API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 18th, 2017
836
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 62.40 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 11-01-31.01 - Gustavo 31/01/2011 16:12:48.2.4 - x64
  2. Microsoft Windows 7 Home Premium 6.1.7600.0.1252.55.1046.18.3835.2459 [GMT -2:00]
  3. Executando de: c:\users\Gustavo\Desktop\ComboFix.exe
  4. Comandos utilizados :: c:\users\Gustavo\Desktop\CFScript.txt
  5. AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
  6. SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
  7. SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8.  
  9. FILE ::
  10. "c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{BD21B220-CCA9-4868-9F1F-C47AF7AD961D}-Programas.exe"
  11. "c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{BDD64364-3001-4F9F-9855-5ECA43E2FCAD}-site.exe"
  12. "c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{E316D314-41BE-43C8-87DC-C10FFD8736ED}-SENAI.exe"
  13. .
  14.  
  15. (((((((((((((((( Arquivos/Ficheiros criados de 2010-12-28 to 2011-01-31 ))))))))))))))))))))))))))))
  16. .
  17.  
  18. 2011-01-31 18:21 . 2011-01-31 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp
  19. 2011-01-31 13:18 . 2011-01-31 13:18 83765096 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\wlc9178.tmp
  20. 2011-01-31 01:53 . 2011-01-31 01:53 -------- d-----w- c:\program files (x86)\DigitalPersona
  21. 2011-01-31 01:53 . 2011-01-31 01:53 -------- d-----w- c:\program files\DigitalPersona
  22. 2011-01-31 01:05 . 2011-01-31 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
  23. 2011-01-31 00:15 . 2011-01-13 04:20 7844688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
  24. 2011-01-31 00:15 . 2011-01-13 04:20 7844688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{37656333-3401-40AB-B67A-16E14FE7474B}\mpengine.dll
  25. 2011-01-28 13:14 . 2011-01-28 13:14 -------- d-----w- C:\HP_TOOLS_mountHPSF
  26. 2011-01-28 11:54 . 2011-01-28 11:54 -------- d-----w- c:\programdata\EgisTec
  27. 2011-01-26 18:08 . 2010-12-20 20:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
  28. 2011-01-26 18:08 . 2011-01-26 18:08 -------- d-----w- c:\programdata\Malwarebytes
  29. 2011-01-26 18:08 . 2011-01-26 18:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
  30. 2011-01-26 18:08 . 2010-12-20 20:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
  31. 2011-01-26 17:58 . 2011-01-26 17:59 -------- d-----w- C:\LinhaDefensiva
  32. 2011-01-26 17:17 . 2011-01-26 17:17 -------- d-----w- c:\program files (x86)\Trend Micro
  33. 2011-01-26 16:45 . 2011-01-26 17:02 -------- d-----w- c:\program files (x86)\UsbFix
  34. 2011-01-26 16:40 . 2011-01-26 16:40 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{911BE8BE-3CD8-411B-AB0E-32FEB2BA8E0E}\gapaengine.dll
  35. 2011-01-26 16:17 . 2011-01-26 16:17 -------- d-----w- c:\programdata\Panda Security
  36. 2011-01-26 16:17 . 2011-01-26 16:17 -------- d-----w- c:\program files (x86)\Panda USB Vaccine
  37. 2011-01-26 16:14 . 2011-01-26 16:14 -------- d-----w- c:\program files (x86)\Microsoft Security Client
  38. 2011-01-26 16:14 . 2011-01-26 16:14 -------- d-----w- c:\program files\Microsoft Security Client
  39. 2011-01-26 16:13 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
  40. 2011-01-26 16:10 . 2011-01-28 13:32 -------- d-----w- C:\PenClean
  41. 2011-01-26 11:22 . 2011-01-26 11:22 -------- d-----w- c:\programdata\LightScribe
  42. 2011-01-26 00:31 . 2011-01-26 00:42 -------- d-----w- c:\program files (x86)\Nero
  43. 2011-01-26 00:31 . 2011-01-26 00:36 -------- d-----w- c:\programdata\Nero
  44. 2011-01-26 00:31 . 2011-01-26 00:52 -------- d-----w- c:\program files (x86)\Common Files\Nero
  45. 2011-01-25 22:40 . 2011-01-25 22:40 -------- d-----w- c:\programdata\{23D58E70-3B83-4B83-A227-68770F84F5EC}
  46. 2011-01-24 20:32 . 2011-01-18 19:05 226448 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
  47. 2011-01-24 20:32 . 2011-01-18 19:05 54864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  48. 2011-01-24 20:32 . 2011-01-24 20:32 -------- d-----w- c:\program files\Oracle
  49. 2011-01-24 16:33 . 2011-01-24 16:33 -------- d-----w- c:\program files (x86)\TagScanner
  50. 2011-01-20 00:07 . 2011-01-20 00:07 -------- d-----w- c:\users\Public\CyberLink
  51. 2011-01-18 19:05 . 2011-01-18 19:05 154256 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  52. 2011-01-18 19:05 . 2011-01-18 19:05 318992 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
  53. 2011-01-18 19:05 . 2011-01-18 19:05 173840 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
  54. 2011-01-16 23:47 . 2011-01-16 23:47 -------- d-----w- c:\programdata\Messenger Plus!
