Remoção de vírus

Mr.Wolf · 10/05/2010

Megadeeth disse:
Hj quando liguei o pc de manhã apareceu um erro dizendo q o arquivo 00001 do sistema tava corrompido.

Este erro geralmente está relacionado a um Vírus de Boot. Pois a praga modifica o MBR do HD e, antes que o sistema inicialize, gera este erro devido a modificação feita no setor de boot.

Vamos ver...

Vá em Iniciar > Executar, digite win.ini e dê um OK.

Copie e cole aqui o conteúdo que abrirá no Bloco de Notas.

Xleon · 10/05/2010

Fala Mr. Wolf,

log.txt
Logfile of random's system information tool 1.07 (written by random/random)
Run by Deborah at 2010-05-10 16:53:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 207 GB (70%) free of 295 GB
Total RAM: 3962 MB (63% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-26 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540000}]
GbIehObj Class - C:\Program Files (x86)\GbPlugin\gbieh.dll [2010-04-30 328992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-21 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"SmartWiHelper"=C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [2009-03-05 77824]
"Intuit SyncManager"=C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2008-09-09 623880]
"RegistrationReminder"=C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-03-24 2053936]
"VAIOSurvey"=C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2008-07-25 385024]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2008-12-18 317288]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-07-13 292128]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Hiyo"=C:\Program Files (x86)\HiYo\bin\HiYo.exe [2010-03-22 247152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-06 39408]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
QuickBooks Update Agent.lnk - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginBb]
C:\Program Files (x86)\GbPlugin\gbieh.dll [2010-04-30 328992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2009-01-19 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"=C:\Program Files (x86)\GbPlugin\gbieh.dll [2010-04-30 328992]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c2da-84c2-11de-9463-0024338b2fd4}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c32b-84c2-11de-9463-0024338b2fd4}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c351-84c2-11de-9463-0024338b2fd4}]
shell\AutoRun\command - F:\AutoRun.exe

======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-10 16:53:12 ----D---- C:\rsit
2010-05-09 11:37:20 ----A---- C:\Windows\SysWOW64\$FFPROFINI$prefs.js
2010-05-09 11:36:45 ----D---- C:\Program Files (x86)\Trend Micro
2010-05-08 12:55:02 ----D---- C:\Users\Deborah\AppData\Roaming\Malwarebytes
2010-05-08 12:54:41 ----D---- C:\ProgramData\Malwarebytes
2010-05-08 12:54:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-04-26 20:53:31 ----D---- C:\ProgramData\Sun
2010-04-26 20:53:02 ----A---- C:\Windows\SysWOW64\javaws.exe
2010-04-26 20:53:02 ----A---- C:\Windows\SysWOW64\javaw.exe
2010-04-26 20:53:02 ----A---- C:\Windows\SysWOW64\java.exe
2010-04-26 20:53:02 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2010-04-26 19:59:16 ----D---- C:\ProgramData\Alwil Software
2010-04-22 15:02:53 ----A---- C:\Windows\SysWOW64\MSJCE.dll
2010-04-22 15:00:33 ----D---- C:\Arquivos de Programas RFB
2010-04-15 16:09:57 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-04-13 18:33:54 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-04-13 18:33:52 ----A---- C:\Windows\SysWOW64\cabview.dll
======List of files/folders modified in the last 1 months======
2010-05-10 16:53:06 ----D---- C:\Windows\Temp
2010-05-10 16:49:17 ----D---- C:\ProgramData\GbPlugin
2010-05-10 16:49:17 ----AD---- C:\Windows\SysWOW64\drivers
2010-05-10 16:49:10 ----D---- C:\Program Files (x86)
2010-05-10 16:49:09 ----HD---- C:\ProgramData
2010-05-10 16:49:09 ----D---- C:\Program Files (x86)\GbPlugin
2010-05-09 11:47:12 ----SHD---- C:\Windows\Installer
2010-05-09 11:47:08 ----D---- C:\Windows\winsxs
2010-05-09 11:46:44 ----SHD---- C:\System Volume Information
2010-05-09 11:45:39 ----D---- C:\Program Files (x86)\Iminent
2010-05-09 11:37:41 ----D---- C:\Windows\SysWOW64
2010-05-09 11:37:37 ----RSD---- C:\Windows\assembly
2010-05-08 14:39:00 ----D---- C:\Windows\System32
2010-05-08 14:39:00 ----D---- C:\Windows\inf
2010-05-08 13:02:24 ----D---- C:\Windows\Prefetch
2010-04-29 15:00:16 ----RSD---- C:\Windows\Fonts
2010-04-29 15:00:10 ----D---- C:\Users\Deborah\AppData\Roaming\Skype
2010-04-29 14:30:40 ----D---- C:\Users\Deborah\AppData\Roaming\skypePM
2010-04-26 20:53:29 ----D---- C:\Program Files (x86)\Common Files\Java
2010-04-26 20:52:55 ----D---- C:\Program Files (x86)\Java
2010-04-26 19:59:16 ----RD---- C:\Program Files
2010-04-22 15:02:53 ----D---- C:\Program Files (x86)\Programas RFB
2010-04-16 18:31:50 ----D---- C:\Windows\Minidump
2010-04-16 18:31:31 ----D---- C:\Windows
2010-04-16 14:04:34 ----D---- C:\Program Files (x86)\Windows Mail
2010-04-14 14:38:52 ----D---- C:\Program Files (x86)\Google
2010-04-13 19:47:32 ----SD---- C:\Users\Deborah\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys []
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys []
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys []
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimssn64.sys []
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2008-11-25 10216]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Dispositivo Celular da Apple; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-01-24 839720]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-08-20 1449984]
R2 GbpSv;Gbp Service; C:\PROGRA~2\GbPlugin\GbpSv.exe [2010-04-30 55072]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 QBCFMonitorService;QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [2008-09-11 24576]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-08-20 826368]
R2 SampleCollector;Intel(R) Sample Collector; C:\Program Files\Sony\VAIO Care\collsvc.exe [2008-09-29 167424]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2009-01-19 203624]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 411496]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-21 192512]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe []
R3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-07-13 542496]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-21 313264]
S2 gupdate1c9ce4d60c26918;Google Update Service (gupdate1c9ce4d60c26918); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-05-06 133104]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 fsssvc;Serviço Windows Live Proteção para a Família; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 182768]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2009-01-08 114688]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]
S3 QBFCService;Intuit QuickBooks FCS; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [2008-08-09 61440]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-01-20 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-01-20 70952]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-01-20 390440]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-01-20 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-01-20 91432]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-21 69632]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-01-17 110376]
-----------------EOF-----------------

info.txt
info.txt logfile of random's system information tool 1.06 2010-05-10 16:53:28
======Uninstall list======
-->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B2C4A8C4-AA20-425D-9FEE-C78039238C81}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly
-->MsiExec.exe /I{9A2F0810-369F-4E86-9072-973FBE1679C5}
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Manager for VAIO-->C:\Program Files (x86)\Sony\VAIO Uninstaller\vaiouninstaller.exe
ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7BB90344-0647-468E-925A-7F69F7983421}\Setup.exe" -l0x9
ArcSoft WebCam Companion 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9973498D-EA29-4A68-BE0B-C88D6E03E928}\Setup.exe" -l0x9
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Barbie(R) idesign(TM) Ultimate Stylist(TM)-->MsiExec.exe /I{3EDF07A0-0362-4881-A772-ED4E66D3084A}
Click to Disc Editor-->C:\Program Files (x86)\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x0409
Click to Disc-->C:\Program Files (x86)\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
GEAR driver installer for x86 and x64-->MsiExec.exe /I{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\4.1.249.1064\Installer\setup.exe" --uninstall --system-level
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HiYo -->MsiExec.exe /X{00E1E235-AB45-4695-A156-073118949ED4} ARPVAL="UnInst" /qf /L*V "%temp%\HiYoUninstallLog.log"
HiYo-->MsiExec.exe /X{00E1E235-AB45-4695-A156-073118949ED4}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio-->C:\ARQUIV~1\IRPF2010\UNWISE.EXE C:\ARQUIV~1\IRPF2010\INSTALL.LOG
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Professional Edição 2003-->MsiExec.exe /I{90110416-6000-11D3-8CFE-0150048383C9}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{67E03279-F703-408F-B4BF-46B5FC8D70CD}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Music Transfer-->C:\Program Files (x86)\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x0009 -removeonly
OpenMG Secure Module 5.3.00-->C:\Program Files (x86)\InstallShield Installation Information\{DEF97A70-C67D-41E1-837C-6462C97A6F65}\IS_Setup.exe -l0x0409 /z"UNINSTALL"
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
QuickBooks Financial Center-->MsiExec.exe /I{0F962B79-D0DC-40D9-96BA-ED1355120CBA}
QuickBooks Simple Start 2009-->msiexec.exe /I {9A2F0810-369F-4E86-9072-973FBE1679C5} UNIQUE_NAME="atomlimited" QBFULLNAME="QuickBooks Simple Start 2009" ADDREMOVE=1
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RtlUpd64.exe -r -m -nrg2709
Receitanet Java 2010.02a-->C:\PROGRA~2\PROGRA~1\RECEIT~1\DesinstJ.exe
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Easy Media Creator 10 LJ-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Easy Media Creator Home-->MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83}
Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sicalc Auto Atendimento-->"C:\Program Files (x86)\Programas RFB\Sicalc Auto Atendimento\uninstall.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SmartWi Connection Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}\setup.exe" -l0x9 -removeonly
Sony Home Network Library-->"C:\Program Files (x86)\InstallShield Installation Information\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sony Picture Utility-->C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
Sony Video Shared Library-->C:\Program Files (x86)\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x0009 -removeonly
SupportSoft Assisted Service-->MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VAIO Care-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}\setup.exe" -l0x9 -removeonly
VAIO Content Folder Setting-->"C:\Program Files (x86)\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Content Folder Watcher-->"C:\Program Files (x86)\InstallShield Installation Information\{327B75F0-92AF-420A-988F-FA596A218E0B}\setup.exe" -runfromtemp -l0x0009 UNINSTALL -removeonly
VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files (x86)\InstallShield Installation Information\{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Metadata Manager Setting-->C:\Program Files (x86)\InstallShield Installation Information\{EADE97A7-E7AA-43FD-A042-92A68E0187A6}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Metadata XML Interface Library-->C:\Program Files (x86)\InstallShield Installation Information\{E3453B1B-C91B-4C48-B046-8DF635DD46F2}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool-->C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO DVD Menu Data Basic-->C:\Program Files (x86)\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Help and Support-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D47FE987-EA3D-424B-9886-B752501D7CE7}\setup.exe" -l0x9 -removeonly
VAIO Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Media plus Opening Movie-->"C:\Program Files (x86)\InstallShield Installation Information\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Media plus-->"C:\Program Files (x86)\InstallShield Installation Information\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Movie Story Template Data-->C:\Program Files (x86)\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Movie Story-->C:\Program Files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO MusicBox Sample Music-->"C:\Program Files (x86)\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO MusicBox-->"C:\Program Files (x86)\InstallShield Installation Information\{D613E659-6503-42A8-9617-4F599061EAD5}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO My Memory Center-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{72B5983C-80C7-4225-BA72-E92AE1D59C62}\setup.exe" -l0x9 -removeonly
VAIO OOBE and Welcome Center-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1B500D37-E7CF-480B-8054-8A563594EC4E}\setup.exe" -l0x9 -removeonly
VAIO OOBE and Welcome Center-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5D87D9D7-783C-4FBE-B24A-725342CB0329}\setup.exe" -l0x9 -removeonly
VAIO Original Function Setting-->"C:\Program Files (x86)\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{5F5867F0-2D23-4338-A206-01A76C823924}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Survey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{34B37A74-125E-4406-87BA-E4BD3D097AE5}\setup.exe" -l0x9 -removeonly
VAIO Update 4-->"C:\Program Files (x86)\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Windows Live Call-->MsiExec.exe /I{32BC546A-8AA3-4239-AE92-9CF3291C35A6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F2CD4651-F948-467C-B014-71FD981B7F59}
Windows Live Galeria de Fotos-->MsiExec.exe /X{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}
Windows Live Mail-->MsiExec.exe /I{74AD1846-2010-4FB1-8E24-B6F2B87150C2}
Windows Live Messenger-->MsiExec.exe /X{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}
Windows Live Movie Maker-->MsiExec.exe /X{24F3CA05-14C6-4D1D-BED8-6E4F61EF1B0E}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Sync-->MsiExec.exe /X{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}
Windows Live Toolbar-->MsiExec.exe /X{624DEAA0-B27D-444B-8BFE-70622B318A4A}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{9555B4ED-09A3-4722-8E8C-57A49401D059}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD for VAIO-->C:\Program Files (x86)\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: Deborah-PC
Event Code: 4374
Message: Windows Servicing identified that package KB948465(Service Pack) is not applicable for this system
Record Number: 72895
Source Name: Microsoft-Windows-Servicing
Time Written: 20091204000334.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Deborah-PC
Event Code: 4374
Message: Windows Servicing identified that package KB948465(Service Pack) is not applicable for this system
Record Number: 72894
Source Name: Microsoft-Windows-Servicing
Time Written: 20091204000334.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Deborah-PC
Event Code: 4374
Message: Windows Servicing identified that package KB948465(Service Pack) is not applicable for this system
Record Number: 72893
Source Name: Microsoft-Windows-Servicing
Time Written: 20091204000334.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Deborah-PC
Event Code: 4374
Message: Windows Servicing identified that package KB948465(Service Pack) is not applicable for this system
Record Number: 72892
Source Name: Microsoft-Windows-Servicing
Time Written: 20091204000333.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Deborah-PC
Event Code: 4374
Message: Windows Servicing identified that package KB948465(Service Pack) is not applicable for this system
Record Number: 72891
Source Name: Microsoft-Windows-Servicing
Time Written: 20091204000333.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Deborah-PC
Event Code: 1534
Message: Profile notification of event Delete for component {DE3F3560-3032-41B4-B6CF-F703B1B95640} failed, error code is -2147024875.

