 | R--- | M] (Swearware) -- C:\Users\Desirée Jastes\Desktop\ComboFix.exe
  445. [2013/03/20 17:50:28 | 000,816,128 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\RogueKiller.exe
  446. [2013/03/20 17:49:35 | 000,354,265 | ---- | M] (Farbar) -- C:\Users\Desirée Jastes\Desktop\FSS.exe
  447. [2013/03/17 21:43:59 | 000,000,512 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\Dump_Hdd0_DR0.old
  448. [2013/03/17 21:43:59 | 000,000,512 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\Dump_Hdd0_DR0.mbr
  449. [2013/03/17 21:41:25 | 000,147,456 | ---- | M] (Eric_71) -- C:\Users\Desirée Jastes\Desktop\MbrScan.exe
  450. [2013/03/17 21:18:21 | 000,609,993 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\adwcleaner.exe
  451. [2013/03/17 11:29:27 | 001,567,969 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\Cat.DB
  452. [2013/03/14 20:14:36 | 000,353,792 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\Publicação1.pub
  453. [2013/03/14 20:14:28 | 000,234,081 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\Família3.jpg
  454. [2013/03/13 21:21:59 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  455. [2013/03/12 13:38:06 | 000,299,201 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\2. FAMÍLIA.jpg
  456. [2013/03/12 13:29:54 | 001,492,480 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\família2.pub
  457. [2013/03/12 13:29:41 | 000,299,879 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\4. Família2.jpg
  458. [2013/03/12 13:28:13 | 000,255,974 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\1. AMIGOS.jpg
  459. [2013/03/12 13:18:38 | 000,184,692 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\3. eu e yuri.jpg
  460. [2013/03/12 12:12:19 | 000,269,312 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\3. eu e yuri.pub
  461. [2013/03/11 19:44:24 | 000,003,302 | ---- | M] () -- C:\Windows\SysWow64\LexFiles.ulf
  462. [2013/03/11 19:34:23 | 003,262,464 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\3. AMOR.pub
  463. [2013/03/11 18:41:09 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
  464. [2013/03/11 18:41:09 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
  465. [2013/03/11 18:41:09 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
  466. [2013/03/11 18:41:05 | 000,002,577 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
  467. [2013/03/11 18:05:59 | 006,259,608 | ---- | M] (Symantec Corporation) -- C:\Users\Desirée Jastes\Desktop\NRnR.exe
  468. [2013/03/11 17:24:21 | 357,096,574 | ---- | M] () -- C:\Windows\MEMORY.DMP
  469. [2013/03/11 16:16:03 | 000,504,832 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\Família.pub
  470. [2013/03/11 15:52:06 | 000,630,784 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\amigos.pub
  471. [2013/02/27 15:15:26 | 001,039,229 | ---- | M] () -- C:\Users\Desirée Jastes\Documents\Panorama_do_mercado_de_paineis_de_madeira.pdf
  472. [2013/02/20 10:33:09 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\isolate.ini
  473. [2013/02/18 21:23:05 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
  474. [2013/02/15 18:48:46 | 000,415,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  475. [2013/02/15 18:47:53 | 001,555,513 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\Cat.DB
  476. [2013/02/14 16:39:57 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\VT20130115.021
  477. [2013/02/10 19:48:23 | 000,000,056 | ---- | M] () -- C:\{C85165F6-ED34-49DF-A5FD-51CCDB63D002}
  478. [2013/01/31 16:55:08 | 000,007,589 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtspx64.cat
  479. [2013/01/31 16:55:06 | 000,007,585 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtsp64.cat
  480. [2013/01/30 16:18:18 | 000,432,800 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403000.024\symnets.sys
  481. [2013/01/30 16:18:12 | 000,001,440 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymNet.inf
  482. [2013/01/30 16:18:06 | 001,139,800 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymEFA64.sys
  483. [2013/01/30 16:18:06 | 000,014,818 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymVTcer.dat
  484. [2013/01/30 16:18:06 | 000,007,587 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymEFA64.cat
  485. [2013/01/30 16:18:06 | 000,003,434 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymEFA.inf
  486. [2013/01/30 16:17:58 | 000,007,581 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymDS64.cat
  487. [2013/01/28 14:45:20 | 000,796,248 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtsp64.sys
  488. [2013/01/28 14:45:20 | 000,036,952 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtspx64.sys
  489. [2013/01/28 14:45:20 | 000,001,420 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtspx64.inf
  490. [2013/01/28 14:45:18 | 000,001,438 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\srtsp64.inf
  491. [2013/01/25 19:48:29 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
  492. [2013/01/24 19:40:27 | 000,001,381 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\Bejeweled3.exe.lnk
  493. [2013/01/21 15:15:34 | 000,493,656 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymDS64.sys
  494. [2013/01/21 15:15:32 | 000,002,852 | R--- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\SymDS.inf
  495. [2013/01/15 20:59:34 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403000.024\VT20130115.021
  496. [2013/01/05 20:38:02 | 000,001,402 | ---- | M] () -- C:\Users\Desirée Jastes\Desktop\Free YouTube to MP3 Converter.lnk
  497.  