  55. 2011-01-15 18:28 . 2011-01-15 18:28 -------- d-----w- c:\program files (x86)\Crytec
  56. 2011-01-14 17:43 . 2011-01-14 17:43 -------- d-----w- C:\Fraps
  57. 2011-01-14 15:06 . 2011-01-14 15:06 -------- d-----w- c:\programdata\ATI
  58. 2011-01-14 14:59 . 2011-01-14 14:59 -------- d-----w- c:\program files\Common Files\ATI Technologies
  59. 2011-01-14 14:59 . 2011-01-14 14:59 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
  60. 2011-01-14 14:59 . 2011-01-14 14:59 -------- d-----w- c:\program files (x86)\ATI Stream
  61. 2011-01-14 14:55 . 2011-01-14 14:58 -------- d-----w- c:\program files\ATI Technologies
  62. 2011-01-14 14:53 . 2011-01-14 14:53 -------- d-----w- C:\ATI
  63. 2011-01-14 14:22 . 2011-01-14 14:22 -------- d-----w- C:\AMD
  64. 2011-01-14 14:15 . 2011-01-14 14:15 -------- d-----w- c:\program files (x86)\Messenger Plus! Live
  65. 2011-01-14 13:30 . 2011-01-14 13:31 -------- d-----w- c:\program files (x86)\GameVicio
  66. 2011-01-14 13:01 . 2011-01-14 13:01 -------- d-----w- c:\programdata\Codemasters
  67. 2011-01-14 12:37 . 2011-01-14 12:37 466456 ----a-w- c:\windows\system32\wrap_oal.dll
  68. 2011-01-14 12:37 . 2011-01-14 12:37 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
  69. 2011-01-14 12:37 . 2011-01-14 12:37 121880 ----a-w- c:\windows\system32\OpenAL32.dll
  70. 2011-01-14 12:37 . 2011-01-14 12:37 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
  71. 2011-01-14 12:37 . 2011-01-14 12:37 -------- d-----w- c:\program files (x86)\OpenAL
  72. 2011-01-14 12:37 . 2008-04-28 17:53 805400 ----a-r- c:\windows\SysWow64\tmp3574.tmp
  73. 2011-01-14 12:36 . 2008-04-28 17:53 805400 ----a-r- c:\windows\SysWow64\tmp3544.tmp
  74. 2011-01-14 12:08 . 2011-01-14 12:08 -------- d-----w- c:\program files (x86)\Codemasters
  75. 2011-01-14 10:52 . 2011-01-14 10:52 -------- d-----w- c:\program files (x86)\MSXML 4.0
  76. 2011-01-14 10:52 . 2011-01-14 10:52 -------- d-----w- c:\windows\SysWow64\Wat
  77. 2011-01-14 10:52 . 2011-01-14 10:52 -------- d-----w- c:\windows\system32\Wat
  78. 2011-01-14 05:13 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
  79. 2011-01-14 05:11 . 2009-11-25 14:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
  80. 2011-01-14 05:11 . 2009-11-25 14:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
  81. 2011-01-14 05:11 . 2009-11-25 14:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
  82. 2011-01-14 05:11 . 2009-11-25 14:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
  83. 2011-01-14 05:11 . 2009-11-25 14:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
  84. 2011-01-14 05:11 . 2009-11-25 14:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
  85. 2011-01-14 05:11 . 2009-11-25 14:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
  86. 2011-01-14 05:11 . 2009-11-25 14:47 444752 ----a-w- c:\windows\system32\mscoree.dll
  87. 2011-01-14 05:11 . 2009-11-25 14:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
  88. 2011-01-14 05:11 . 2009-11-25 14:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
  89. 2011-01-14 04:55 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
  90. 2011-01-14 04:55 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
  91. 2011-01-14 03:16 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
  92. 2011-01-14 03:16 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll
  93. 2011-01-14 03:16 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
  94. 2011-01-14 03:16 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
  95. 2011-01-14 03:14 . 2010-08-04 06:18 641536 ----a-w- c:\windows\SysWow64\CPFilters.dll
  96. 2011-01-14 03:14 . 2010-08-04 07:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
  97. 2011-01-14 03:14 . 2010-08-04 07:07 552960 ----a-w- c:\windows\system32\msdri.dll
  98. 2011-01-14 03:14 . 2010-08-04 07:05 258560 ----a-w- c:\windows\system32\mpg2splt.ax
  99. 2011-01-14 03:14 . 2010-08-04 07:05 288256 ----a-w- c:\windows\system32\MSNP.ax
  100. 2011-01-14 03:14 . 2010-08-04 06:15 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
  101. 2011-01-14 03:14 . 2010-08-04 06:15 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
  102. 2011-01-14 03:07 . 2010-06-29 05:39 2085376 ----a-w- c:\windows\system32\ole32.dll
  103. 2011-01-14 03:07 . 2010-06-29 05:35 4582912 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
  104. 2011-01-14 03:07 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
  105. 2011-01-14 03:07 . 2010-06-29 04:57 4247040 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe
  106. 2011-01-14 03:06 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
  107. 2011-01-14 03:06 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
  108. 2011-01-14 03:06 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
  109. 2011-01-14 03:06 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
  110. 2011-01-14 03:05 . 2010-03-24 06:59 1736608 ----a-w- c:\windows\system32\ntdll.dll
  111. 2011-01-14 03:05 . 2010-03-24 06:37 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
  112. 2011-01-14 03:05 . 2010-06-19 07:05 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
  113. 2011-01-14 03:05 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
  114. 2011-01-14 03:05 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
  115. 2011-01-14 03:04 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
  116. 2011-01-14 03:04 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
  117. 2011-01-14 03:04 . 2010-08-21 06:31 633856 ----a-w- c:\windows\system32\comctl32.dll
  118. 2011-01-14 03:04 . 2010-08-21 05:33 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
  119. 2011-01-14 03:04 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
  120. 2011-01-14 03:04 . 2010-02-27 07:52 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
  121. 2011-01-14 03:04 . 2010-02-27 07:52 125952 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
  122. 2011-01-14 03:04 . 2010-02-27 07:52 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
  123. 2011-01-14 03:04 . 2010-06-14 06:37 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
  124. 2011-01-14 03:02 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
  125. 2011-01-14 03:02 . 2010-03-04 07:57 976896 ----a-w- c:\windows\system32\inetcomm.dll
  126. 2011-01-14 03:02 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
  127. 2011-01-14 03:02 . 2010-03-04 07:33 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
  128. 2011-01-14 03:02 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
  129. 2011-01-14 03:02 . 2010-05-05 06:46 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
  130. 2011-01-14 03:02 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
  131. 2011-01-14 03:02 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
  132. 2011-01-14 03:02 . 2010-04-07 07:37 861184 ----a-w- c:\windows\system32\oleaut32.dll
  133. 2011-01-14 03:02 . 2010-04-07 07:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
  134. 2011-01-14 03:01 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
  135. 2011-01-14 03:00 . 2010-07-29 06:30 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
  136. 2011-01-14 03:00 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\SysWow64\msxml3.dll
  137. 2011-01-14 03:00 . 2010-06-08 05:36 1877504 ----a-w- c:\windows\system32\msxml3.dll
  138. 2011-01-14 02:59 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
  139. 2011-01-14 02:59 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
  140. 2011-01-14 02:59 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
  141. 2011-01-14 02:59 . 2010-07-13 05:37 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
  142. 2011-01-14 02:59 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll
  143.  