Record Number: 1258
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090809085242.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Deborah-PC
Event Code: 2
Message: Unable to remove Windows Search Service indexed data for user 'Deborah-PC\Administrator' in response to user profile deletion. Error code 0x80070015.
The device is not ready.
.
Record Number: 1257
Source Name: Microsoft-Windows-Search-ProfileNotify
Time Written: 20090809085242.000000-000
Event Type: Error
User:
Computer Name: Deborah-PC
Event Code: 7
Message: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)
Record Number: 1248
Source Name: VzCdbSvc
Time Written: 20090809085223.000000-000
Event Type: Error
User:
Computer Name: Deborah-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 1245
Source Name: Microsoft-Windows-WMI
Time Written: 20090809085220.000000-000
Event Type: Error
User:
Computer Name: Deborah-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.
Record Number: 1241
Source Name: Microsoft-Windows-Search
Time Written: 20090809085215.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: WIN-HMZ4F3OHV04
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2401
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090710010943.461788-000
Event Type: Audit Success
User:
Computer Name: WIN-HMZ4F3OHV04
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-HMZ4F3OHV04$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x29c
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2400
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090710010943.461788-000
Event Type: Audit Success
User:
Computer Name: WIN-HMZ4F3OHV04
Event Code: 4648
Message: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: WIN-HMZ4F3OHV04$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x29c
Process Name: C:\Windows\System32\services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 2399
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090710010943.461788-000
Event Type: Audit Success
User:
Computer Name: WIN-HMZ4F3OHV04
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 2398
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090710010945.380200-000
Event Type: Audit Success
User:
Computer Name: WIN-HMZ4F3OHV04
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-4279294294-3856859191-3612846604-500
Account Name: Administrator
Domain Name: WIN-HMZ4F3OHV04
Logon ID: 0x4e8ae
Record Number: 2397
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090710010933.898988-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"RoxioCentral"=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0\lib\ext\QTJava.zip
-----------------EOF-----------------

Abraços

Megadeeth · 10/05/2010

Nossa!!!! mais esse virus de boot eh complicado????? ele pode pegar os documentos e as senhas do pc??? pq meu tio tem varios

Taqui o q me pediu Mestre

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
[000.000111]
VAGS
POP=000001
UXER=1
SPLASH=ERROR
[MCI Extensions.BAK]
aif=MPEGVideo
aifc=MPEGVideo
aiff=MPEGVideo
asf=MPEGVideo
asx=MPEGVideo
au=MPEGVideo
m1v=MPEGVideo
m3u=MPEGVideo
mp2=MPEGVideo
mp2v=MPEGVideo
mp3=MPEGVideo
mpa=MPEGVideo
mpe=MPEGVideo
mpeg=MPEGVideo
mpg=MPEGVideo
mpv2=MPEGVideo
snd=MPEGVideo
wax=MPEGVideo
wm=MPEGVideo
wma=MPEGVideo
wmv=MPEGVideo
wmx=MPEGVideo
wpl=MPEGVideo
wvx=MPEGVideo
m2v=MPEGVideo
mod=MPEGVideo
[SciCalc]
layout=0
[MSUCE]
Advanced=0
CodePage=Unicode
Font=Wingdings 3
[FoxyTunesWMP]
MessageBoxAnswer=0
[Visual]
MainWidth=8370
MainHeight=6915
[MJ]
ACC=0

Mto obrigado por mais uma das 1000 ajudas q vc ja me deu

Mr.Wolf · 10/05/2010

Xleon, não há nada associado com o problema com os spams no log. Apenas três entradas do registro infectadas por um verme de pen drive. Nada mais!

Algum bot da web pode ter registrado o endereço de e-mail do dono da máquina, e por isso os envios de spam estão ocorrendo.

Basta trocar a senha do e-mail mesmo.

Siga abaixo:

Abra o Bloco de Notas e cole este texto abaixo:

Código:

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c2da-84c2-11de-9463-0024338b2fd4}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c32b-84c2-11de-9463-0024338b2fd4}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36a5c351-84c2-11de-9463-0024338b2fd4}]

Salve como Fix.reg no desktop. Execute o arquivo e aceite a modificação.

Algum outro problema, além do spam?

_______________________

Megadeeth, aqui está o problema:

[000.000111]
VAGS
POP=000001
UXER=1
SPLASH=ERROR

Legítimo Vírus de Boot. Este tipo de vírus não rouba senhas ou compromete documentos, apenas contamina o MBR da máquina.

Pode ser um pouco trabalhoso remover um Vírus de Boot. Mas, hoje em dia, há soluções eficazes.

Utilize um Rescue Disk.

Megadeeth · 10/05/2010

Hummmm q bosta heim Mestre ????? como posso ter me infectado por esse virus de boot???? agente usa akele logmein aki sera q pode ter sido isso???? oÔ

Pelo q li no link dos rescue disks eh soh gravar em um cd e dar um boots ñ eh isso???

Vou fazer isso amanha pq hj ja tamo fechando aki.Amanha de manhazinha eu faço isso e te falo.

Se isso ñ resolver tem outros programas Mr.Wolf???

Mto obrigado irmao

um abraçao e boa semana

Antyon · 10/05/2010

Olá Mr. Wolf

Acho que estou com vírus no meu PC, há um tempo atrás quando inicio meu Windows XP depois de carregado aparece um novo hardware detectado chamado net. Dei uma olhada nos processos e lá estava net.exe.

Agora pouco liguei o PC e de vez enquando abre um site de publicidade do nada pelo IE. E também o meu Firefox fecha do nada de vez enquando.

Segue o Log no Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:43:23, on 10/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\csrcs.exe
C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe
C:\xampp\apache\bin\httpd.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Winamp\winampa.exe
C:\Arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Pdegoa.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWTray.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\ARQUIV~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\ARQUIV~1\FlashGet\getflash.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll
O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Arquivos de programas\RivaTuner v2.24\RivaTuner.exe" /S
O4 - HKLM\..\Run: [BINA PRO] "C:\Arquivos de programas\BINA PRO\BINAPRO500.exe"
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [myweather] "C:\Arquivos de programas\MyFreeWeather\myweather.exe" /autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Arquivos de programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Secret Drive] "C:\Arquivos de programas\Eterlogic.com\SecretDrive\SecretDrive.exe" -minimize
O4 - HKCU\..\Run: [Microsoft Security Essential] "C:\DOCUME~1\TIOZAC~1\CONFIG~1\Temp\msseces.exe"
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Arquivos de programas\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Arquivos de programas\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\DOCUME~1\TIOZAC~1\CONFIG~1\Temp\Plr.exe
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Dados de aplicativos\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240103179468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240143670187
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF73D593-46FE-447A-94D5-B7975EC72875}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{30693CC6-D75D-4988-9967-2E8CA9BA5521}: NameServer = 200.185.6.131,200.185.6.163
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - C:\Arquivos de programas\RelevantKnowledge\rlls.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 12290 bytes

Um processo que me chamou atenção por eu não ter encontrado nada sobre ele no google é o: Pdegoa.exe