  498. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  499.  
  500. [2013/03/23 12:02:30 | 000,007,613 | ---- | C] () -- C:\Users\Desirée Jastes\AppData\Local\Resmon.ResmonCfg
  501. [2013/03/23 08:54:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
  502. [2013/03/23 08:54:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
  503. [2013/03/23 08:54:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
  504. [2013/03/23 08:54:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
  505. [2013/03/23 08:54:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  506. [2013/03/21 07:27:29 | 001,039,229 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\Panorama_do_mercado_de_paineis_de_madeira.pdf
  507. [2013/03/20 17:49:58 | 000,816,128 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\RogueKiller.exe
  508. [2013/03/17 21:42:29 | 000,000,512 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\Dump_Hdd0_DR0.old
  509. [2013/03/17 21:42:29 | 000,000,512 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\Dump_Hdd0_DR0.mbr
  510. [2013/03/17 21:17:59 | 000,609,993 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\adwcleaner.exe
  511. [2013/03/14 21:01:43 | 000,642,681 | ---- | C] () -- C:\Windows\SysWow64\wlnotify.exe
  512. [2013/03/14 20:14:35 | 000,353,792 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\Publicação1.pub
  513. [2013/03/14 20:14:27 | 000,234,081 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\Família3.jpg
  514. [2013/03/12 13:29:53 | 001,492,480 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\família2.pub
  515. [2013/03/12 13:29:39 | 000,299,879 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\4. Família2.jpg
  516. [2013/03/12 12:12:29 | 000,184,692 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\3. eu e yuri.jpg
  517. [2013/03/12 12:12:18 | 000,269,312 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\3. eu e yuri.pub
  518. [2013/03/11 20:07:01 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  519. [2013/03/11 20:00:03 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  520. [2013/03/11 20:00:02 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  521. [2013/03/11 19:44:21 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
  522. [2013/03/11 19:44:21 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
  523. [2013/03/11 19:44:21 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
  524. [2013/03/11 19:44:21 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
  525. [2013/03/11 19:44:21 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
  526. [2013/03/11 19:44:21 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
  527. [2013/03/11 19:44:21 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
  528. [2013/03/11 19:44:21 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
  529. [2013/03/11 19:44:20 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
  530. [2013/03/11 19:44:20 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
  531. [2013/03/11 19:44:20 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
  532. [2013/03/11 19:44:20 | 000,537,256 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcoms.exe
  533. [2013/03/11 19:44:20 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
  534. [2013/03/11 19:44:20 | 000,385,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkih.exe
  535. [2013/03/11 19:44:20 | 000,381,608 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcfg.exe
  536. [2013/03/11 19:44:20 | 000,180,904 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkppls.exe
  537. [2013/03/11 19:44:20 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
  538. [2013/03/11 19:44:20 | 000,003,302 | ---- | C] () -- C:\Windows\SysWow64\LexFiles.ulf
  539. [2013/03/11 19:44:20 | 000,001,525 | ---- | C] () -- C:\Windows\SysWow64\lxbk.loc
  540. [2013/03/11 19:34:22 | 003,262,464 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\3. AMOR.pub
  541. [2013/03/11 18:41:09 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
  542. [2013/03/11 18:41:09 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
  543. [2013/03/11 18:41:05 | 000,002,577 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
  544. [2013/03/11 17:24:21 | 357,096,574 | ---- | C] () -- C:\Windows\MEMORY.DMP
  545. [2013/03/11 16:16:02 | 000,504,832 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\Família.pub
  546. [2013/03/11 16:15:51 | 000,299,201 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\2. FAMÍLIA.jpg
  547. [2013/03/11 15:52:05 | 000,630,784 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\amigos.pub
  548. [2013/03/11 15:51:22 | 000,255,974 | ---- | C] () -- C:\Users\Desirée Jastes\Documents\1. AMIGOS.jpg
  549. [2013/02/18 21:23:05 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
  550. [2013/02/10 19:48:23 | 000,000,056 | ---- | C] () -- C:\{C85165F6-ED34-49DF-A5FD-51CCDB63D002}
  551. [2013/01/24 19:39:59 | 000,001,381 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\Bejeweled3.exe.lnk
  552. [2013/01/13 13:14:06 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForDesirée Jastes.job
  553. [2013/01/05 20:38:02 | 000,001,402 | ---- | C] () -- C:\Users\Desirée Jastes\Desktop\Free YouTube to MP3 Converter.lnk
  554. [2012/11/25 12:31:46 | 001,509,578 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  555. [2011/05/13 07:33:18 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
  556. [2011/04/15 16:05:50 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
  557. [2011/04/15 16:05:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
  558. [2011/04/15 16:05:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
  559. [2011/04/15 15:59:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  560. [2011/04/15 15:33:40 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
  561.  
  562. [color=#E56717]========== ZeroAccess Check ==========[/color]
  563.  
  564. [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  565.  
  566. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  567.  
  568. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  569.  
  570. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  571.  
  572. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  573.  