  144. .
  145. ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  146. .
  147. 2010-12-24 08:15 . 2010-12-24 08:15 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll
  148. 2010-12-24 08:15 . 2010-12-24 08:15 84992 ----a-w- c:\windows\system32\frapsv64.dll
  149. 2010-12-07 14:17 . 2010-12-07 14:17 51200 ----a-w- c:\windows\SysWow64\OpenCL.dll
  150. 2010-12-07 14:15 . 2010-12-07 14:15 52736 ----a-w- c:\windows\system32\OpenCL.dll
  151. 2010-11-26 04:20 . 2010-11-26 04:20 8120320 ----a-w- c:\windows\system32\drivers\atikmdag.sys
  152. 2010-11-26 03:19 . 2010-11-26 03:19 21610496 ----a-w- c:\windows\system32\atio6axx.dll
  153. 2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- c:\windows\SysWow64\atioglxx.dll
  154. 2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- c:\windows\system32\atiapfxx.exe
  155. 2010-11-26 02:58 . 2010-11-26 02:58 550400 ----a-w- c:\windows\SysWow64\aticfx32.dll
  156. 2010-11-26 02:57 . 2010-11-26 02:57 648704 ----a-w- c:\windows\system32\aticfx64.dll
  157. 2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
  158. 2010-11-26 02:54 . 2010-11-26 02:54 478720 ----a-w- c:\windows\system32\atieclxx.exe
  159. 2010-11-26 02:54 . 2010-11-26 02:54 203776 ----a-w- c:\windows\system32\atiesrxx.exe
  160. 2010-11-26 02:53 . 2010-11-26 02:53 120320 ----a-w- c:\windows\system32\atitmm64.dll
  161. 2010-11-26 02:52 . 2010-11-26 02:52 423424 ----a-w- c:\windows\system32\atipdl64.dll
  162. 2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
  163. 2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
  164. 2010-11-26 02:52 . 2010-11-26 02:52 16384 ----a-w- c:\windows\system32\atimuixx.dll
  165. 2010-11-26 02:52 . 2010-11-26 02:52 59392 ----a-w- c:\windows\system32\atiedu64.dll
  166. 2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
  167. 2010-11-26 02:49 . 2010-11-26 02:49 4066816 ----a-w- c:\windows\SysWow64\atidxx32.dll
  168. 2010-11-26 02:40 . 2010-04-16 13:55 4794368 ----a-w- c:\windows\system32\atidxx64.dll
  169. 2010-11-26 02:30 . 2010-11-26 02:30 51200 ----a-w- c:\windows\system32\aticalrt64.dll
  170. 2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- c:\windows\SysWow64\atiumdag.dll
  171. 2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
  172. 2010-11-26 02:30 . 2010-11-26 02:30 44544 ----a-w- c:\windows\system32\aticalcl64.dll
  173. 2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
  174. 2010-11-26 02:29 . 2010-11-26 02:29 6815232 ----a-w- c:\windows\system32\aticaldd64.dll
  175. 2010-11-26 02:29 . 2010-04-16 13:32 3217408 ----a-w- c:\windows\system32\atiumd6a.dll
  176. 2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll
  177. 2010-11-26 02:24 . 2010-04-16 13:05 58880 ----a-w- c:\windows\system32\coinst.dll
  178. 2010-11-26 02:24 . 2010-04-16 13:39 5258240 ----a-w- c:\windows\system32\atiumd64.dll
  179. 2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- c:\windows\SysWow64\atiumdva.dll
  180. 2010-11-26 02:17 . 2010-11-26 02:17 351232 ----a-w- c:\windows\system32\atiadlxx.dll
  181. 2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
  182. 2010-11-26 02:17 . 2010-11-26 02:17 14848 ----a-w- c:\windows\system32\atig6pxx.dll
  183. 2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
  184. 2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\system32\atiglpxx.dll
  185. 2010-11-26 02:17 . 2010-11-26 02:17 31744 ----a-w- c:\windows\system32\atig6txx.dll
  186. 2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- c:\windows\SysWow64\atigktxx.dll
  187. 2010-11-26 02:16 . 2010-11-26 02:16 289792 ----a-w- c:\windows\system32\drivers\atikmpag.sys
  188. 2010-11-26 02:16 . 2010-04-16 13:10 39936 ----a-w- c:\windows\system32\atiuxp64.dll
  189. 2010-11-26 02:15 . 2010-11-26 02:15 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
  190. 2010-11-26 02:15 . 2010-04-16 13:10 37888 ----a-w- c:\windows\system32\atiu9p64.dll
  191. 2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
  192. 2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
  193. 2010-11-26 02:09 . 2010-11-26 02:09 53760 ----a-w- c:\windows\system32\atimpc64.dll
  194. 2010-11-26 02:09 . 2010-11-26 02:09 53760 ----a-w- c:\windows\system32\amdpcom64.dll
  195. 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
  196. 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
  197. .
  198.  
  199. ((((((((((((((((((((((((((((( SnapShot@2011-01-28_00.34.34 )))))))))))))))))))))))))))))))))))))))))
  200. .