cg150mt · 11/05/2010

Mr. Wolf...
valeu pela ajuda
Aqui esta o log do OTS

OTS logfile created on: 11/05/2010 08:40:52 - Run 1
OTS by OldTimer - Version 3.1.31.0 Folder = C:\Documents and Settings\User\Meus documentos\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
512,00 Mb Total Physical Memory | 288,00 Mb Available Physical Memory | 56,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 38,28 Gb Total Space | 26,71 Gb Free Space | 69,78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 135,22 Gb Total Space | 120,49 Gb Free Space | 89,11% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARCIO
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\User\Meus documentos\Downloads\OTS.exe -> [2010/05/10 17:57:47 | 000,640,000 | ---- | M] (OldTimer Tools)
firefox.exe -> C:\Arquivos de programas\Mozilla Firefox\firefox.exe -> [2010/04/03 11:00:22 | 000,910,296 | ---- | M] (Mozilla Corporation)
gbpsv.exe -> C:\ARQUIV~1\GbPlugin\GbpSv.exe -> [2010/03/01 13:16:20 | 000,053,688 | ---- | M] ( )
avguard.exe -> C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -> [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH)
sched.exe -> C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -> [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH)
avgnt.exe -> C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH)
wlcomm.exe -> C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe -> [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2008/04/14 09:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation)
devldr32.exe -> C:\WINDOWS\System32\devldr32.exe -> [2001/09/05 23:50:32 | 000,024,064 | ---- | M] (Creative Technology Ltd.)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\User\Meus documentos\Downloads\OTS.exe -> [2010/05/10 17:57:47 | 000,640,000 | ---- | M] (OldTimer Tools)
gbiehcef.dll -> C:\Arquivos de programas\GbPlugin\gbiehcef.dll -> [2010/02/22 18:10:00 | 000,315,488 | ---- | M] (Caixa Economica Federal)
netui1.dll -> C:\WINDOWS\system32\netui1.dll -> [2008/04/14 09:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\WINDOWS\system32\msscript.ocx -> [2008/04/14 09:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation)
netui0.dll -> C:\WINDOWS\system32\netui0.dll -> [2008/04/14 09:00:00 | 000,081,920 | ---- | M] (Microsoft Corporation)
ntlanman.dll -> C:\WINDOWS\system32\ntlanman.dll -> [2008/04/14 09:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation)
davclnt.dll -> C:\WINDOWS\system32\davclnt.dll -> [2008/04/14 09:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation)
drprov.dll -> C:\WINDOWS\system32\drprov.dll -> [2008/04/14 09:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation)
netrap.dll -> C:\WINDOWS\system32\netrap.dll -> [2008/04/14 09:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(MSDTC) Coordenador de transações distribuídas [On_Demand | Stopped] -> C:\WINDOWS\system32\msdtc -> [2010/03/04 14:33:39 | 000,000,000 | ---D | M]
(GbpSv) Gbp Service [Unknown | Running] -> C:\ARQUIV~1\GbPlugin\GbpSv.exe -> [2010/03/01 13:16:20 | 000,053,688 | ---- | M] ( )
(AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -> [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH)
(AntiVirSchedulerService) Avira AntiVir Programador [Auto | Running] -> C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -> [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH)
(NMIndexingService) NMIndexingService [Disabled | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe -> [2007/12/13 19:10:56 | 000,447,784 | ---- | M] (Nero AG)
(odserv) Microsoft Office Diagnostics Service [Disabled | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation)
(MDM) Machine Debug Manager [Disabled | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe -> [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Disabled | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(GbpKm) Gbp KernelMode [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\gbpkm.sys -> [2010/04/23 15:31:36 | 000,030,504 | ---- | M] (GAS Tecnologia)
(nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -> [2010/03/16 03:51:59 | 010,232,352 | ---- | M] (NVIDIA Corporation)
(cmpci) C-Media PCI Audio Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\cmaudio.sys -> [2010/03/04 16:04:23 | 000,377,358 | ---- | M] (C-Media Inc)
(avgntflt) avgntflt [File_System | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\avgntflt.sys -> [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH)
(ssmdrv) ssmdrv [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -> [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH)
(avipbb) avipbb [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\avipbb.sys -> [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH)
(avgio) avgio [Kernel | System | Running] -> C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -> [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH)
(gameenum) Enumerador de portas de jogos [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\gameenum.sys -> [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation)
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 08:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -> [2008/04/13 06:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(GTwinUSB) GTwinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\GTwinUSB.sys -> [2005/04/15 17:54:52 | 000,071,424 | R--- | M] (Gemplus)
(ip100xp) ENCORE 10/100Mbps Fast Ethernet PCI Adapter NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ipfnd51.sys -> [2005/04/06 11:30:16 | 000,026,752 | ---- | M] (ENCORE ELECTRONICS, INC. )
(sfman) Creative SoundFont Manager Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\sfmanm.sys -> [2001/08/17 20:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.)
(emu10k1) Creative Interface Manager Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\ctlfacem.sys -> [2001/08/17 20:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.)
(emu10k) Creative SB Live! (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\emu10k1m.sys -> [2001/08/17 20:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.)
(ctljystk) Creative SBLive! Gameport [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ctljystk.sys -> [2001/08/17 20:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\] > -> ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\: Main\\"Search Page" -> &http://home.microsoft.com/intl/br/access/allinone.asp ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\: Main\\"Start Page" -> http://www.wln.com.br/ ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\User\Dados de aplicativos\Mozilla\FireFox\Profiles\d0u65v8f.default\prefs.js ->
browser.startup.homepage -> "http://www.terra.com.br/" ->
extensions.enabledItems -> jqs@sun.com:1.0 ->
extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.10.4 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Arquivos de programas\Mozilla Firefox\components [C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX\COMPONENTS] -> [2010/04/03 11:00:39 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Arquivos de programas\Mozilla Firefox\plugins [C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX\PLUGINS] -> [2010/04/26 15:06:01 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\User\Dados de aplicativos\Mozilla\Extensions -> [2010/03/08 09:39:26 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\User\Dados de aplicativos\Mozilla\Firefox\Profiles\d0u65v8f.default\extensions -> [2010/05/10 10:21:31 | 000,000,000 | ---D | M]
No name found -> C:\Documents and Settings\User\Dados de aplicativos\Mozilla\Firefox\Profiles\d0u65v8f.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2010/03/25 09:16:39 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Arquivos de programas\Mozilla Firefox\extensions -> [2010/05/10 10:21:31 | 000,000,000 | ---D | M]
Java Console -> C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/04/26 15:06:07 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 09:00:00 | 000,000,776 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2010/04/03 20:36:42 | 000,075,200 | ---- | M] (Adobe Systems Incorporated)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Auxiliar de Conexão do Windows Live] -> [2009/01/22 15:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.)
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Arquivos de programas\GbPlugin\gbieh.dll [GbIehObj Class] -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil)
{C41A1C0E-EA6C-11D4-B1B8-444553540003} [HKLM] -> C:\Arquivos de programas\GbPlugin\gbiehcef.dll [GbIehObj Class] -> [2010/02/22 18:10:00 | 000,315,488 | ---- | M] (Caixa Economica Federal)
{C41A1C0E-EA6C-11D4-B1B8-444553540011} [HKLM] -> C:\Arquivos de programas\GbPlugin\gbiehscd.dll [GbIehObj Class] -> [2010/03/01 13:16:14 | 000,312,760 | ---- | M] (Sicredi)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe ARM" -> C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe ["C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"] -> [2010/03/24 15:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated)