  574. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  575. "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
  576. "ThreadingModel" = Apartment
  577.  
  578. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  579. "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
  580. "ThreadingModel" = Apartment
  581.  
  582. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  583. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  584. "ThreadingModel" = Free
  585.  
  586. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  587. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  588. "ThreadingModel" = Free
  589.  
  590. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  591. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  592. "ThreadingModel" = Both
  593.  
  594. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  595.  
  596. [color=#E56717]========== LOP Check ==========[/color]
  597.  
  598. [2013/03/17 19:41:57 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\0B1T1L2V1T1J1L
  599. [2013/01/25 20:50:31 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
  600. [2013/01/05 20:38:38 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\DVDVideoSoft
  601. [2012/12/06 16:07:43 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\SoftGrid Client
  602. [2012/12/04 23:56:10 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\TP
  603. [2013/01/10 18:19:32 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\WildTangent
  604. [2013/03/17 16:31:24 | 000,000,000 | ---D | M] -- C:\Users\Desirée Jastes\AppData\Roaming\Windows Live Writer
  605.  
  606. [color=#E56717]========== Purity Check ==========[/color]
  607.  
  608.  
  609.  
  610. [color=#E56717]========== Custom Scans ==========[/color]
  611.  
  612. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  613. [2013/03/17 21:20:25 | 000,004,160 | ---- | M] () -- C:\AdwCleaner[S1].txt
  614. [2010/11/21 00:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
  615. [2013/03/23 09:23:46 | 000,023,988 | ---- | M] () -- C:\ComboFix.txt
  616. [2013/03/23 11:21:41 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
  617. [2013/03/11 16:51:01 | 000,000,300 | ---- | M] () -- C:\lxbk.log
  618. [2013/03/23 11:21:41 | 4240,293,888 | -HS- | M] () -- C:\pagefile.sys
  619. [2013/02/10 19:48:23 | 000,000,056 | ---- | M] () -- C:\{C85165F6-ED34-49DF-A5FD-51CCDB63D002}
  620.  
  621. [color=#A23BEC]< %systemdrive%\drivers\*.exe >[/color]
  622.  
  623. [color=#A23BEC]< %systemroot%\system32\drivers\*.* /180 >[/color]
  624.  
  625. [color=#A23BEC]< %PROGRAMFILES%(x86)\*.* >[/color]
  626.  
  627. [color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
  628.  
  629. [color=#A23BEC]< %LOCALAPPDATA%\*.txt >[/color]
  630.  
  631. [color=#A23BEC]< %LOCALAPPDATA%\*.ini >[/color]
  632.  
  633. [color=#A23BEC]< %LOCALAPPDATA%\*.dll >[/color]
  634.  
  635. [color=#A23BEC]< %LOCALAPPDATA%\*.dat >[/color]
  636. [2012/12/13 18:34:07 | 000,110,376 | ---- | M] () -- C:\Users\Desirée Jastes\AppData\Local\GDIPFONTCACHEV1.DAT
  637.  
  638. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  639.  
  640. [color=#A23BEC]< %USERPROFILE%\*.txt >[/color]
  641.  
  642. [color=#A23BEC]< %USERPROFILE%\*.ini >[/color]
  643. [2012/11/24 17:26:16 | 000,000,020 | -HS- | M] () -- C:\Users\Desirée Jastes\ntuser.ini
  644.  
  645. [color=#A23BEC]< %USERPROFILE%\*.dll >[/color]
  646.  
  647. [color=#A23BEC]< %USERPROFILE%\*.dat /30 >[/color]
  648. [2013/03/23 13:26:10 | 004,980,736 | -HS- | M] () -- C:\Users\Desirée Jastes\ntuser.dat
  649.  
  650. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  651.  
  652. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  653. [2009/06/10 17:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
  654.  
  655. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  656.  
  657. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  658. [2009/07/14 02:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  659. [2009/07/14 02:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  660. [2009/07/14 02:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  661. [2009/07/14 02:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  662.  
  663. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  664. [2010/11/10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
  665.  
  666. [color=#A23BEC]< %appdata%\*.* >[/color]
  667.  
  668. [color=#A23BEC]< %programdata%\*.* >[/color]
  669. [2013/03/23 11:21:52 | 000,262,144 | ---- | M] () -- C:\ProgramData\NtUser.Dat
  670. [2013/03/23 11:21:52 | 000,005,120 | -HS- | M] () -- C:\ProgramData\NtUser.Dat.LOG1
  671. [2013/03/23 11:21:52 | 000,000,000 | -HS- | M] () -- C:\ProgramData\NtUser.Dat.LOG2
  672. [2012/11/25 11:12:26 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{162106d8-370a-11e2-b62b-4c809397b2e1}.TM.blf
  673. [2012/11/25 11:12:26 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{162106d8-370a-11e2-b62b-4c809397b2e1}.TMContainer00000000000000000001.regtrans-ms
  674. [2012/11/25 11:12:26 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{162106d8-370a-11e2-b62b-4c809397b2e1}.TMContainer00000000000000000002.regtrans-ms
  675. [2012/11/25 12:13:49 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{a2cfc2ee-3712-11e2-9f03-806e6f6e6963}.TM.blf
  676. [2012/11/25 12:13:49 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{a2cfc2ee-3712-11e2-9f03-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
  677. [2012/11/25 12:13:49 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{a2cfc2ee-3712-11e2-9f03-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
  678. [2013/03/23 11:21:52 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{ebb8b533-93c4-11e2-918c-806e6f6e6963}.TM.blf
  679. [2013/03/23 11:21:52 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{ebb8b533-93c4-11e2-918c-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
  680. [2013/03/23 11:21:52 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NtUser.Dat{ebb8b533-93c4-11e2-918c-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
  681.  