  201. + 2010-04-17 00:12 . 2010-04-17 00:12 48464 c:\windows\SysWOW64\sirenacm.dll
  202. + 2009-07-14 04:54 . 2011-01-31 18:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  203. - 2009-07-14 04:54 . 2011-01-28 00:35 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  204. - 2009-07-14 04:54 . 2011-01-28 00:35 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  205. + 2009-07-14 04:54 . 2011-01-31 18:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  206. + 2009-07-14 04:54 . 2011-01-31 18:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  207. - 2009-07-14 04:54 . 2011-01-28 00:35 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  208. + 2010-06-09 20:17 . 2011-01-31 18:09 53342 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
  209. + 2009-07-14 05:10 . 2011-01-31 12:09 42818 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
  210. + 2011-01-28 20:53 . 2011-01-28 14:46 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
  211. + 2009-07-14 05:30 . 2011-01-31 01:53 86016 c:\windows\system32\DriverStore\infpub.dat
  212. - 2009-07-14 05:30 . 2011-01-24 20:33 86016 c:\windows\system32\DriverStore\infpub.dat
  213. + 2011-01-13 16:12 . 2011-01-31 13:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  214. - 2011-01-13 16:12 . 2011-01-27 02:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  215. - 2011-01-13 16:12 . 2011-01-27 02:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  216. + 2011-01-13 16:12 . 2011-01-31 13:18 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  217. + 2009-07-14 04:54 . 2011-01-31 13:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  218. - 2009-07-14 04:54 . 2011-01-27 02:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  219. - 2011-01-13 15:41 . 2011-01-28 00:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  220. + 2011-01-13 15:41 . 2011-01-31 18:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  221. + 2009-07-14 04:46 . 2011-01-31 01:45 78552 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
  222. - 2009-07-14 04:46 . 2011-01-26 16:54 78552 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
  223. - 2011-01-13 15:41 . 2011-01-28 00:34 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  224. + 2011-01-13 15:41 . 2011-01-31 18:23 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  225. - 2011-01-13 15:41 . 2011-01-28 00:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  226. + 2011-01-13 15:41 . 2011-01-31 18:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  227. + 2011-01-13 16:18 . 2011-01-31 18:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  228. - 2011-01-13 16:18 . 2011-01-28 00:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  229. + 2011-01-13 16:18 . 2011-01-31 18:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  230. - 2011-01-13 16:18 . 2011-01-28 00:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  231. + 2011-01-31 13:22 . 2011-01-31 13:22 80395 c:\windows\Installer\{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}\MsblIco.Exe
  232. - 2011-01-13 22:40 . 2011-01-14 05:13 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
  233. + 2011-01-13 22:40 . 2011-01-31 01:10 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
  234. + 2011-01-13 22:40 . 2011-01-31 01:10 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
  235. - 2011-01-13 22:40 . 2011-01-14 05:13 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
  236. - 2011-01-13 22:40 . 2011-01-14 05:13 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
  237. + 2011-01-13 22:40 . 2011-01-31 01:10 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
  238. + 2011-01-31 13:23 . 2011-01-31 13:23 58945 c:\windows\Installer\{74AD1846-2010-4FB1-8E24-B6F2B87150C2}\wlmail.exe
  239. - 2010-06-09 20:23 . 2010-06-09 20:23 58945 c:\windows\Installer\{74AD1846-2010-4FB1-8E24-B6F2B87150C2}\wlmail.exe
  240. + 2011-01-31 13:21 . 2011-01-31 13:21 61272 c:\windows\Installer\{590035D9-BFA0-406A-A7F0-479C72C0DDB2}\IconWlc.exe
  241. + 2011-01-28 13:47 . 2011-01-28 13:47 79591 c:\windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
  242. + 2009-03-04 19:24 . 2009-03-04 19:24 54088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCANOST.EXE
  243. + 2009-03-04 19:24 . 2009-03-04 19:24 75608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RM.DLL
  244. + 2009-03-04 19:24 . 2009-03-04 19:24 38240 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RECALL.DLL
  245. + 2009-01-06 23:31 . 2009-01-06 23:31 48512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PUBTRAP.DLL
  246. + 2009-03-04 19:24 . 2009-03-04 19:24 52072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLVBA.DLL
  247. + 2008-10-25 10:18 . 2008-10-25 10:18 72568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONFILTER.DLL
  248. + 2008-10-25 10:18 . 2008-10-25 10:18 98696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONENOTEM.EXE
  249. + 2009-03-04 19:24 . 2009-03-04 19:24 34192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\DUMPSTER.DLL
  250. + 2009-03-04 19:24 . 2009-03-04 19:24 87392 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\DLGSETP.DLL
  251. + 2006-10-27 00:58 . 2006-10-27 00:58 33080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VPREVIEW.EXE
  252. + 2011-01-31 14:24 . 2011-01-31 14:24 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\0d9adaa1c63686d47cf8a7291458820a\WindowsLiveWriter.ni.exe
  253. + 2011-01-31 14:24 . 2011-01-31 14:24 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0ec06f3317768326bcf1b6709b33cf40\WindowsLive.Writer.Api.ni.dll
  254. - 2011-01-14 20:00 . 2011-01-25 22:51 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat
  255. + 2011-01-14 20:00 . 2011-01-28 13:28 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat
  256. + 2011-01-13 15:19 . 2011-01-31 12:09 9734 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1714132331-4275533838-2098728829-1001_UserData.bin
  257. + 2011-01-13 16:15 . 2011-01-28 15:53 9560 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_48.bin
  258. - 2011-01-13 16:15 . 2011-01-13 16:16 9560 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_48.bin
  259. + 2011-01-13 16:15 . 2011-01-28 15:53 4280 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_32.bin
  260. - 2011-01-13 16:15 . 2011-01-13 16:16 4280 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_32.bin
  261. + 2011-01-13 16:15 . 2011-01-28 15:53 2456 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_24.bin
  262. - 2011-01-13 16:15 . 2011-01-13 16:16 2456 c:\windows\system32\NetworkList\Icons\{C8E83617-25CE-4AB9-9D0C-E166FB589A16}_24.bin