"avgnt" -> C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe ["C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH)
"NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2010/03/16 03:37:50 | 013,670,504 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" -> C:\WINDOWS\System32\NvMcTray.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2010/03/16 03:37:50 | 000,110,696 | ---- | M] (NVIDIA Corporation)
"nwiz" -> [nwiz.exe /installquiet] -> File not found
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Menu Iniciar\Programas\Inicializar ->
< User Startup Folder > -> C:\Documents and Settings\User\Menu Iniciar\Programas\Inicializar ->
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003] > -> HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xportar para o Microsoft Excel -> C:\Arquivos de programas\Microsoft Office\Office12\EXCEL [res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 000,040,424 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Galeria Microsoft ActiveX ->
PluginsPage -> http://activex.&microsoft.com/controls/find.asp?ext=%smime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
caixa.gov.br .[*] -> Sites confiáveis ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\] > -> HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-448539723-1085031214-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
{DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} [HKLM] -> https://imagem.caixa.gov.br/cab/gbpdist.cab [GbpDistObj Class] ->
{E77F23EB-E7AB-4502-8F37-247DBAF1A147} [HKLM] -> http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab [Windows Live Hotmail Photo Upload Tool] ->
Microsoft XML Parser for Java [HKLM] -> file:///C:/WINDOWS/Java/classes/xmldso.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{785B3FB4-F897-4E41-B1C6-9884AED51D19}\\NameServer -> 201.33.224.2,201.33.224.3 (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 09:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GbPluginBb -> C:\Arquivos de programas\GbPlugin\gbieh.dll -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil)
GbPluginCef -> C:\Arquivos de programas\GbPlugin\gbiehcef.dll -> [2010/02/22 18:10:00 | 000,315,488 | ---- | M] (Caixa Economica Federal)
GbPluginScd -> C:\Arquivos de programas\GbPlugin\gbiehscd.dll -> [2010/03/01 13:16:14 | 000,312,760 | ---- | M] (Sicredi)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{E37CB5F0-51F5-4395-A808-5FA49E399003}" [HKLM] -> C:\Arquivos de programas\GbPlugin\gbiehcef.dll [GbPlugin ShlObj] -> [2010/02/22 18:10:00 | 000,315,488 | ---- | M] (Caixa Economica Federal)
"{E37CB5F0-51F5-4395-A808-5FA49E399011}" [HKLM] -> C:\Arquivos de programas\GbPlugin\gbiehscd.dll [GbPlugin ShlObj] -> [2010/03/01 13:16:14 | 000,312,760 | ---- | M] (Sicredi)
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Arquivos de programas\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" -> C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe [C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Arquivos de programas\Java\jre6\bin\java.exe" -> C:\Arquivos de programas\Java\jre6\bin\java.exe [C:\Arquivos de programas\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary] -> [2010/04/26 15:05:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" -> C:\Arquivos de programas\Java\jre6\bin\javaw.exe [C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary] -> [2010/04/26 15:05:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe" -> C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe [C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application] -> [2010/02/11 09:01:40 | 005,150,504 | ---- | M] (TeamViewer GmbH)
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" -> C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe [C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\autoexec.bat [C:\ARQUIV~1\GRISOFT\AVGFRE~1\BOOTUP.EXE | mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb br,,C:\WINDOWS\COMMAND\keyboard.sys | SET CLIPPER=//F:250 | ] -> C:\autoexec.bat [ NTFS ] -> [2008/02/06 14:36:16 | 000,000,196 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Files/Folders - Created Within 90 Days]
Windows Live Safety Center -> C:\Arquivos de programas\Windows Live Safety Center -> [2010/05/07 08:59:58 | 000,000,000 | ---D | C]
Trend Micro -> C:\Arquivos de programas\Trend Micro -> [2010/05/05 11:45:08 | 000,000,000 | ---D | C]
hijackThis -> C:\hijackThis -> [2010/05/05 11:17:24 | 000,000,000 | ---D | C]
GTwinUSB.sys -> C:\WINDOWS\System32\drivers\GTwinUSB.sys -> [2010/05/04 16:07:57 | 000,071,424 | R--- | C] (Gemplus)
Recent -> C:\Documents and Settings\User\Recent -> [2010/05/04 15:01:36 | 000,000,000 | RH-D | C]
CCleaner -> C:\Arquivos de programas\CCleaner -> [2010/05/04 14:58:40 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\All Users\Dados de aplicativos\Google -> [2010/04/26 15:07:28 | 000,000,000 | ---D | C]
Google -> C:\Arquivos de programas\Google -> [2010/04/26 15:07:28 | 000,000,000 | ---D | C]
deployJava1.dll -> C:\WINDOWS\System32\deployJava1.dll -> [2010/04/26 15:06:01 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2010/04/26 15:06:01 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/04/26 15:06:00 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/04/26 15:06:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\WINDOWS\System32\java.exe -> [2010/04/26 15:06:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
Java -> C:\Arquivos de programas\Java -> [2010/04/26 15:05:42 | 000,000,000 | ---D | C]
Nova pasta -> C:\Documents and Settings\User\Desktop\Nova pasta -> [2010/04/26 14:55:56 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\Documents and Settings\All Users\Dados de aplicativos\NVIDIA Corporation -> [2010/04/16 09:50:13 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\Arquivos de programas\NVIDIA Corporation -> [2010/04/16 09:49:48 | 000,000,000 | ---D | C]
ReinstallBackups -> C:\WINDOWS\System32\ReinstallBackups -> [2010/04/16 09:49:09 | 000,000,000 | ---D | C]
OpenCL.dll -> C:\WINDOWS\System32\OpenCL.dll -> [2010/04/16 09:48:28 | 000,061,440 | ---- | C] (Khronos Group)
nvcompiler.dll -> C:\WINDOWS\System32\nvcompiler.dll -> [2010/04/16 09:48:24 | 011,640,832 | ---- | C] (NVIDIA Corporation)
Application Data -> C:\Documents and Settings\User\Application Data -> [2010/04/14 14:58:44 | 000,000,000 | ---D | C]
NtmsData -> C:\WINDOWS\System32\NtmsData -> [2010/04/03 10:18:15 | 000,000,000 | ---D | C]
Extended Systems -> C:\Arquivos de programas\Extended Systems -> [2010/03/29 17:03:09 | 000,000,000 | ---D | C]
ptpusb.dll -> C:\WINDOWS\System32\ptpusb.dll -> [2010/03/26 07:46:25 | 000,005,632 | ---- | C] (Microsoft Corporation)
ptpusd.dll -> C:\WINDOWS\System32\ptpusd.dll -> [2010/03/26 07:46:23 | 000,159,232 | ---- | C] (Microsoft Corporation)
usbscan.sys -> C:\WINDOWS\System32\dllcache\usbscan.sys -> [2010/03/26 07:46:22 | 000,015,104 | ---- | C] (Microsoft Corporation)
WMTools Downloaded Files -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\WMTools Downloaded Files -> [2010/03/24 17:16:21 | 000,000,000 | ---D | C]
appmgmt -> C:\WINDOWS\System32\appmgmt -> [2010/03/20 12:05:11 | 000,000,000 | ---D | C]
nView_Profiles -> C:\Documents and Settings\All Users\Dados de aplicativos\nView_Profiles -> [2010/03/16 08:12:42 | 000,000,000 | ---D | C]
nvcpl.dll -> C:\WINDOWS\System32\nvcpl.dll -> [2010/03/16 03:37:50 | 013,670,504 | ---- | C] (NVIDIA Corporation)
nvmccs.dll -> C:\WINDOWS\System32\nvmccs.dll -> [2010/03/16 03:37:50 | 000,278,120 | ---- | C] (NVIDIA Corporation)
nvcolor.exe -> C:\WINDOWS\System32\nvcolor.exe -> [2010/03/16 03:37:50 | 000,145,000 | ---- | C] (NVIDIA Corporation)
nvmctray.dll -> C:\WINDOWS\System32\nvmctray.dll -> [2010/03/16 03:37:50 | 000,110,696 | ---- | C] (NVIDIA Corporation)
nvwddi.dll -> C:\WINDOWS\System32\nvwddi.dll -> [2010/03/16 03:37:44 | 000,081,920 | ---- | C] (NVIDIA Corporation)
Adobe -> C:\Arquivos de programas\Adobe -> [2010/03/12 11:25:48 | 000,000,000 | ---D | C]
Setup1.exe -> C:\WINDOWS\Setup1.exe -> [2010/03/11 16:38:34 | 000,286,720 | ---- | C] (Microsoft Corporation)
ST6UNST.EXE -> C:\WINDOWS\ST6UNST.EXE -> [2010/03/11 16:38:33 | 000,073,216 | ---- | C] (Microsoft Corporation)
gbpkm.sys -> C:\WINDOWS\System32\drivers\gbpkm.sys -> [2010/03/09 08:18:18 | 000,030,504 | ---- | C] (GAS Tecnologia)
GbPlugin -> C:\Arquivos de programas\GbPlugin -> [2010/03/09 08:17:27 | 000,000,000 | ---D | C]
GbPlugin -> C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin -> [2010/03/08 14:07:49 | 000,000,000 | ---D | C]
TeamViewer -> C:\Documents and Settings\User\Dados de aplicativos\TeamViewer -> [2010/03/08 11:00:32 | 000,000,000 | ---D | C]
TeamViewer -> C:\Arquivos de programas\TeamViewer -> [2010/03/08 10:59:58 | 000,000,000 | ---D | C]
Downloads -> C:\Documents and Settings\User\Meus documentos\Downloads -> [2010/03/08 10:45:02 | 000,000,000 | ---D | C]
Identities -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Identities -> [2010/03/08 09:46:24 | 000,000,000 | ---D | C]
Mozilla -> C:\Documents and Settings\User\Dados de aplicativos\Mozilla -> [2010/03/08 09:37:26 | 000,000,000 | ---D | C]