  682. [color=#A23BEC]< %programdata%\*.exe /s >[/color]
  683. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\30193\AcrobatUpdater.exe
  684. [2012/01/03 04:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\30193\AdobeARM.exe
  685. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\30193\AdobeARMHelper.exe
  686. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\30193\ReaderUpdater.exe
  687. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4725\AcrobatUpdater.exe
  688. [2012/01/03 04:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4725\AdobeARM.exe
  689. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4725\AdobeARMHelper.exe
  690. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4725\ReaderUpdater.exe
  691. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\6619\AcrobatUpdater.exe
  692. [2012/01/03 04:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\6619\AdobeARM.exe
  693. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\6619\AdobeARMHelper.exe
  694. [2012/01/03 04:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\6619\ReaderUpdater.exe
  695. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\15233\AcrobatUpdater.exe
  696. [2012/12/03 04:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\15233\AdobeARM.exe
  697. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\15233\AdobeARMHelper.exe
  698. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\15233\ReaderUpdater.exe
  699. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\19292\AcrobatUpdater.exe
  700. [2012/12/03 04:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\19292\AdobeARM.exe
  701. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\19292\AdobeARMHelper.exe
  702. [2012/12/03 04:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.1.4\19292\ReaderUpdater.exe
  703. [2010/09/30 03:11:38 | 001,586,624 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\Adobe\Elements Organizer\9.0\Flash Galleries\Dynamic\flashplayer\windows\SAFlashPlayer.exe
  704. [2010/09/30 03:15:32 | 000,083,392 | ---- | M] () -- C:\ProgramData\Adobe\Elements Organizer\9.0\Slideshow Templates\yahoomap\resources\AuthSWF.exe
  705. [2012/11/06 16:16:46 | 000,180,640 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFdetect.exe
  706. [2011/11/10 12:59:00 | 000,248,376 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFfix.exe
  707. [2012/11/20 13:25:12 | 000,740,224 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe
  708. [2013/02/18 21:18:35 | 041,580,520 | ---- | M] (Hewlett-Packard ) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\sp58915.exe
  709. [2011/04/13 15:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\unzip.exe
  710. [2011/06/08 16:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\WaitWindow.exe
  711. [2012/09/05 17:08:16 | 000,592,288 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
  712. [2011/04/13 15:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
  713. [2011/06/08 16:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
  714. [2010/05/21 17:38:56 | 000,074,808 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Hewlett-Packard\HPHelpUpdater\HPHelpUpdater.exe
  715. [2011/04/23 14:52:04 | 174,490,392 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-0914bbbf-29e2-4e91-a301-4c3d597d0a52-extr.exe
  716. [2011/04/23 14:51:30 | 004,095,144 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-0a067aa7-926d-477c-8752-5c47ab622831-extr.exe
  717. [2011/04/23 14:19:26 | 159,358,232 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-0b6a505b-c772-4a18-ab31-42b1b4671e44-extr.exe
  718. [2011/04/23 14:53:18 | 144,897,328 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-11d5429f-499b-47c1-b665-69b74d103229-extr.exe
  719. [2011/04/23 14:47:56 | 004,147,992 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-1b0c80cb-8b3e-44ff-8556-c5cb391a14dc-extr.exe
  720. [2011/04/23 14:51:14 | 176,298,368 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-273bf685-a417-4d0a-92d3-2613cba17e2e-extr.exe
  721. [2011/04/23 14:54:22 | 008,609,752 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-2cc10f8d-455d-437d-9b81-8b6fd66ede21-extr.exe
  722. [2011/04/23 14:52:46 | 015,173,400 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-30d36f88-68e2-443d-8e86-b412ab7f6ae5-extr.exe
  723. [2011/04/23 14:45:16 | 029,243,696 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-4235660a-67fe-495d-a8af-e794bb23a99a-extr.exe
  724. [2011/04/23 14:36:16 | 009,338,320 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-511f86e8-11ea-4e37-9c7c-96ac757fac54-extr.exe
  725. [2011/04/23 14:53:40 | 011,063,264 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-5b4140da-ae6c-48f6-9db5-674e344ee84c-extr.exe
  726. [2011/04/23 14:28:22 | 017,894,736 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-5c94698d-89f0-45bd-93d5-8d13fef6d2b7-extr.exe
  727. [2011/04/23 14:54:42 | 052,665,208 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-61dd9f51-1623-4064-a6cd-a02c7dcc5368-extr.exe
  728. [2011/04/23 14:52:24 | 004,536,736 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-62ad9a61-9160-43e0-b0e2-a3843543b106-extr.exe
  729. [2011/04/23 14:50:10 | 144,535,528 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-7a26b11a-6438-427a-afc5-2734aa718cae-extr.exe