  263. - 2011-01-28 00:33 . 2011-01-28 00:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  264. + 2011-01-31 18:22 . 2011-01-31 18:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  265. + 2011-01-31 18:22 . 2011-01-31 18:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  266. - 2011-01-28 00:33 . 2011-01-28 00:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  267. + 2010-04-17 02:21 . 2010-04-17 02:21 306544 c:\windows\WLXPGSS.SCR
  268. + 2011-01-14 00:37 . 2011-01-28 01:04 111928 c:\windows\SysWOW64\PnkBstrB.exe
  269. - 2011-01-14 00:37 . 2011-01-27 11:56 111928 c:\windows\SysWOW64\PnkBstrB.exe
  270. - 2009-07-14 05:30 . 2011-01-24 20:33 143360 c:\windows\system32\DriverStore\infstrng.dat
  271. + 2009-07-14 05:30 . 2011-01-31 01:53 143360 c:\windows\system32\DriverStore\infstrng.dat
  272. + 2009-07-14 05:30 . 2011-01-31 01:53 143360 c:\windows\system32\DriverStore\infstor.dat
  273. - 2009-07-14 05:30 . 2011-01-24 20:33 143360 c:\windows\system32\DriverStore\infstor.dat
  274. - 2010-09-03 20:56 . 2011-01-26 16:19 995112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
  275. + 2010-09-03 20:56 . 2011-01-29 14:25 995112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
  276. - 2009-07-14 05:01 . 2011-01-28 00:33 461788 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  277. + 2009-07-14 05:01 . 2011-01-31 18:21 461788 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  278. - 2011-01-13 16:15 . 2011-01-28 00:33 924068 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1714132331-4275533838-2098728829-1001-8192.dat
  279. + 2011-01-13 16:15 . 2011-01-31 18:21 924068 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1714132331-4275533838-2098728829-1001-8192.dat
  280. + 2010-04-16 21:33 . 2010-04-16 21:33 739840 c:\windows\Installer\4c8e4a.msi
  281. + 2010-04-16 21:36 . 2010-04-16 21:36 925184 c:\windows\Installer\4c8e35.msi
  282. + 2010-04-16 20:39 . 2010-04-16 20:39 961024 c:\windows\Installer\4c8e1a.msi
  283. + 2010-08-04 17:13 . 2010-08-04 17:13 686080 c:\windows\Installer\35bcc7.msp
  284. + 2009-05-26 20:53 . 2009-05-26 20:53 579072 c:\windows\Installer\35bb96.msp
  285. + 2010-07-23 03:03 . 2010-07-23 03:03 338432 c:\windows\Installer\35bb67.msp
  286. - 2011-01-13 22:40 . 2011-01-14 05:13 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
  287. + 2011-01-13 22:40 . 2011-01-31 01:10 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
  288. - 2011-01-13 22:40 . 2011-01-14 05:13 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
  289. + 2011-01-13 22:40 . 2011-01-31 01:10 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
  290. + 2011-01-13 22:40 . 2011-01-31 01:10 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
  291. - 2011-01-13 22:40 . 2011-01-14 05:13 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
  292. - 2011-01-13 22:40 . 2011-01-14 05:13 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
  293. + 2011-01-13 22:40 . 2011-01-31 01:10 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
  294. + 2011-01-13 22:40 . 2011-01-31 01:10 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
  295. - 2011-01-13 22:40 . 2011-01-14 05:13 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
  296. + 2011-01-13 22:40 . 2011-01-31 01:10 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
  297. - 2011-01-13 22:40 . 2011-01-14 05:13 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
  298. - 2011-01-13 22:40 . 2011-01-14 05:13 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
  299. + 2011-01-13 22:40 . 2011-01-31 01:10 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
  300. + 2011-01-31 13:24 . 2011-01-31 13:24 132096 c:\windows\Installer\{87A9C015-C2BA-44EE-9C20-6E1A764B8E23}\WLXPhotoGalleryIcon.exe
  301. + 2007-10-31 13:48 . 2007-10-31 13:48 679936 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB7449A0100000010\9.1.0\icucnv36.dll
  302. + 2009-04-03 20:11 . 2009-04-03 20:11 408424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WINWORD.EXE
  303. + 2009-03-06 04:37 . 2009-03-06 04:37 501640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SOA.DLL
  304. + 2009-03-04 19:24 . 2009-03-04 19:24 282032 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCNPST64.DLL
  305. + 2009-03-04 19:24 . 2009-03-04 19:24 273320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCNPST32.DLL
  306. + 2009-03-06 04:06 . 2009-03-06 04:06 407904 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RTFHTML.DLL
  307. + 2009-03-06 06:26 . 2009-03-06 06:26 770464 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\REGFORM.EXE
  308. + 2009-03-06 05:41 . 2009-03-06 05:41 589704 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PUBCONV.DLL
  309. + 2009-01-08 12:59 . 2009-01-08 12:59 624520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PTXT9.DLL
  310. + 2009-03-04 19:24 . 2009-03-04 19:24 420696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PSTPRX32.DLL
  311. + 2008-10-25 08:21 . 2008-10-25 08:21 136072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PRTF9.DLL
  312. + 2011-01-14 05:04 . 2011-01-14 05:04 350064 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPTPIA.DLL
  313. + 2009-04-03 20:04 . 2009-04-03 20:04 521064 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\POWERPNT.EXE
  314. + 2008-11-21 02:49 . 2008-11-21 02:49 169360 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLPH.DLL
  315. + 2009-03-06 04:05 . 2009-03-06 04:05 593288 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLMIME.DLL
  316. + 2008-10-30 23:24 . 2008-10-30 23:24 137552 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLCTL.DLL
  317. + 2008-10-25 09:52 . 2008-10-25 09:52 664968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONBTTNOL.DLL
  318. + 2008-10-25 09:52 . 2008-10-25 09:52 604056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONBTTNIE.DLL
  319. + 2009-03-06 06:55 . 2009-03-06 06:55 194448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OMSXP32.DLL
  320. + 2009-03-06 06:55 . 2009-03-06 06:55 661888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OMSMAIN.DLL
  321. + 2009-03-04 19:24 . 2009-03-04 19:24 253808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OLKFSTUB.DLL
  322. + 2008-11-04 06:13 . 2008-11-04 06:13 118128 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSCONV97.DLL
  323. + 2009-03-04 19:24 . 2009-03-04 19:24 340304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MIMEDIR.DLL