Mozilla -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Mozilla -> [2010/03/08 09:37:26 | 000,000,000 | ---D | C]
Mozilla Firefox -> C:\Arquivos de programas\Mozilla Firefox -> [2010/03/08 08:53:05 | 000,000,000 | ---D | C]
midas.dll -> C:\WINDOWS\System32\midas.dll -> [2010/03/06 11:02:42 | 000,297,984 | ---- | C] (Borland Software Corporation)
skypePM -> C:\Documents and Settings\User\Dados de aplicativos\skypePM -> [2010/03/06 10:27:21 | 000,000,000 | ---D | C]
Skype -> C:\Documents and Settings\User\Dados de aplicativos\Skype -> [2010/03/06 10:25:04 | 000,000,000 | ---D | C]
Skype -> C:\Arquivos de programas\Arquivos comuns\Skype -> [2010/03/06 10:18:04 | 000,000,000 | ---D | C]
Skype -> C:\Arquivos de programas\Skype -> [2010/03/06 10:18:02 | 000,000,000 | R--D | C]
Skype -> C:\Documents and Settings\All Users\Dados de aplicativos\Skype -> [2010/03/06 10:16:42 | 000,000,000 | ---D | C]
Help -> C:\Documents and Settings\User\Dados de aplicativos\Help -> [2010/03/06 09:59:25 | 000,000,000 | ---D | C]
Help -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Help -> [2010/03/06 09:59:25 | 000,000,000 | ---D | C]
setdebug.exe -> C:\WINDOWS\setdebug.exe -> [2010/03/06 09:33:04 | 000,046,352 | ---- | C] (Microsoft Corporation)
dx3j.dll -> C:\WINDOWS\System32\dx3j.dll -> [2010/03/06 09:33:03 | 000,313,856 | ---- | C] (Microsoft Corporation)
jit.dll -> C:\WINDOWS\System32\jit.dll -> [2010/03/06 09:33:03 | 000,171,280 | ---- | C] (Microsoft Corporation)
javaee.dll -> C:\WINDOWS\System32\javaee.dll -> [2010/03/06 09:33:03 | 000,139,536 | ---- | C] (Microsoft Corporation)
wjview.exe -> C:\WINDOWS\System32\wjview.exe -> [2010/03/06 09:32:58 | 000,171,792 | ---- | C] (Microsoft Corporation)
vmhelper.dll -> C:\WINDOWS\System32\vmhelper.dll -> [2010/03/06 09:32:57 | 000,286,992 | ---- | C] (Microsoft Corporation)
msawt.dll -> C:\WINDOWS\System32\msawt.dll -> [2010/03/06 09:32:57 | 000,154,384 | ---- | C] (Microsoft Corporation)
msjdbc10.dll -> C:\WINDOWS\System32\msjdbc10.dll -> [2010/03/06 09:32:57 | 000,021,264 | ---- | C] (Microsoft Corporation)
javart.dll -> C:\WINDOWS\System32\javart.dll -> [2010/03/06 09:32:56 | 000,404,752 | ---- | C] (Microsoft Corporation)
javacypt.dll -> C:\WINDOWS\System32\javacypt.dll -> [2010/03/06 09:32:56 | 000,187,152 | ---- | C] (Microsoft Corporation)
jview.exe -> C:\WINDOWS\System32\jview.exe -> [2010/03/06 09:32:56 | 000,172,304 | ---- | C] (Microsoft Corporation)
javaprxy.dll -> C:\WINDOWS\System32\javaprxy.dll -> [2010/03/06 09:32:56 | 000,063,248 | ---- | C] (Microsoft Corporation)
jdbgmgr.exe -> C:\WINDOWS\System32\jdbgmgr.exe -> [2010/03/06 09:32:56 | 000,015,120 | ---- | C] (Microsoft Corporation)
clspack.exe -> C:\WINDOWS\System32\clspack.exe -> [2010/03/06 09:32:55 | 000,049,424 | ---- | C] (Microsoft Corporation)
Sun -> C:\WINDOWS\Sun -> [2010/03/06 08:44:31 | 000,000,000 | ---D | C]
XceedZip.dll -> C:\WINDOWS\System32\XceedZip.dll -> [2010/03/06 08:43:12 | 000,284,032 | ---- | C] (Xceed Software Inc (450) 442-2626 zip@xceedsoft.com www.xceedsoft.com)
Lei -> C:\Lei -> [2010/03/06 08:43:11 | 000,000,000 | ---D | C]
IsUn0416.exe -> C:\WINDOWS\IsUn0416.exe -> [2010/03/06 08:42:12 | 000,327,168 | ---- | C] (InstallShield Software Corporation, Inc.)
CutePDF Writer -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\CutePDF Writer -> [2010/03/06 08:32:24 | 000,000,000 | ---D | C]
Adobe -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Adobe -> [2010/03/05 15:13:58 | 000,000,000 | ---D | C]
pss -> C:\WINDOWS\pss -> [2010/03/05 15:08:20 | 000,000,000 | ---D | C]
Borland -> C:\Arquivos de programas\Borland -> [2010/03/05 14:52:44 | 000,000,000 | ---D | C]
cnsselo.dll -> C:\WINDOWS\System32\cnsselo.dll -> [2010/03/05 13:35:36 | 000,379,904 | ---- | C] (DBA)
Wca_32.dll -> C:\WINDOWS\System32\Wca_32.dll -> [2010/03/05 13:35:33 | 000,117,760 | ---- | C] (Stardust Technologies, Inc.)
W32spdll.dll -> C:\WINDOWS\System32\W32spdll.dll -> [2010/03/05 13:35:33 | 000,017,920 | ---- | C] (Stardust Technologies, Inc.)
data -> C:\WINDOWS\System32\data -> [2010/03/05 13:35:33 | 000,000,000 | ---D | C]
obscpapi.dll -> C:\WINDOWS\System32\obscpapi.dll -> [2010/03/05 13:35:28 | 000,262,095 | ---- | C] (CEF)
MSJET35.DLL -> C:\WINDOWS\System32\MSJET35.DLL -> [2010/03/05 13:35:16 | 001,046,288 | ---- | C] (Microsoft Corporation)
Dao350.dll -> C:\WINDOWS\System32\Dao350.dll -> [2010/03/05 13:35:16 | 000,570,128 | ---- | C] (Microsoft Corporation)
Mshflxgd.ocx -> C:\WINDOWS\System32\Mshflxgd.ocx -> [2010/03/05 13:35:16 | 000,442,883 | ---- | C] (Microsoft Corporation)
Msrepl35.dll -> C:\WINDOWS\System32\Msrepl35.dll -> [2010/03/05 13:35:16 | 000,415,504 | ---- | C] (Microsoft Corporation)
Msdatgrd.ocx -> C:\WINDOWS\System32\Msdatgrd.ocx -> [2010/03/05 13:35:16 | 000,262,659 | ---- | C] (Microsoft Corporation)
Msrd2x35.dll -> C:\WINDOWS\System32\Msrd2x35.dll -> [2010/03/05 13:35:16 | 000,252,176 | ---- | C] (Microsoft Corporation)
Msflxgrd.ocx -> C:\WINDOWS\System32\Msflxgrd.ocx -> [2010/03/05 13:35:16 | 000,246,787 | ---- | C] (Microsoft Corporation)
Flexwiz.ocx -> C:\WINDOWS\System32\Flexwiz.ocx -> [2010/03/05 13:35:16 | 000,229,379 | ---- | C] (Microsoft)
msmask32.ocx -> C:\WINDOWS\System32\msmask32.ocx -> [2010/03/05 13:35:16 | 000,169,475 | ---- | C] (Microsoft Corporation)
Msjint35.dll -> C:\WINDOWS\System32\Msjint35.dll -> [2010/03/05 13:35:16 | 000,123,664 | ---- | C] (Microsoft Corporation)
Msjter35.dll -> C:\WINDOWS\System32\Msjter35.dll -> [2010/03/05 13:35:16 | 000,024,848 | ---- | C] (Microsoft Corporation)
Vb5db.dll -> C:\WINDOWS\System32\Vb5db.dll -> [2010/03/05 13:35:15 | 000,089,360 | ---- | C] (Microsoft Corporation)
COMDLG32.OCX -> C:\WINDOWS\System32\COMDLG32.OCX -> [2010/03/05 13:35:12 | 000,141,315 | ---- | C] (Microsoft Corporation)
borlndmm.dll -> C:\WINDOWS\System32\borlndmm.dll -> [2010/03/05 13:35:12 | 000,022,016 | ---- | C] (Borland Software Corporation)
Mscomct2.ocx -> C:\WINDOWS\System32\Mscomct2.ocx -> [2010/03/05 13:35:11 | 000,645,616 | ---- | C] (Microsoft Corporation)
Comct332.ocx -> C:\WINDOWS\System32\Comct332.ocx -> [2010/03/05 13:35:11 | 000,417,795 | ---- | C] (Microsoft Corporation )
MSXBSE35.DLL -> C:\WINDOWS\System32\MSXBSE35.DLL -> [2010/03/05 13:35:11 | 000,290,816 | ---- | C] (Microsoft Corporation)
Comct232.ocx -> C:\WINDOWS\System32\Comct232.ocx -> [2010/03/05 13:35:11 | 000,167,427 | ---- | C] (Microsoft Corporation)
capicom.dll -> C:\WINDOWS\System32\capicom.dll -> [2010/03/05 13:29:53 | 000,466,944 | ---- | C] (Microsoft Corporation)
INETWH32.dll -> C:\WINDOWS\System32\INETWH32.dll -> [2010/03/05 13:29:50 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.)
Minidump -> C:\WINDOWS\Minidump -> [2010/03/05 08:00:03 | 000,000,000 | ---D | C]
CAIXA -> C:\Arquivos de programas\CAIXA -> [2010/03/04 18:12:25 | 000,000,000 | ---D | C]
AXIAL Software -> C:\Arquivos de programas\AXIAL Software -> [2010/03/04 18:12:25 | 000,000,000 | ---D | C]
Acro Software -> C:\Arquivos de programas\Acro Software -> [2010/03/04 18:12:25 | 000,000,000 | ---D | C]
Acessórios -> C:\Arquivos de programas\Acessórios -> [2010/03/04 18:12:25 | 000,000,000 | ---D | C]
32788R22FWJFW -> C:\Arquivos de programas\32788R22FWJFW -> [2010/03/04 18:12:25 | 000,000,000 | ---D | C]
Diogo Parcel Simples -> C:\Documents and Settings\User\Desktop\Diogo Parcel Simples -> [2010/03/04 18:11:42 | 000,000,000 | ---D | C]
Atalhos -> C:\Documents and Settings\User\Desktop\Atalhos -> [2010/03/04 18:11:42 | 000,000,000 | ---D | C]
Precisa Informática -> C:\Documents and Settings\User\Desktop\Precisa Informática -> [2010/03/04 18:11:40 | 000,000,000 | ---D | C]
Patricia -> C:\Documents and Settings\User\Desktop\Patricia -> [2010/03/04 18:11:40 | 000,000,000 | ---D | C]
.receitanet -> C:\Documents and Settings\User\.receitanet -> [2010/03/04 18:11:40 | 000,000,000 | ---D | C]
CyberLink -> C:\Documents and Settings\User\Meus documentos\CyberLink -> [2010/03/04 18:11:37 | 000,000,000 | ---D | C]
Corel User Files -> C:\Documents and Settings\User\Meus documentos\Corel User Files -> [2010/03/04 18:11:37 | 000,000,000 | ---D | C]
CHAVES -> C:\Documents and Settings\User\Meus documentos\CHAVES -> [2010/03/04 18:11:37 | 000,000,000 | ---D | C]
Expresso São Miguel -> C:\Documents and Settings\User\Meus documentos\Expresso São Miguel -> [2010/03/04 18:11:36 | 000,000,000 | ---D | C]
Empresas com Dividas -> C:\Documents and Settings\User\Meus documentos\Empresas com Dividas -> [2010/03/04 18:11:36 | 000,000,000 | ---D | C]
Documentos de Empresas ja Entregues -> C:\Documents and Settings\User\Meus documentos\Documentos de Empresas ja Entregues -> [2010/03/04 18:11:36 | 000,000,000 | ---D | C]
Minhas figuras -> C:\Documents and Settings\User\Meus documentos\Minhas figuras -> [2010/03/04 18:11:34 | 000,000,000 | -H-D | C]
Meus eBooks -> C:\Documents and Settings\User\Meus documentos\Meus eBooks -> [2010/03/04 18:11:34 | 000,000,000 | ---D | C]
Meus arquivos recebidos -> C:\Documents and Settings\User\Meus documentos\Meus arquivos recebidos -> [2010/03/04 18:11:34 | 000,000,000 | ---D | C]
FUNRURAL -> C:\Documents and Settings\User\Meus documentos\FUNRURAL -> [2010/03/04 18:11:34 | 000,000,000 | ---D | C]