  730. [2011/04/23 14:40:42 | 026,543,472 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-7dc07d70-9189-4b00-b552-133cabdb3a52-extr.exe
  731. [2011/04/23 14:44:52 | 049,576,128 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-87aec1a5-b79f-483e-bd6c-731d66589188-extr.exe
  732. [2011/04/23 14:39:30 | 011,854,680 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-9514768d-61e2-4f75-afc8-257493cafebb-extr.exe
  733. [2011/04/23 14:48:56 | 058,482,304 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-bb20e558-d532-45cc-9b71-a1bf10b01bd1-extr.exe
  734. [2011/04/23 14:49:40 | 037,887,368 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-c2fd79d7-9175-454c-9663-d0e6c02e421e-extr.exe
  735. [2011/04/23 14:17:48 | 050,255,880 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-c5beed0b-486a-4d61-a984-bf27e2d65af4-extr.exe
  736. [2011/04/23 14:55:28 | 018,114,672 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-d2df6c3f-719e-4241-b5b8-37eb52118ad1-extr.exe
  737. [2011/04/23 14:50:38 | 108,557,856 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-dc12f025-c295-4c4b-bd28-3f387a5f5c3e-extr.exe
  738. [2011/04/23 14:22:00 | 023,773,736 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-e1e6d985-b01b-4c1b-acf3-d0440888f245-extr.exe
  739. [2011/04/23 14:39:54 | 038,121,784 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-f8fb8753-fb82-4c24-891c-58d1d5b862d5-extr.exe
  740. [2011/04/23 14:37:28 | 124,998,960 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-fb05f6cb-0fa3-404d-b82b-0283f8c7e536-extr.exe
  741. [2013/01/10 18:18:59 | 003,774,144 | ---- | M] (WildTangent, Inc.) -- C:\ProgramData\WildTangent\Updater\GameConsole\GameConsole-4.0.26.40.exe
  742. [2011/02/25 19:12:54 | 000,049,384 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\Updater\GameConsole\Park-{c9328807-57f8-4df5-b489-649e674fdf63}.exe
  743. [2011/02/25 19:12:54 | 000,442,600 | ---- | M] (WildTangent, Inc.) -- C:\ProgramData\WildTangent\WildTangent Games\App\Update\Updater.exe
  744.  
  745. [color=#A23BEC]< %programdata%\*.dll /s >[/color]
  746. [2008/06/13 16:46:44 | 000,360,580 | ---- | M] (eSellerate Inc.) -- C:\ProgramData\eSellerate\eSellerateEngine.dll
  747. [2011/02/22 17:09:42 | 000,016,440 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\ProgramData\Hewlett-Packard\HP Power Manager\muires.dll
  748. [2012/06/20 14:21:46 | 000,061,344 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HP.SupportFramework.Common.dll
  749. [2012/06/20 14:20:30 | 000,033,696 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HP.SupportFramework.Communicator.dll
  750. [2012/06/27 15:08:18 | 001,402,784 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HP.SupportFramework.UI.dll
  751. [2011/04/13 15:12:36 | 000,018,944 | ---- | M] ( ) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\Interop.NETWORKLIST.dll
  752. [2012/11/20 13:25:00 | 000,049,152 | ---- | M] ( ) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\Interop.TaskScheduler.dll
  753. [2012/09/03 20:22:34 | 000,066,464 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HP.SupportFramework.Common.dll
  754. [2012/09/03 20:21:54 | 000,034,208 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HP.SupportFramework.Communicator.dll
  755. [2012/09/03 20:22:18 | 001,455,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HP.SupportFramework.UI.dll
  756. [2012/09/03 20:22:10 | 000,239,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HP.SupportFramework.Utilities.dll
  757. [2011/04/13 17:12:36 | 000,018,944 | ---- | M] ( ) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\Interop.NETWORKLIST.dll
  758. [2012/09/05 17:08:04 | 000,049,152 | ---- | M] ( ) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\Interop.TaskScheduler.dll
  759. [2009/06/10 16:14:44 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\PresentationFramework.Aero.dll
  760. [2009/12/15 14:49:50 | 000,016,680 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\ProgramData\Hewlett-Packard\System Default Settings\muires.dll
  761. [2009/06/10 17:31:21 | 000,015,616 | ---- | M] (Microsoft Corp.) -- C:\ProgramData\Microsoft\IdentityCRL\ppcrlconfig.dll
  762. [2009/06/10 17:31:21 | 000,254,216 | ---- | M] (Microsoft Corp.) -- C:\ProgramData\Microsoft\IdentityCRL\ppcrlui.dll
  763. [2012/11/25 12:14:56 | 000,019,696 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  764. [2013/02/19 04:57:14 | 009,162,192 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C93FB20-09FA-4FD7-8960-CA7D6D5286AF}\mpengine.dll
  765. [2013/02/19 04:57:14 | 009,162,192 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
  766. [2013/02/13 16:01:24 | 001,110,864 | R--- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\components\coFFPl19.dll
  767. [2013/02/13 16:01:22 | 001,111,376 | R--- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\components\coFFPlgn.dll
  768. [2013/01/15 23:57:36 | 001,160,120 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130301.001\bbRGen.dll
  769. [2013/01/15 23:57:39 | 001,893,304 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130301.001\BHEngine.dll
  770. [2013/01/15 23:57:40 | 000,290,232 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130301.001\UMEngx86.dll