  324. + 2011-01-14 05:03 . 2011-01-14 05:03 118176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPOMINT.DLL
  325. + 2008-10-25 11:27 . 2008-10-25 11:27 177040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPOLK.DLL
  326. + 2009-03-04 19:24 . 2009-03-04 19:24 138072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IMPMAIL.DLL
  327. + 2008-11-21 02:48 . 2008-11-21 02:48 116600 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\EMABLT32.DLL
  328. + 2009-03-06 04:05 . 2009-03-06 04:05 127336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\CONTAB32.DLL
  329. + 2008-10-26 08:26 . 2008-10-26 08:26 162680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ACCWIZ.DLL
  330. + 2011-01-31 14:24 . 2011-01-31 14:24 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f7fd60ec1e055195cff44b6b612e8b94\WindowsLiveLocal.WriterPlugin.ni.dll
  331. + 2011-01-31 14:24 . 2011-01-31 14:24 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fa08a1192d388f020e4895758170165d\WindowsLive.Writer.Extensibility.ni.dll
  332. + 2011-01-31 14:24 . 2011-01-31 14:24 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc9bab4911e09f3db049d07cc73ef319\WindowsLive.Writer.SpellChecker.ni.dll
  333. + 2011-01-31 14:24 . 2011-01-31 14:24 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf253041caaaa01681d50ff6dcdfa1f6\WindowsLive.Writer.Interop.Mshtml.ni.dll
  334. + 2011-01-31 14:24 . 2011-01-31 14:24 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b24ffcd0ee0b1ffea1abf0680b18f407\WindowsLive.Writer.Mshtml.ni.dll
  335. + 2011-01-31 14:24 . 2011-01-31 14:24 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b15a78002b81c96ebc5b849a43718c24\WindowsLive.Writer.BlogClient.ni.dll
  336. + 2011-01-31 14:24 . 2011-01-31 14:24 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8e12153308302a64ae55dd6dfe05b2ba\WindowsLive.Writer.Interop.ni.dll
  337. + 2011-01-31 14:24 . 2011-01-31 14:24 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8aba8eb4be1e95499f777c29269ba2ec\WindowsLive.Writer.Passport.ni.dll
  338. + 2011-01-31 14:24 . 2011-01-31 14:24 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\77a8a1c6fdbe567ced8e7be4beeab6d1\WindowsLive.Writer.HtmlParser.ni.dll
  339. + 2011-01-31 14:24 . 2011-01-31 14:24 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\694d37e7806a2a60997047e14e43d52d\WindowsLive.Writer.Instrumentation.ni.dll
  340. + 2011-01-31 14:24 . 2011-01-31 14:24 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\64b474d84f170f39df3f27e10542f9e9\WindowsLive.Writer.Localization.ni.dll
  341. + 2011-01-31 14:24 . 2011-01-31 14:24 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2badb0ed6315c0766f56e8fa9c75c612\WindowsLive.Writer.Controls.ni.dll
  342. + 2011-01-31 14:24 . 2011-01-31 14:24 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2a2a99b7a864049d6fde2c749f250824\WindowsLive.Writer.BrowserControl.ni.dll
  343. + 2011-01-31 14:24 . 2011-01-31 14:24 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\15aa5f4cdf8453080d55e95bab73674c\WindowsLive.Writer.HtmlEditor.ni.dll
  344. + 2011-01-31 14:24 . 2011-01-31 14:24 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0cf057c1283272f9314dd4e8519d169b\WindowsLive.Writer.FileDestinations.ni.dll
  345. + 2011-01-31 14:24 . 2011-01-31 14:24 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\13c07fe62193146d307459e5fb631517\WindowsLive.Client.ni.dll
  346. + 2011-01-31 01:06 . 2011-01-31 01:06 117144 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
  347. - 2011-01-14 05:04 . 2011-01-14 05:04 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
  348. + 2011-01-31 01:05 . 2011-01-31 01:05 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
  349. + 2009-08-18 01:33 . 2009-08-18 01:33 1193832 c:\windows\SysWOW64\FM20.DLL
  350. + 2009-07-14 02:34 . 2011-01-31 18:20 9961472 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
  351. - 2009-07-14 02:34 . 2011-01-27 07:35 9961472 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
  352. + 2009-07-14 04:45 . 2011-01-31 01:36 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
  353. - 2009-07-14 04:45 . 2011-01-26 16:22 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
  354. + 2010-04-16 21:46 . 2010-04-16 21:46 6758912 c:\windows\Installer\4c8f43.msi
  355. + 2010-04-16 23:57 . 2010-04-16 23:57 1462784 c:\windows\Installer\4c8edc.msi
  356. + 2010-04-17 03:27 . 2010-04-17 03:27 3279872 c:\windows\Installer\4c8e97.msi
  357. + 2010-09-17 08:04 . 2010-09-17 08:04 9401856 c:\windows\Installer\35bd61.msp
  358. + 2010-10-21 20:10 . 2010-10-21 20:10 3995136 c:\windows\Installer\35bd49.msp
  359. + 2010-02-21 03:03 . 2010-02-21 03:03 4472832 c:\windows\Installer\35bd2d.msp
  360. + 2010-08-13 20:01 . 2010-08-13 20:01 8993280 c:\windows\Installer\35bd0f.msp
  361. + 2010-08-13 19:59 . 2010-08-13 19:59 8182272 c:\windows\Installer\35bcf7.msp
  362. + 2010-08-13 20:02 . 2010-08-13 20:02 2545664 c:\windows\Installer\35bcdf.msp
  363. + 2010-10-07 20:43 . 2010-10-07 20:43 1980416 c:\windows\Installer\35bcaf.msp
  364. + 2010-08-13 20:00 . 2010-08-13 20:00 9404928 c:\windows\Installer\35bc97.msp
  365. + 2009-08-05 09:49 . 2009-08-05 09:49 3457024 c:\windows\Installer\35bc7d.msp
  366. + 2010-03-24 20:54 . 2010-03-24 20:54 3126272 c:\windows\Installer\35bc62.msp
  367. + 2010-03-24 20:54 . 2010-03-24 20:54 2516992 c:\windows\Installer\35bc61.msp
  368. + 2009-07-27 06:31 . 2009-07-27 06:31 3738624 c:\windows\Installer\35bc36.msp
  369. + 2010-04-24 19:07 . 2010-04-24 19:07 4667392 c:\windows\Installer\35bc1e.msp
  370. + 2010-05-20 21:57 . 2010-05-20 21:57 4989952 c:\windows\Installer\35bbd0.msp
  371. + 2010-05-20 21:57 . 2010-05-20 21:57 5907456 c:\windows\Installer\35bbcf.msp
  372. + 2009-10-16 09:08 . 2009-10-16 09:08 2237952 c:\windows\Installer\35bbae.msp
  373. + 2009-08-18 15:08 . 2009-08-18 15:08 1373696 c:\windows\Installer\35bb7f.msp
  374. + 2010-08-04 17:12 . 2010-08-04 17:12 1004544 c:\windows\Installer\35bb4f.msp
  375. + 2010-01-27 22:28 . 2010-01-27 22:28 2706432 c:\windows\Installer\331e3.msi
  376. + 2010-01-05 03:26 . 2010-01-05 03:26 2397184 c:\windows\Installer\331d3.msi
  377. + 2010-11-08 07:14 . 2010-11-08 07:14 3402752 c:\windows\Installer\13d868.msp
  378. + 2011-01-13 22:40 . 2011-01-31 01:10 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
  379. - 2011-01-13 22:40 . 2011-01-14 05:13 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
  380. - 2011-01-13 22:40 . 2011-01-14 05:13 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
  381. + 2011-01-13 22:40 . 2011-01-31 01:10 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