Ficha de Salario Familia -> C:\Documents and Settings\User\Meus documentos\Ficha de Salario Familia -> [2010/03/04 18:11:34 | 000,000,000 | ---D | C]
My Pictures -> C:\Documents and Settings\User\Meus documentos\My Pictures -> [2010/03/04 18:11:16 | 000,000,000 | ---D | C]
My Music -> C:\Documents and Settings\User\Meus documentos\My Music -> [2010/03/04 18:11:16 | 000,000,000 | ---D | C]
My Digital Editions -> C:\Documents and Settings\User\Meus documentos\My Digital Editions -> [2010/03/04 18:11:16 | 000,000,000 | ---D | C]
My albums -> C:\Documents and Settings\User\Meus documentos\My albums -> [2010/03/04 18:11:16 | 000,000,000 | ---D | C]
NF-e Nota Fical -> C:\Documents and Settings\User\Meus documentos\NF-e Nota Fical -> [2010/03/04 18:11:14 | 000,000,000 | ---D | C]
Symantec -> C:\Documents and Settings\User\Meus documentos\Symantec -> [2010/03/04 18:11:10 | 000,000,000 | ---D | C]
SINDICATOS -> C:\Documents and Settings\User\Meus documentos\SINDICATOS -> [2010/03/04 18:11:10 | 000,000,000 | ---D | C]
ctljystk.sys -> C:\WINDOWS\System32\drivers\ctljystk.sys -> [2010/03/04 18:07:34 | 000,003,712 | ---- | C] (Creative Technology Ltd.)
ctljystk.sys -> C:\WINDOWS\System32\dllcache\ctljystk.sys -> [2010/03/04 18:07:34 | 000,003,712 | ---- | C] (Creative Technology Ltd.)
sfman32.dll -> C:\WINDOWS\System32\sfman32.dll -> [2010/03/04 18:06:35 | 000,051,200 | ---- | C] (Creative Technology Ltd.)
sfmanm.sys -> C:\WINDOWS\System32\drivers\sfmanm.sys -> [2010/03/04 18:06:35 | 000,036,480 | ---- | C] (Creative Technology Ltd.)
sfmanm.sys -> C:\WINDOWS\System32\dllcache\sfmanm.sys -> [2010/03/04 18:06:35 | 000,036,480 | ---- | C] (Creative Technology Ltd.)
sblfx.dll -> C:\WINDOWS\System32\sblfx.dll -> [2010/03/04 18:06:33 | 000,495,616 | ---- | C] (Creative Technology Ltd.)
sblfx.dll -> C:\WINDOWS\System32\dllcache\sblfx.dll -> [2010/03/04 18:06:33 | 000,495,616 | ---- | C] (Creative Technology Ltd.)
emu10k1m.sys -> C:\WINDOWS\System32\drivers\emu10k1m.sys -> [2010/03/04 18:06:33 | 000,283,904 | ---- | C] (Creative Technology Ltd.)
emu10k1m.sys -> C:\WINDOWS\System32\dllcache\emu10k1m.sys -> [2010/03/04 18:06:33 | 000,283,904 | ---- | C] (Creative Technology Ltd.)
devldr32.exe -> C:\WINDOWS\System32\dllcache\devldr32.exe -> [2010/03/04 18:06:32 | 000,024,064 | ---- | C] (Creative Technology Ltd.)
devldr32.exe -> C:\WINDOWS\System32\devldr32.exe -> [2010/03/04 18:06:32 | 000,024,064 | ---- | C] (Creative Technology Ltd.)
devcon32.dll -> C:\WINDOWS\System32\dllcache\devcon32.dll -> [2010/03/04 18:06:31 | 000,256,512 | ---- | C] (Creative Technology Ltd.)
devcon32.dll -> C:\WINDOWS\System32\devcon32.dll -> [2010/03/04 18:06:31 | 000,256,512 | ---- | C] (Creative Technology Ltd.)
ctwdm32.dll -> C:\WINDOWS\System32\dllcache\ctwdm32.dll -> [2010/03/04 18:06:31 | 000,004,096 | ---- | C] (Creative Technology Ltd.)
ctwdm32.dll -> C:\WINDOWS\System32\ctwdm32.dll -> [2010/03/04 18:06:31 | 000,004,096 | ---- | C] (Creative Technology Ltd.)
ctlfacem.sys -> C:\WINDOWS\System32\drivers\ctlfacem.sys -> [2010/03/04 18:06:14 | 000,006,912 | ---- | C] (Creative Technology Ltd.)
ctlfacem.sys -> C:\WINDOWS\System32\dllcache\ctlfacem.sys -> [2010/03/04 18:06:14 | 000,006,912 | ---- | C] (Creative Technology Ltd.)
WinRAR -> C:\Documents and Settings\User\Dados de aplicativos\WinRAR -> [2010/03/04 17:34:39 | 000,000,000 | ---D | C]
CEDP Stealer -> C:\Arquivos de programas\CEDP Stealer -> [2010/03/04 17:27:27 | 000,000,000 | ---D | C]
CNPJ2.6 2009 -> C:\Arquivos de programas\CNPJ2.6 2009 -> [2010/03/04 17:27:24 | 000,000,000 | ---D | C]
CertCli -> C:\Arquivos de programas\CertCli -> [2010/03/04 17:27:24 | 000,000,000 | ---D | C]
CNPJ2008 -> C:\Arquivos de programas\CNPJ2008 -> [2010/03/04 17:27:23 | 000,000,000 | ---D | C]
CNPJ2009 -> C:\Arquivos de programas\CNPJ2009 -> [2010/03/04 17:27:17 | 000,000,000 | ---D | C]
DFC 2003 -> C:\Arquivos de programas\DFC 2003 -> [2010/03/04 17:27:16 | 000,000,000 | ---D | C]
DFC 2004 -> C:\Arquivos de programas\DFC 2004 -> [2010/03/04 17:27:15 | 000,000,000 | ---D | C]
DFC GI 2006 -> C:\Arquivos de programas\DFC GI 2006 -> [2010/03/04 17:27:14 | 000,000,000 | ---D | C]
DFC 2005 -> C:\Arquivos de programas\DFC 2005 -> [2010/03/04 17:27:14 | 000,000,000 | ---D | C]
DFC GI 2007 -> C:\Arquivos de programas\DFC GI 2007 -> [2010/03/04 17:27:13 | 000,000,000 | ---D | C]
DFC GI 2009 -> C:\Arquivos de programas\DFC GI 2009 -> [2010/03/04 17:27:11 | 000,000,000 | ---D | C]
DFC GI 2008 -> C:\Arquivos de programas\DFC GI 2008 -> [2010/03/04 17:27:11 | 000,000,000 | ---D | C]
DFC-GI2010 -> C:\Arquivos de programas\DFC-GI2010 -> [2010/03/04 17:27:10 | 000,000,000 | ---D | C]
GPS -> C:\Arquivos de programas\GPS -> [2010/03/04 17:27:07 | 000,000,000 | ---D | C]
GPLGS -> C:\Arquivos de programas\GPLGS -> [2010/03/04 17:27:07 | 000,000,000 | ---D | C]
IBGE -> C:\Arquivos de programas\IBGE -> [2010/03/04 17:27:06 | 000,000,000 | ---D | C]
Programas RFB -> C:\Arquivos de programas\Programas RFB -> [2010/03/04 17:26:52 | 000,000,000 | ---D | C]
Programas SPED -> C:\Arquivos de programas\Programas SPED -> [2010/03/04 17:26:49 | 000,000,000 | ---D | C]
Programas SRF -> C:\Arquivos de programas\Programas SRF -> [2010/03/04 17:26:44 | 000,000,000 | ---D | C]
SEFAPR -> C:\Arquivos de programas\SEFAPR -> [2010/03/04 17:26:43 | 000,000,000 | ---D | C]
Utherverse Digital Inc -> C:\Arquivos de programas\Utherverse Digital Inc -> [2010/03/04 17:26:42 | 000,000,000 | ---D | C]
SRP -> C:\Arquivos de programas\SRP -> [2010/03/04 17:26:42 | 000,000,000 | ---D | C]
Validador Sintegra 2004 -> C:\Arquivos de programas\Validador Sintegra 2004 -> [2010/03/04 17:26:40 | 000,000,000 | ---D | C]
ValidaPR -> C:\Arquivos de programas\ValidaPR -> [2010/03/04 17:26:28 | 000,000,000 | ---D | C]
32788R22FWJFW -> C:\32788R22FWJFW -> [2010/03/04 17:26:28 | 000,000,000 | ---D | C]
Doc Imprimr -> C:\Documents and Settings\User\Desktop\Doc Imprimr -> [2010/03/04 17:26:27 | 000,000,000 | ---D | C]
Ab -> C:\Ab -> [2010/03/04 17:26:19 | 000,000,000 | R--D | C]
ATUAL INTERNETEXPLORER -> C:\ATUAL INTERNETEXPLORER -> [2010/03/04 17:26:16 | 000,000,000 | ---D | C]
Arquivos de Programas RFB -> C:\Arquivos de Programas RFB -> [2010/03/04 17:26:16 | 000,000,000 | ---D | C]
CAIXA -> C:\CAIXA -> [2010/03/04 17:26:12 | 000,000,000 | ---D | C]
Chave Conectividade -> C:\Chave Conectividade -> [2010/03/04 17:26:10 | 000,000,000 | ---D | C]
CatMpact -> C:\CatMpact -> [2010/03/04 17:26:10 | 000,000,000 | ---D | C]
database -> C:\database -> [2010/03/04 17:26:06 | 000,000,000 | ---D | C]
ENGDISC -> C:\ENGDISC -> [2010/03/04 17:26:02 | 000,000,000 | ---D | C]
GDRais2004 -> C:\GDRais2004 -> [2010/03/04 17:26:01 | 000,000,000 | ---D | C]
GDRais2003 -> C:\GDRais2003 -> [2010/03/04 17:26:01 | 000,000,000 | ---D | C]
GDRais2006 -> C:\GDRais2006 -> [2010/03/04 17:26:00 | 000,000,000 | ---D | C]
GDRais2005 -> C:\GDRais2005 -> [2010/03/04 17:26:00 | 000,000,000 | ---D | C]
GDRais2007 -> C:\GDRais2007 -> [2010/03/04 17:25:59 | 000,000,000 | ---D | C]
GDRais2008 -> C:\GDRais2008 -> [2010/03/04 17:25:56 | 000,000,000 | ---D | C]
GDRais2009 -> C:\GDRais2009 -> [2010/03/04 17:25:53 | 000,000,000 | ---D | C]
Lei1 -> C:\Lei1 -> [2010/03/04 17:25:50 | 000,000,000 | ---D | C]
Manuais da Precisa -> C:\Manuais da Precisa -> [2010/03/04 17:25:49 | 000,000,000 | ---D | C]
MSJVM -> C:\MSJVM -> [2010/03/04 17:25:47 | 000,000,000 | ---D | C]
pedidos -> C:\pedidos -> [2010/03/04 17:25:46 | 000,000,000 | ---D | C]
precisa -> C:\precisa -> [2010/03/04 17:25:28 | 000,000,000 | ---D | C]
PPP Precisa -> C:\PPP Precisa -> [2010/03/04 17:25:28 | 000,000,000 | ---D | C]
pi -> C:\pi -> [2010/03/04 17:25:28 | 000,000,000 | ---D | C]
RaisNet2004 -> C:\RaisNet2004 -> [2010/03/04 17:25:27 | 000,000,000 | ---D | C]
RaisNet2003 -> C:\RaisNet2003 -> [2010/03/04 17:25:27 | 000,000,000 | ---D | C]
PZIM -> C:\PZIM -> [2010/03/04 17:25:27 | 000,000,000 | ---D | C]
RaisNet2009 -> C:\RaisNet2009 -> [2010/03/04 17:25:26 | 000,000,000 | ---D | C]
RaisNet2008 -> C:\RaisNet2008 -> [2010/03/04 17:25:26 | 000,000,000 | ---D | C]
RaisNet2007 -> C:\RaisNet2007 -> [2010/03/04 17:25:26 | 000,000,000 | ---D | C]
RaisNet2006 -> C:\RaisNet2006 -> [2010/03/04 17:25:26 | 000,000,000 | ---D | C]
RaisNet2005 -> C:\RaisNet2005 -> [2010/03/04 17:25:26 | 000,000,000 | ---D | C]
SefaPr -> C:\SefaPr -> [2010/03/04 17:25:17 | 000,000,000 | ---D | C]
SEFIP -> C:\SEFIP -> [2010/03/04 17:25:10 | 000,000,000 | ---D | C]
Sicalcp -> C:\Sicalcp -> [2010/03/04 17:25:07 | 000,000,000 | ---D | C]
Sintegra -> C:\Sintegra -> [2010/03/04 17:25:05 | 000,000,000 | ---D | C]
unzipped -> C:\unzipped -> [2010/03/04 17:25:00 | 000,000,000 | ---D | C]
TABELAS FGTS E INSS -> C:\TABELAS FGTS E INSS -> [2010/03/04 17:25:00 | 000,000,000 | ---D | C]
VALIDA PR -> C:\VALIDA PR -> [2010/03/04 17:24:59 | 000,000,000 | ---D | C]
hidserv.dll -> C:\WINDOWS\System32\dllcache\hidserv.dll -> [2010/03/04 17:09:59 | 000,021,504 | ---- | C] (Microsoft Corporation)
kbdhid.sys -> C:\WINDOWS\System32\dllcache\kbdhid.sys -> [2010/03/04 17:09:57 | 000,014,720 | ---- | C] (Microsoft Corporation)