  771. [2013/03/09 17:53:52 | 000,795,616 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130319.002\IDSxpx86.dll
  772. [2013/03/20 17:59:01 | 000,391,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130319.002\IPSFFPl.dll
  773. [2013/03/20 17:59:01 | 001,252,248 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130319.002\Scxpx86.dll
  774. [2013/03/09 17:53:52 | 000,795,616 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130320.001\IDSxpx86.dll
  775. [2013/03/20 17:59:01 | 000,391,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130320.001\IPSFFPl.dll
  776. [2013/03/20 17:59:01 | 001,252,248 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130320.001\Scxpx86.dll
  777. [2013/03/09 17:53:52 | 000,795,616 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130321.001\IDSxpx86.dll
  778. [2013/03/20 17:59:01 | 000,391,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130321.001\IPSFFPl.dll
  779. [2013/03/20 17:59:01 | 001,252,248 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130321.001\Scxpx86.dll
  780. [2013/03/09 17:53:52 | 000,795,616 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130322.001\IDSxpx86.dll
  781. [2013/03/20 17:59:01 | 000,391,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130322.001\IPSFFPl.dll
  782. [2013/03/20 17:59:01 | 001,252,248 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130322.001\Scxpx86.dll
  783. [2013/03/11 01:00:00 | 003,016,864 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\cceraser.dll
  784. [2013/03/11 01:00:00 | 000,297,000 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\ECMSVR32.DLL
  785. [2013/03/11 01:00:00 | 000,190,440 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\NAVENG32.DLL
  786. [2013/03/11 01:00:00 | 001,939,432 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130322.032\NAVEX32A.DLL
  787. [2013/03/23 08:37:37 | 000,391,576 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFFPlgn\components\IPSFFPl.dll
  788. [2012/11/29 19:31:22 | 000,135,328 | ---- | M] (RealDownloader) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
  789. [2012/11/29 19:36:24 | 000,052,384 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll
  790. [2012/11/29 19:36:06 | 000,060,928 | ---- | M] () -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlpepperbrowserrecordhelper.dll
  791. [2012/11/29 19:34:24 | 000,507,096 | ---- | M] (RealDownloader) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Common\rndlmainbrowserrecordplugin.dll
  792. [2012/11/29 19:35:24 | 000,110,592 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Components\nprndlffbrowserrecordext.dll
  793. [2012/11/29 19:35:06 | 000,108,032 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Components\nprndlffbrowserrecordlegacyext.dll
  794. [2012/11/29 19:33:02 | 000,539,888 | ---- | M] (RealDownloader) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
  795. [2012/11/29 19:35:58 | 000,148,480 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
  796. [2012/11/29 19:35:32 | 000,016,384 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
  797. [2012/11/29 19:35:38 | 000,016,384 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
  798. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimhtml5.dll
  799. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimpepperflash.dll
  800. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimqt.dll
  801. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimrp.dll
  802. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimswf.dll
  803. [2012/11/29 19:34:46 | 000,055,808 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\ThinShims\rndlnpshimwmp.dll
  804.  
  805. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.* >[/color]
  806. [2011/08/01 18:20:34 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
  807. [2011/08/01 18:20:34 | 000,002,535 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\ie9props.propdesc
  808. [2011/08/01 18:20:34 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
  809. [2011/08/01 18:20:34 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
  810. [2013/02/02 00:32:23 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
  811. [2011/08/01 18:20:34 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
  812. [2011/08/01 18:20:34 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
  813. [2013/02/02 00:28:24 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
  814. [2013/02/02 00:27:59 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
  815. [2013/02/02 01:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  816. [2013/02/02 00:31:41 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
  817. [2011/08/01 18:20:34 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
  818. [2011/08/01 18:20:34 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
  819. [2011/08/01 18:20:34 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
  820. [2009/06/10 18:14:14 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\msdbg2.dll
  821. [2011/08/01 18:20:34 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
  822. [2009/06/10 18:14:15 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\pdm.dll
  823. [2013/02/02 01:19:04 | 000,149,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
  824.  