  382. + 2009-04-03 19:57 . 2009-04-03 19:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WRD12CNV.DLL
  383. + 2008-11-21 05:12 . 2008-11-21 05:12 3750256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VVIEWER.DLL
  384. + 2008-10-25 11:35 . 2008-10-25 11:35 1847160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VVIEWDWG.DLL
  385. + 2008-08-26 00:50 . 2008-08-26 00:50 2585592 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VBE6.DLL
  386. + 2008-11-10 04:41 . 2008-11-10 04:41 2014584 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPTVIEW.EXE
  387. + 2009-04-03 20:04 . 2009-04-03 20:04 8468840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPCORE.DLL
  388. + 2009-03-06 06:00 . 2009-03-06 06:00 6596472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONMAIN.DLL
  389. + 2008-11-10 12:49 . 2008-11-10 12:49 1165680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONLIBS.DLL
  390. + 2008-11-25 00:16 . 2008-11-25 00:16 1020776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONENOTE.EXE
  391. + 2009-03-06 04:05 . 2009-03-06 04:05 2964336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OLMAPI32.DLL
  392. + 2009-02-05 13:36 . 2009-02-05 13:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OGL.DLL
  393. + 2009-03-06 05:41 . 2009-03-06 05:41 9589096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSPUB.EXE
  394. + 2009-03-06 06:26 . 2009-03-06 06:26 5291376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPEDITOR.DLL
  395. + 2009-03-06 06:26 . 2009-03-06 06:26 5466488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPDESIGN.DLL
  396. + 2008-11-04 02:40 . 2008-11-04 02:40 1442160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\INFOPATH.EXE
  397. + 2008-11-21 01:06 . 2008-11-21 01:06 1194848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\FM20.DLL
  398. + 2011-01-31 14:24 . 2011-01-31 14:24 2018304 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f828a61896f09dd5f4f3f186d93b56fa\WindowsLive.Writer.CoreServices.ni.dll
  399. + 2011-01-31 14:24 . 2011-01-31 14:24 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9360b24f6a56246222f7a1e0dcdb344b\WindowsLive.Writer.PostEditor.ni.dll
  400. + 2011-01-31 14:24 . 2011-01-31 14:24 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\88325bb9e11cc464049b03682943dcf5\WindowsLive.Writer.ApplicationFramework.ni.dll
  401. - 2010-09-03 20:10 . 2010-09-03 20:10 13705216 c:\windows\Installer\ValiditySensors4.1.139.0.msi
  402. + 2010-09-03 20:10 . 2011-01-31 01:52 13705216 c:\windows\Installer\ValiditySensors4.1.139.0.msi
  403. + 2010-04-17 05:41 . 2010-04-17 05:41 18208768 c:\windows\Installer\4c8f1f.msi
  404. + 2010-04-17 03:24 . 2010-04-17 03:24 14837760 c:\windows\Installer\4c8eca.msi
  405. + 2010-04-17 03:24 . 2010-04-17 03:24 25367552 c:\windows\Installer\4c8e78.msi
  406. + 2010-12-21 15:06 . 2010-12-21 15:06 11570688 c:\windows\Installer\35bbf5.msp
  407. + 2010-07-23 03:04 . 2010-07-23 03:04 11395072 c:\windows\Installer\35bb46.msp
  408. + 2011-01-31 01:52 . 2011-01-31 01:52 13705216 c:\windows\Installer\222b3.msi
  409. + 2010-09-23 13:12 . 2010-09-23 13:12 28854784 c:\windows\Installer\13d869.msp
  410. + 2009-04-03 20:01 . 2009-04-03 20:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\XL12CNV.EXE
  411. + 2009-04-03 20:11 . 2009-04-03 20:11 17740136 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WWLIB.DLL
  412. + 2009-03-06 04:06 . 2009-03-06 04:06 12707696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLOOK.EXE
  413. + 2009-04-03 20:46 . 2009-04-03 20:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSO.DLL
  414. + 2009-03-06 04:37 . 2009-03-06 04:37 10222432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSACCESS.EXE
  415. + 2009-04-03 20:11 . 2009-04-03 20:11 18330984 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\EXCEL.EXE
  416. .
  417. -- Snapshot resetado para data atual --
  418. .
  419. (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
  420. .
  421. .
  422. *Nota* entradas vazias e legítimas por defeito não são mostradas.
  423. REGEDIT4
  424.  
  425. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  426. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  427. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  428. 2010-10-06 23:36 94208 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  429.  
  430. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  431. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  432. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  433. 2010-10-06 23:36 94208 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  434.  
  435. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  436. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  437. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  438. 2010-10-06 23:36 94208 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  439.  
  440. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  441. "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
  442. "KennyKerr.WindowClippings.HotKey"="f:\programas\winClip2.1\WindowClippings.exe" [2008-08-08 238520]
  443. "KennyKerr.WindowClippings.Icon"="f:\programas\winClip2.1\WindowClippings.exe" [2008-08-08 238520]
  444. "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2008-10-20 210208]
  445.  
  446. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  447. "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
  448. "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
  449. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
  450. "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
  451. "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
  452. "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
  453. "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
  454.  
  455. c:\users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  456. Dropbox.lnk - c:\users\Gustavo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]
  457.  
  458. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  459. Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-1-28 1123616]
  460.  
  461. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  462. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  463. "ConsentPromptBehaviorUser"= 3 (0x3)
  464. "EnableUIADesktopToggle"= 0 (0x0)
  465.  
  466. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  467. "mixer2"=wdmaud.drv
  468.  
  469. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
  470. @="Service"
  471.  