hidusb.sys -> C:\WINDOWS\System32\dllcache\hidusb.sys -> [2010/03/04 17:09:50 | 000,010,368 | ---- | C] (Microsoft Corporation)
usbccgp.sys -> C:\WINDOWS\System32\dllcache\usbccgp.sys -> [2010/03/04 17:09:46 | 000,032,128 | ---- | C] (Microsoft Corporation)
mdimon.dll -> C:\WINDOWS\System32\mdimon.dll -> [2010/03/04 17:03:58 | 000,030,512 | ---- | C] (Microsoft Corporation)
Microsoft Works -> C:\Arquivos de programas\Microsoft Works -> [2010/03/04 17:03:10 | 000,000,000 | ---D | C]
Microsoft Visual Studio -> C:\Arquivos de programas\Microsoft Visual Studio -> [2010/03/04 17:02:39 | 000,000,000 | ---D | C]
DESIGNER -> C:\Arquivos de programas\Arquivos comuns\DESIGNER -> [2010/03/04 17:02:39 | 000,000,000 | ---D | C]
SHELLNEW -> C:\WINDOWS\SHELLNEW -> [2010/03/04 16:57:12 | 000,000,000 | ---D | C]
Microsoft Help -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Microsoft Help -> [2010/03/04 16:57:00 | 000,000,000 | ---D | C]
Microsoft Office -> C:\Arquivos de programas\Microsoft Office -> [2010/03/04 16:56:53 | 000,000,000 | ---D | C]
Microsoft Help -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help -> [2010/03/04 16:56:53 | 000,000,000 | ---D | C]
MSOCache -> C:\MSOCache -> [2010/03/04 16:56:35 | 000,000,000 | RH-D | C]
avipbb.sys -> C:\WINDOWS\System32\drivers\avipbb.sys -> [2010/03/04 16:49:19 | 000,096,104 | ---- | C] (Avira GmbH)
avgntflt.sys -> C:\WINDOWS\System32\drivers\avgntflt.sys -> [2010/03/04 16:49:19 | 000,056,816 | ---- | C] (Avira GmbH)
avgntdd.sys -> C:\WINDOWS\System32\drivers\avgntdd.sys -> [2010/03/04 16:49:19 | 000,045,416 | ---- | C] (Avira GmbH)
avgntmgr.sys -> C:\WINDOWS\System32\drivers\avgntmgr.sys -> [2010/03/04 16:49:19 | 000,022,360 | ---- | C] (Avira GmbH)
ssmdrv.sys -> C:\WINDOWS\System32\drivers\ssmdrv.sys -> [2010/03/04 16:49:17 | 000,028,520 | ---- | C] (Avira GmbH)
Avira -> C:\Documents and Settings\All Users\Dados de aplicativos\Avira -> [2010/03/04 16:49:16 | 000,000,000 | ---D | C]
Avira -> C:\Arquivos de programas\Avira -> [2010/03/04 16:49:16 | 000,000,000 | ---D | C]
Tracing -> C:\Documents and Settings\User\Tracing -> [2010/03/04 16:48:28 | 000,000,000 | ---D | C]
Microsoft -> C:\Arquivos de programas\Microsoft -> [2010/03/04 16:47:10 | 000,000,000 | ---D | C]
microsoft -> C:\Documents and Settings\All Users\Documentos\microsoft -> [2010/03/04 16:46:49 | 000,000,000 | ---D | C]
Windows Live SkyDrive -> C:\Arquivos de programas\Windows Live SkyDrive -> [2010/03/04 16:46:34 | 000,000,000 | ---D | C]
Windows Live -> C:\Arquivos de programas\Windows Live -> [2010/03/04 16:46:06 | 000,000,000 | ---D | C]
Windows Live -> C:\Arquivos de programas\Arquivos comuns\Windows Live -> [2010/03/04 16:44:57 | 000,000,000 | ---D | C]
Ahead -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Ahead -> [2010/03/04 16:41:59 | 000,000,000 | ---D | C]
Nero -> C:\Documents and Settings\User\Dados de aplicativos\Nero -> [2010/03/04 16:41:26 | 000,000,000 | ---D | C]
Nero -> C:\Documents and Settings\All Users\Dados de aplicativos\Nero -> [2010/03/04 16:39:26 | 000,000,000 | ---D | C]
Nero -> C:\Arquivos de programas\Nero -> [2010/03/04 16:39:26 | 000,000,000 | ---D | C]
Nero -> C:\Arquivos de programas\Arquivos comuns\Nero -> [2010/03/04 16:39:26 | 000,000,000 | ---D | C]
d3dx9_30.dll -> C:\WINDOWS\System32\d3dx9_30.dll -> [2010/03/04 16:37:43 | 002,388,176 | ---- | C] (Microsoft Corporation)
d3dx9_28.dll -> C:\WINDOWS\System32\d3dx9_28.dll -> [2010/03/04 16:37:43 | 002,323,664 | ---- | C] (Microsoft Corporation)
Adobe -> C:\Documents and Settings\All Users\Dados de aplicativos\Adobe -> [2010/03/04 16:32:35 | 000,000,000 | ---D | C]
Adobe -> C:\Arquivos de programas\Arquivos comuns\Adobe -> [2010/03/04 16:32:29 | 000,000,000 | ---D | C]
XP Codec Pack -> C:\Arquivos de programas\XP Codec Pack -> [2010/03/04 16:30:50 | 000,000,000 | ---D | C]
Meus vídeos -> C:\Documents and Settings\User\Meus documentos\Meus vídeos -> [2010/03/04 16:28:09 | 000,000,000 | R--D | C]
spmsg.dll -> C:\WINDOWS\System32\spmsg.dll -> [2010/03/04 16:27:11 | 000,014,640 | ---- | C] (Microsoft Corporation)
Windows Media Connect 2 -> C:\Arquivos de programas\Windows Media Connect 2 -> [2010/03/04 16:26:57 | 000,000,000 | ---D | C]
UMDF -> C:\WINDOWS\System32\drivers\UMDF -> [2010/03/04 16:26:08 | 000,000,000 | ---D | C]
LogFiles -> C:\WINDOWS\System32\LogFiles -> [2010/03/04 16:26:08 | 000,000,000 | ---D | C]
Windows Genuine Advantage -> C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage -> [2010/03/04 16:25:31 | 000,000,000 | ---D | C]
WinRAR -> C:\Arquivos de programas\WinRAR -> [2010/03/04 16:24:08 | 000,000,000 | ---D | C]
msvcp71.dll -> C:\WINDOWS\System32\msvcp71.dll -> [2010/03/04 16:23:43 | 000,499,712 | ---- | C] (Microsoft Corporation)
msvcr71.dll -> C:\WINDOWS\System32\msvcr71.dll -> [2010/03/04 16:23:43 | 000,348,160 | ---- | C] (Microsoft Corporation)
Adobe -> C:\WINDOWS\System32\Adobe -> [2010/03/04 16:23:38 | 000,000,000 | ---D | C]
Sun -> C:\Documents and Settings\All Users\Dados de aplicativos\Sun -> [2010/03/04 16:23:26 | 000,000,000 | ---D | C]
Sun -> C:\Documents and Settings\User\Dados de aplicativos\Sun -> [2010/03/04 16:22:20 | 000,000,000 | ---D | C]
IECompatCache -> C:\Documents and Settings\User\IECompatCache -> [2010/03/04 16:21:43 | 000,000,000 | -HSD | C]
PrivacIE -> C:\Documents and Settings\User\PrivacIE -> [2010/03/04 16:21:34 | 000,000,000 | -HSD | C]
IETldCache -> C:\Documents and Settings\User\IETldCache -> [2010/03/04 16:20:59 | 000,000,000 | -HSD | C]
WBEM -> C:\WINDOWS\WBEM -> [2010/03/04 16:19:18 | 000,000,000 | ---D | C]
spupdsvc.exe -> C:\WINDOWS\System32\spupdsvc.exe -> [2010/03/04 16:19:04 | 000,026,144 | ---- | C] (Microsoft Corporation)
ie8 -> C:\WINDOWS\ie8 -> [2010/03/04 16:18:17 | 000,000,000 | -H-D | C]
WgaTray.exe -> C:\WINDOWS\System32\WgaTray.exe -> [2010/03/04 16:15:20 | 000,332,672 | ---- | C] (Microsoft Corporation)
dmusic.sys -> C:\WINDOWS\System32\dllcache\dmusic.sys -> [2010/03/04 16:04:59 | 000,052,864 | ---- | C] (Microsoft Corporation)
swmidi.sys -> C:\WINDOWS\System32\dllcache\swmidi.sys -> [2010/03/04 16:04:57 | 000,056,576 | ---- | C] (Microsoft Corporation)
aec.sys -> C:\WINDOWS\System32\dllcache\aec.sys -> [2010/03/04 16:04:55 | 000,142,592 | ---- | C] (Microsoft Corporation)
kmixer.sys -> C:\WINDOWS\System32\dllcache\kmixer.sys -> [2010/03/04 16:04:53 | 000,172,416 | ---- | C] (Microsoft Corporation)
drmkaud.sys -> C:\WINDOWS\System32\dllcache\drmkaud.sys -> [2010/03/04 16:04:52 | 000,002,944 | ---- | C] (Microsoft Corporation)
sysaudio.sys -> C:\WINDOWS\System32\dllcache\sysaudio.sys -> [2010/03/04 16:04:51 | 000,060,800 | ---- | C] (Microsoft Corporation)
mskssrv.sys -> C:\WINDOWS\System32\dllcache\mskssrv.sys -> [2010/03/04 16:04:49 | 000,007,552 | ---- | C] (Microsoft Corporation)
mspqm.sys -> C:\WINDOWS\System32\dllcache\mspqm.sys -> [2010/03/04 16:04:47 | 000,004,992 | ---- | C] (Microsoft Corporation)
mspclock.sys -> C:\WINDOWS\System32\dllcache\mspclock.sys -> [2010/03/04 16:04:45 | 000,005,376 | ---- | C] (Microsoft Corporation)
gameenum.sys -> C:\WINDOWS\System32\drivers\gameenum.sys -> [2010/03/04 16:04:42 | 000,010,624 | ---- | C] (Microsoft Corporation)
gameenum.sys -> C:\WINDOWS\System32\dllcache\gameenum.sys -> [2010/03/04 16:04:42 | 000,010,624 | ---- | C] (Microsoft Corporation)
portcls.sys -> C:\WINDOWS\System32\drivers\portcls.sys -> [2010/03/04 16:04:37 | 000,146,048 | ---- | C] (Microsoft Corporation)
portcls.sys -> C:\WINDOWS\System32\dllcache\portcls.sys -> [2010/03/04 16:04:37 | 000,146,048 | ---- | C] (Microsoft Corporation)
ksuser.dll -> C:\WINDOWS\System32\ksuser.dll -> [2010/03/04 16:04:37 | 000,004,096 | ---- | C] (Microsoft Corporation)
ksuser.dll -> C:\WINDOWS\System32\dllcache\ksuser.dll -> [2010/03/04 16:04:37 | 000,004,096 | ---- | C] (Microsoft Corporation)
ksproxy.ax -> C:\WINDOWS\System32\ksproxy.ax -> [2010/03/04 16:04:36 | 000,129,536 | ---- | C] (Microsoft Corporation)
ksproxy.ax -> C:\WINDOWS\System32\dllcache\ksproxy.ax -> [2010/03/04 16:04:36 | 000,129,536 | ---- | C] (Microsoft Corporation)
drmk.sys -> C:\WINDOWS\System32\drivers\drmk.sys -> [2010/03/04 16:04:36 | 000,060,160 | ---- | C] (Microsoft Corporation)
drmk.sys -> C:\WINDOWS\System32\dllcache\drmk.sys -> [2010/03/04 16:04:36 | 000,060,160 | ---- | C] (Microsoft Corporation)
mixer.exe -> C:\WINDOWS\mixer.exe -> [2010/03/04 16:04:30 | 001,855,488 | ---- | C] (C-Media Electronic Inc. (www.cmedia.com.tw))
crlds3d.dll -> C:\WINDOWS\System\crlds3d.dll -> [2010/03/04 16:04:30 | 000,765,952 | ---- | C] (Sensaura Ltd)
Audio3D.dll -> C:\WINDOWS\System32\Audio3D.dll -> [2010/03/04 16:04:30 | 000,712,704 | ---- | C] (Sensaura Ltd)
a3d.dll -> C:\WINDOWS\System32\dllcache\a3d.dll -> [2010/03/04 16:04:30 | 000,712,704 | ---- | C] (Sensaura Ltd)
a3d.dll -> C:\WINDOWS\System32\a3d.dll -> [2010/03/04 16:04:30 | 000,712,704 | ---- | C] (Sensaura Ltd)
cmaudio.sys -> C:\WINDOWS\System32\drivers\cmaudio.sys -> [2010/03/04 16:04:30 | 000,377,358 | ---- | C] (C-Media Inc)
cmuninst.exe -> C:\WINDOWS\cmuninst.exe -> [2010/03/04 16:04:30 | 000,139,264 | ---- | C] (C-Media Electronics Inc.)
cmuninst.dat -> C:\WINDOWS\cmuninst.dat -> [2010/03/04 16:04:30 | 000,135,168 | ---- | C] (C-Media Electronics Inc.)