  825. [color=#A23BEC]< C:\windows\system32\Tasks\*.* /64 >[/color]
  826. [2013/01/08 18:13:16 | 000,003,530 | ---- | M] () -- C:\Windows\SysNative\Tasks\AdobeAAMUpdater-1.0-DesiréeJastes-Desirée Jastes
  827. [2013/03/17 21:10:54 | 000,003,434 | ---- | M] () -- C:\Windows\SysNative\Tasks\BrowserProtect
  828. [2013/03/17 19:40:30 | 000,003,384 | ---- | M] () -- C:\Windows\SysNative\Tasks\DealPlyUpdate
  829. [2013/03/11 20:00:03 | 000,003,828 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineCore
  830. [2013/03/11 20:00:03 | 000,004,080 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineUA
  831. [2013/02/17 13:04:38 | 000,003,240 | ---- | M] () -- C:\Windows\SysNative\Tasks\HPCeeScheduleForDesirée Jastes
  832. [2012/07/17 10:21:55 | 000,003,148 | ---- | M] () -- C:\Windows\SysNative\Tasks\MirageAgent
  833. [2013/03/11 18:41:09 | 000,003,234 | ---- | M] () -- C:\Windows\SysNative\Tasks\Norton WSC Integration
  834. [2013/03/23 12:59:28 | 000,003,252 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3880167770-2259112676-1933543761-1000
  835. [2013/03/23 12:59:28 | 000,003,368 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3880167770-2259112676-1933543761-1000
  836. [2013/01/16 22:36:15 | 000,003,876 | ---- | M] () -- C:\Windows\SysNative\Tasks\SetupManager
  837. [2013/03/23 08:17:15 | 000,003,998 | ---- | M] () -- C:\Windows\SysNative\Tasks\User_Feed_Synchronization-{470A8FE0-20DD-4A46-AC41-7E1E3CF2A67C}
  838. [2009/07/14 02:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
  839. [2009/07/14 02:08:49 | 000,020,474 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  840. [2013/01/13 13:14:06 | 000,000,368 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForDesirée Jastes.job
  841. [2013/03/11 20:00:02 | 000,001,080 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  842. [2013/03/11 20:00:03 | 000,001,084 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  843.  
  844. [color=#A23BEC]< %windir%\tasks\*.* >[/color]
  845. [2013/03/23 11:22:40 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  846. [2013/03/23 13:05:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  847. [2013/03/23 13:04:02 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDesirée Jastes.job
  848. [2013/03/23 11:21:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
  849. [2009/07/14 02:08:49 | 000,020,474 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
  850.  
  851. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
  852. "DefaultConnectionSettings" = 46 00 00 00 27 00 00 00 01 00 00 00 00 00 00 00 05 00 00 00 6C 6F 63 61 6C 00 00 00 00 00 00 00 00 00 00 00 00 A1 E5 27 32 07 D8 CD 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 BA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 41 37 9E 76 30 2E 37 0F 3F 57 FF 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
  853. "SavedLegacySettings" = 46 00 00 00 D7 02 00 00 01 00 00 00 00 00 00 00 05 00 00 00 6C 6F 63 61 6C 00 00 00 00 00 00 00 00 00 00 00 00 A1 E5 27 32 07 D8 CD 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 BA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 41 37 9E 76 30 2E 37 0F 3F 57 FF 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
  854.  
  855. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >[/color]
  856.  
  857. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >[/color]
  858.  
  859. [color=#A23BEC]< HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
  860.  
  861. [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP >[/color]
  862.  
  863. [color=#A23BEC]< HKCU\Software\Microsoft\Internet Explorer\Downloads >[/color]
  864.  
  865. [color=#A23BEC]< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >[/color]
  866.  
  867. [color=#A23BEC]< MD5 for: SERVICES >[/color]
  868. [2009/06/10 18:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
  869.  
  870. [color=#A23BEC]< MD5 for: SERVICES.ASFX >[/color]
  871. [2012/07/27 17:52:04 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
  872. [2012/07/27 17:52:04 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
  873. [2012/07/27 17:51:54 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
  874. [2012/07/27 17:51:50 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
  875. [2012/07/27 17:51:52 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
  876. [2012/07/27 17:51:52 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
  877. [2012/07/27 17:51:56 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
  878. [2012/07/27 17:51:58 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
  879. [2012/07/27 17:51:42 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
  880. [2012/07/27 17:51:56 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
  881. [2012/07/27 17:51:40 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
  882. [2012/07/27 17:52:02 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
  883. [2012/07/27 17:51:38 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
  884. [2012/07/27 17:51:50 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
  885. [2012/07/27 17:51:40 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
  886. [2012/07/27 17:52:06 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
  887. [2012/07/27 17:51:56 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
  888. [2012/07/27 17:52:06 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
  889. [2012/07/27 17:52:08 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
  890. [2012/07/27 17:51:46 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
  891. [2012/07/27 17:52:00 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
  892. [2012/07/27 17:51:44 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
  893. [2012/07/27 17:52:00 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
  894. [2010/11/15 21:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
  895. [2012/07/27 17:51:48 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
  896. [2012/07/27 17:51:46 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
  897. [2012/07/27 17:51:44 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
  898.  
  899. [color=#A23BEC]< MD5 for: SERVICES.ASFX1 >[/color]
  900. [2010/11/15 21:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1
  901.  
  902. [color=#A23BEC]< MD5 for: SERVICES.ASFX10 >[/color]
  903. [2010/11/15 21:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10
  904.  