  472. R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
  473. R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
  474. R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
  475. R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
  476. R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
  477. R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-09 239136]
  478. R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
  479. R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
  480. R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
  481. R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-14 1255736]
  482. R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
  483. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-13 254528]
  484. S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [2009-11-11 20056]
  485. S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-01-18 226448]
  486. S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-01-18 54864]
  487. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
  488. S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2011/01/13 19:20];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-02-22 19:23 146928]
  489. S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [2009-03-03 89600]
  490. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]
  491. S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-03-06 338168]
  492. S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
  493. S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
  494. S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
  495. S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]
  496. S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
  497. S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
  498. S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-02-04 328232]
  499. S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-04 39464]
  500. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
  501. S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
  502. S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 154256]
  503. S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-01-18 173840]
  504.  
  505.  
  506. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  507. 2010-01-22 14:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
  508. .
  509. Conteúdo da pasta 'Tarefas Agendadas'
  510.  
  511. 2011-01-26 c:\windows\Tasks\HPCeeScheduleForGustavo.job
  512. - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 06:53]
  513. .
  514.  
  515. --------- x86-64 -----------
  516.  
  517.  
  518. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  519. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  520. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  521. 2010-10-06 23:36 97792 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  522.  
  523. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  524. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  525. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  526. 2010-10-06 23:36 97792 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  527.  
  528. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  529. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  530. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  531. 2010-10-06 23:36 97792 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  532.  
  533. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  534. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  535. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  536. 2010-10-06 23:36 97792 ----a-w- c:\users\Gustavo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  537.  
  538. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  539. "combofix"="c:\combofix\CF25787.cfxxe" [X]
  540. "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
  541. "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-01 487424]
  542. "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
  543. "HPToneControl"="c:\program files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [2009-08-19 107832]
  544. "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-06-09 172032]
  545. "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-01-27 8192]
  546. "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
  547. "HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]
  548. .
  549. ------- Scan Suplementar -------
  550. .
  551. uStart Page = hxxp://search.orbitdownloader.com
  552. uLocal Page = c:\windows\system32\blank.htm
  553. mLocal Page = c:\windows\SysWOW64\blank.htm
  554. IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
  555. IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
  556. IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
  557. IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
  558. IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
  559. IE: Enviar imagem para Dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  560. IE: Enviar página para Dispositivo &Bluetooth ... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  561. FF - ProfilePath - c:\users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\dqjywldj.default\
  562. FF - prefs.js: browser.startup.homepage - hxxp://pt-BR.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official
  563. FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  564. FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - c:\program files (x86)\DigitalPersona\Bin\FirefoxExt
  565. FF - Ext: Auto Shutdown: amin.eft_Shutdown@gmail.com - %profile%\extensions\amin.eft_Shutdown@gmail.com
  566. FF - Ext: FEBE: {4BBDD651-70CF-4821-84F8-2B918CF89CA3} - %profile%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
  567. FF - Ext: ColorZilla: {6AC85730-7D0F-4de0-B3FA-21142DD85326} - %profile%\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
  568. FF - Ext: Dicionário para Ortografia pt-BR: pt-BR@dictionaries.addons.mozilla.org - %profile%\extensions\pt-BR@dictionaries.addons.mozilla.org
  569. FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
  570. FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
  571. FF - Ext: LinkChecker: {49f3fc85-dcfe-4e42-9301-226ebe658509} - %profile%\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}
  572. FF - Ext: MeasureIt: {75CEEE46-9B64-46f8-94BF-54012DE155F0} - %profile%\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
  573. FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
  574. FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.com
  575. FF - Ext: User Agent Switcher: {e968fc70-8f95-4ab9-9e79-304de2a71ee1} - %profile%\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
  576. FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
  577. .
  578.  
  579. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
  580. "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
  581. .
  582. --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
  583.  
  584. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
  585. @Denied: (A 2) (Everyone)
  586. @="FlashBroker"
  587. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
  588.  
  589. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
  590. "Enabled"=dword:00000001
  591.  
  592. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
  593. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
  594.  
  595. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
  596. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  597.  
  598. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  599. @Denied: (A 2) (Everyone)
  600. @="Shockwave Flash Object"
  601.  
  602. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  603. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
  604. "ThreadingModel"="Apartment"
  605.  
  606. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  607. @="0"
  608.  
  609. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  610. @="ShockwaveFlash.ShockwaveFlash.10"
  611.  
  612. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  613. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
  614.  
  615. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  616. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  617.  
  618. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  619. @="1.0"
  620.  
  621. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  622. @="ShockwaveFlash.ShockwaveFlash"
  623.  
  624. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  625. @Denied: (A 2) (Everyone)
  626. @="Macromedia Flash Factory Object"
  627.  
  628. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  629. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
  630. "ThreadingModel"="Apartment"
  631.  
  632. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  633. @="FlashFactory.FlashFactory.1"
  634.  
  635. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  636. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
  637.  
  638. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  639. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  640.  
  641. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  642. @="1.0"
  643.  
  644. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  645. @="FlashFactory.FlashFactory"
  646.  
  647. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
  648. @Denied: (A 2) (Everyone)
  649. @="IFlashBroker3"
  650.  
  651. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
  652. @="{00020424-0000-0000-C000-000000000046}"
  653.  
  654. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
  655. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  656. "Version"="1.0"
  657.  
  658. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  659. @Denied: (Full) (Everyone)
  660. .
  661. ------------------------ Outros Processos em Execução ------------------------
  662. .
  663. c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
  664. c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
  665. c:\windows\SysWOW64\PnkBstrA.exe
  666. c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe
  667. c:\program files (x86)\Panda USB Vaccine\USBVaccine.exe
  668. c:\windows\SysWOW64\RunDll32.exe
  669. c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
  670. .
  671. **************************************************************************
  672. .
  673. Tempo para conclusão: 2011-01-31 16:28:23 - Máquina reiniciou
  674. ComboFix-quarantined-files.txt 2011-01-31 18:28
  675. ComboFix2.txt 2011-01-28 00:39
  676.  
  677. Pré-execução: 219.364.659.200 bytes disponíveis
  678. Pós execução: 219.158.917.120 bytes disponíveis
  679.  
  680. - - End Of File - - 6195DA707868D79824A473EB944738B4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!