  905. [color=#A23BEC]< MD5 for: SERVICES.ASFX11 >[/color]
  906. [2010/11/15 21:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11
  907.  
  908. [color=#A23BEC]< MD5 for: SERVICES.ASFX12 >[/color]
  909. [2010/11/15 21:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12
  910.  
  911. [color=#A23BEC]< MD5 for: SERVICES.ASFX13 >[/color]
  912. [2010/11/15 21:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13
  913.  
  914. [color=#A23BEC]< MD5 for: SERVICES.ASFX14 >[/color]
  915. [2010/11/15 21:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14
  916.  
  917. [color=#A23BEC]< MD5 for: SERVICES.ASFX15 >[/color]
  918. [2010/11/15 21:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15
  919.  
  920. [color=#A23BEC]< MD5 for: SERVICES.ASFX16 >[/color]
  921. [2010/11/15 21:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16
  922.  
  923. [color=#A23BEC]< MD5 for: SERVICES.ASFX17 >[/color]
  924. [2010/11/15 21:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17
  925.  
  926. [color=#A23BEC]< MD5 for: SERVICES.ASFX18 >[/color]
  927. [2010/11/15 21:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18
  928.  
  929. [color=#A23BEC]< MD5 for: SERVICES.ASFX19 >[/color]
  930. [2010/11/15 21:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19
  931.  
  932. [color=#A23BEC]< MD5 for: SERVICES.ASFX2 >[/color]
  933. [2010/11/15 21:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2
  934.  
  935. [color=#A23BEC]< MD5 for: SERVICES.ASFX20 >[/color]
  936. [2010/11/15 21:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20
  937.  
  938. [color=#A23BEC]< MD5 for: SERVICES.ASFX21 >[/color]
  939. [2010/11/15 21:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21
  940.  
  941. [color=#A23BEC]< MD5 for: SERVICES.ASFX22 >[/color]
  942. [2010/11/15 21:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22
  943.  
  944. [color=#A23BEC]< MD5 for: SERVICES.ASFX23 >[/color]
  945. [2010/11/15 21:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23
  946.  
  947. [color=#A23BEC]< MD5 for: SERVICES.ASFX24 >[/color]
  948. [2010/11/15 21:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24
  949.  
  950. [color=#A23BEC]< MD5 for: SERVICES.ASFX25 >[/color]
  951. [2010/11/15 21:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25
  952.  
  953. [color=#A23BEC]< MD5 for: SERVICES.ASFX3 >[/color]
  954. [2010/11/15 21:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3
  955.  
  956. [color=#A23BEC]< MD5 for: SERVICES.ASFX4 >[/color]
  957. [2010/11/15 21:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4
  958.  
  959. [color=#A23BEC]< MD5 for: SERVICES.ASFX5 >[/color]
  960. [2010/11/15 21:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5
  961.  
  962. [color=#A23BEC]< MD5 for: SERVICES.ASFX6 >[/color]
  963. [2010/11/15 21:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6
  964.  
  965. [color=#A23BEC]< MD5 for: SERVICES.ASFX7 >[/color]
  966. [2010/11/15 21:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7
  967.  
  968. [color=#A23BEC]< MD5 for: SERVICES.ASFX8 >[/color]
  969. [2010/11/15 21:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8
  970.  
  971. [color=#A23BEC]< MD5 for: SERVICES.ASFX9 >[/color]
  972. [2010/11/15 21:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9
  973.  
  974. [color=#A23BEC]< MD5 for: SERVICES.CFG >[/color]
  975. [2012/12/18 11:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
  976. [2010/11/15 21:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg
  977.  
  978. [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
  979. [2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
  980. [2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
  981. [2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
  982.  
  983. [color=#A23BEC]< MD5 for: SERVICES.EXE.MUI >[/color]
  984. [2011/08/01 22:52:52 | 000,018,432 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\pt-BR\services.exe.mui
  985. [2011/08/01 22:52:52 | 000,018,432 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_c78e6f42ac5a3207\services.exe.mui
  986.  
  987. [color=#A23BEC]< MD5 for: SERVICES.LNK >[/color]
  988. [2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
  989. [2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
  990. [2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
  991.  
  992. [color=#A23BEC]< MD5 for: SERVICES.MOF >[/color]
  993. [2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
  994. [2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
  995.  
  996. [color=#A23BEC]< MD5 for: SERVICES.MSC >[/color]
  997. [2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
  998. [2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
  999. [2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
  1000. [2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
  1001. [2011/08/01 22:52:50 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\SysNative\pt-BR\services.msc
  1002. [2011/08/01 22:52:54 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\SysWOW64\pt-BR\services.msc
  1003. [2011/08/01 22:52:50 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_01d03f2e82c3cbfa\services.msc
  1004. [2011/08/01 22:52:54 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_a5b1a3aaca665ac4\services.msc
  1005.  
  1006. [color=#A23BEC]< MD5 for: SERVICES.PTXML >[/color]
  1007. [2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
  1008. [2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
  1009.  
  1010. < End of report >
RAW Paste Data