cmnprop.dll -> C:\WINDOWS\System32\cmnprop.dll -> [2010/03/04 16:04:30 | 000,032,768 | ---- | C] (C-Media Corporation)
Program Files -> C:\Program Files -> [2010/03/04 16:04:30 | 000,000,000 | ---D | C]
UserData -> C:\Documents and Settings\User\UserData -> [2010/03/04 16:00:41 | 000,000,000 | -HSD | C]
ipfnd51.sys -> C:\WINDOWS\System32\drivers\ipfnd51.sys -> [2010/03/04 15:50:10 | 000,026,752 | ---- | C] (ENCORE ELECTRONICS, INC. )
nvudisp.exe -> C:\WINDOWS\System32\nvudisp.exe -> [2010/03/04 15:48:16 | 000,600,680 | ---- | C] (NVIDIA Corporation)
NVUNINST.EXE -> C:\WINDOWS\System32\NVUNINST.EXE -> [2010/03/04 15:48:05 | 000,600,680 | ---- | C] (NVIDIA Corporation)
NVIDIA -> C:\NVIDIA -> [2010/03/04 15:47:54 | 000,000,000 | ---D | C]
Macromedia -> C:\Documents and Settings\User\Dados de aplicativos\Macromedia -> [2010/03/04 15:44:43 | 000,000,000 | ---D | C]
Adobe -> C:\Documents and Settings\User\Dados de aplicativos\Adobe -> [2010/03/04 15:44:42 | 000,000,000 | ---D | C]
usbstor.sys -> C:\WINDOWS\System32\dllcache\usbstor.sys -> [2010/03/04 15:11:22 | 000,026,368 | ---- | C] (Microsoft Corporation)
RECYCLER -> C:\RECYCLER -> [2010/03/04 15:06:15 | 000,000,000 | -HSD | C]
Identities -> C:\Documents and Settings\User\Dados de aplicativos\Identities -> [2010/03/04 14:58:33 | 000,000,000 | ---D | C]
Uninstall Information -> C:\Arquivos de programas\Uninstall Information -> [2010/03/04 14:58:31 | 000,000,000 | -H-D | C]
Minhas músicas -> C:\Documents and Settings\User\Meus documentos\Minhas músicas -> [2010/03/04 14:58:29 | 000,000,000 | R--D | C]
Minhas imagens -> C:\Documents and Settings\User\Meus documentos\Minhas imagens -> [2010/03/04 14:58:29 | 000,000,000 | R--D | C]
Microsoft -> C:\Documents and Settings\User\Dados de aplicativos\Microsoft -> [2010/03/04 14:58:23 | 000,000,000 | --SD | C]
SendTo -> C:\Documents and Settings\User\SendTo -> [2010/03/04 14:58:23 | 000,000,000 | RH-D | C]
Dados de aplicativos -> C:\Documents and Settings\User\Dados de aplicativos -> [2010/03/04 14:58:23 | 000,000,000 | RH-D | C]
Meus documentos -> C:\Documents and Settings\User\Meus documentos -> [2010/03/04 14:58:23 | 000,000,000 | R--D | C]
Menu Iniciar -> C:\Documents and Settings\User\Menu Iniciar -> [2010/03/04 14:58:23 | 000,000,000 | R--D | C]
Favoritos -> C:\Documents and Settings\User\Favoritos -> [2010/03/04 14:58:23 | 000,000,000 | R--D | C]
Cookies -> C:\Documents and Settings\User\Cookies -> [2010/03/04 14:58:23 | 000,000,000 | -HSD | C]
Modelos -> C:\Documents and Settings\User\Modelos -> [2010/03/04 14:58:23 | 000,000,000 | -H-D | C]
Configurações locais -> C:\Documents and Settings\User\Configurações locais -> [2010/03/04 14:58:23 | 000,000,000 | -H-D | C]
Ambiente de rede -> C:\Documents and Settings\User\Ambiente de rede -> [2010/03/04 14:58:23 | 000,000,000 | -H-D | C]
Ambiente de impressão -> C:\Documents and Settings\User\Ambiente de impressão -> [2010/03/04 14:58:23 | 000,000,000 | -H-D | C]
Microsoft -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Microsoft -> [2010/03/04 14:58:23 | 000,000,000 | ---D | C]
Desktop -> C:\Documents and Settings\User\Desktop -> [2010/03/04 14:58:23 | 000,000,000 | ---D | C]
SoftwareDistribution -> C:\WINDOWS\SoftwareDistribution -> [2010/03/04 14:46:55 | 000,000,000 | ---D | C]
Microsoft -> C:\WINDOWS\System32\Microsoft -> [2010/03/04 14:46:46 | 000,000,000 | --SD | C]
Prefetch -> C:\WINDOWS\Prefetch -> [2010/03/04 14:46:46 | 000,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft -> [2010/03/04 14:46:45 | 000,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft -> [2010/03/04 14:46:44 | 000,000,000 | --SD | C]
Microsoft -> C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft -> [2010/03/04 14:41:49 | 000,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft -> [2010/03/04 14:41:48 | 000,000,000 | --SD | C]
winzm.ime -> C:\WINDOWS\System32\dllcache\winzm.ime -> [2010/03/04 14:40:15 | 000,156,672 | ---- | C] (Microsoft Corporation)
winsp.ime -> C:\WINDOWS\System32\dllcache\winsp.ime -> [2010/03/04 14:40:15 | 000,156,672 | ---- | C] (Microsoft Corporation)
winpy.ime -> C:\WINDOWS\System32\dllcache\winpy.ime -> [2010/03/04 14:40:15 | 000,156,672 | ---- | C] (Microsoft Corporation)
winime.ime -> C:\WINDOWS\System32\dllcache\winime.ime -> [2010/03/04 14:40:15 | 000,065,536 | ---- | C] (Microsoft Corporation)
winar30.ime -> C:\WINDOWS\System32\dllcache\winar30.ime -> [2010/03/04 14:40:14 | 000,079,360 | ---- | C] (Microsoft Corporation)
wingb.ime -> C:\WINDOWS\System32\dllcache\wingb.ime -> [2010/03/04 14:40:14 | 000,072,704 | ---- | C] (Microsoft Corporation)
weitekp9.dll -> C:\WINDOWS\System32\dllcache\weitekp9.dll -> [2010/03/04 14:40:13 | 000,041,600 | ---- | C] (Microsoft Corporation)
weitekp9.sys -> C:\WINDOWS\System32\dllcache\weitekp9.sys -> [2010/03/04 14:40:13 | 000,031,488 | ---- | C] (Microsoft Corporation)
wam51.dll -> C:\WINDOWS\System32\dllcache\wam51.dll -> [2010/03/04 14:40:12 | 000,078,336 | ---- | C] (Microsoft Corporation)
wamreg51.dll -> C:\WINDOWS\System32\dllcache\wamreg51.dll -> [2010/03/04 14:40:12 | 000,053,248 | ---- | C] (Microsoft Corporation)
wamps51.dll -> C:\WINDOWS\System32\dllcache\wamps51.dll -> [2010/03/04 14:40:12 | 000,009,216 | ---- | C] (Microsoft Corporation)
w3svc.dll -> C:\WINDOWS\System32\dllcache\w3svc.dll -> [2010/03/04 14:40:11 | 000,368,128 | ---- | C] (Microsoft Corporation)
voicesub.dll -> C:\WINDOWS\System32\dllcache\voicesub.dll -> [2010/03/04 14:40:11 | 000,086,073 | ---- | C] (Microsoft Corporation)
w3ext.dll -> C:\WINDOWS\System32\dllcache\w3ext.dll -> [2010/03/04 14:40:11 | 000,074,240 | ---- | C] (Microsoft Corporation)
w32.dll -> C:\WINDOWS\System32\dllcache\w32.dll -> [2010/03/04 14:40:11 | 000,048,256 | ---- | C] (Microsoft Corporation)
w3svapi.dll -> C:\WINDOWS\System32\dllcache\w3svapi.dll -> [2010/03/04 14:40:11 | 000,005,632 | ---- | C] (Microsoft Corporation)
w3ctrs51.dll -> C:\WINDOWS\System32\dllcache\w3ctrs51.dll -> [2010/03/04 14:40:11 | 000,004,608 | ---- | C] (Microsoft Corporation)
voicepad.dll -> C:\WINDOWS\System32\dllcache\voicepad.dll -> [2010/03/04 14:40:10 | 000,426,041 | ---- | C] (Microsoft Corporation)
uniime.dll -> C:\WINDOWS\System32\dllcache\uniime.dll -> [2010/03/04 14:40:09 | 000,076,288 | ---- | C] (Microsoft Corporation)
uihelper.dll -> C:\WINDOWS\System32\dllcache\uihelper.dll -> [2010/03/04 14:40:08 | 000,103,936 | ---- | C] (Microsoft Corporation)
unicdime.ime -> C:\WINDOWS\System32\dllcache\unicdime.ime -> [2010/03/04 14:40:08 | 000,065,024 | ---- | C] (Microsoft Corporation)
tsprof.exe -> C:\WINDOWS\System32\dllcache\tsprof.exe -> [2010/03/04 14:40:08 | 000,014,336 | ---- | C] (Microsoft Corporation)
tools.dll -> C:\WINDOWS\System32\dllcache\tools.dll -> [2010/03/04 14:40:07 | 000,033,792 | ---- | C] (Microsoft Corporation)
tintlgnt.ime -> C:\WINDOWS\System32\dllcache\tintlgnt.ime -> [2010/03/04 14:40:06 | 000,571,392 | ---- | C] (Microsoft Corporation)
tintsetp.exe -> C:\WINDOWS\System32\dllcache\tintsetp.exe -> [2010/03/04 14:40:06 | 000,455,168 | ---- | C] (Microsoft Corporation)
thawbrkr.dll -> C:\WINDOWS\System32\dllcache\thawbrkr.dll -> [2010/03/04 14:40:06 | 000,185,344 | ---- | C] (Microsoft Corporation)
tintlphr.exe -> C:\WINDOWS\System32\dllcache\tintlphr.exe -> [2010/03/04 14:40:06 | 000,044,032 | ---- | C] (Microsoft Corporation)
tmigrate.dll -> C:\WINDOWS\System32\dllcache\tmigrate.dll -> [2010/03/04 14:40:06 | 000,010,240 | ---- | C] (Microsoft Corporation)
tdipx.sys -> C:\WINDOWS\System32\dllcache\tdipx.sys -> [2010/03/04 14:40:05 | 000,021,896 | ---- | C] (Microsoft Corporation)
tdspx.sys -> C:\WINDOWS\System32\dllcache\tdspx.sys -> [2010/03/04 14:40:05 | 000,019,464 | ---- | C] (Microsoft Corporation)
tdasync.sys -> C:\WINDOWS\System32\dllcache\tdasync.sys -> [2010/03/04 14:40:05 | 000,013,192 | ---- | C] (Microsoft Corporation)
svcext51.dll -> C:\WINDOWS\System32\dllcache\svcext51.dll -> [2010/03/04 14:40:03 | 000,046,592 | ---- | C] (Microsoft Corporation)
sspifilt.dll -> C:\WINDOWS\System32\dllcache\sspifilt.dll -> [2010/03/04 14:40:03 | 000,046,592 | ---- | C] (Microsoft Corporation)
ssinc51.dll -> C:\WINDOWS\System32\dllcache\ssinc51.dll -> [2010/03/04 14:40:03 | 000,045,056 | ---- | C] (Microsoft Corporation)
status.dll -> C:\WINDOWS\System32\dllcache\status.dll -> [2010/03/04 14:40:03 | 000,016,896 | ---- | C] (Microsoft Corporation)
srusbusd.dll -> C:\WINDOWS\System32\dllcache\srusbusd.dll -> [2010/03/04 14:40:02 | 000,101,376 | ---- | C] (Microsoft Corporation)
softkey.dll -> C:\WINDOWS\System32\dllcache\softkey.dll -> [2010/03/04 14:40:01 | 000,143,422 | ---- | C] (Microsoft Corporation)
snmpincl.dll -> C:\WINDOWS\System32\dllcache\snmpincl.dll -> [2010/03/04 14:40:00 | 000,358,400 | ---- | C] (Microsoft Corporation)
snmpcl.dll -> C:\WINDOWS\System32\dllcache\snmpcl.dll -> [2010/03/04 14:40:00 | 000,259,072 | ---- | C] (Microsoft Corporation)
snmpsmir.dll -> C:\WINDOWS\System32\dllcache\snmpsmir.dll -> [2010/03/04 14:40:00 | 000,188,416 | ---- | C] (Microsoft Corporation)
snmpthrd.dll -> C:\WINDOWS\System32\dllcache\snmpthrd.dll -> [2010/03/04 14:40:00 | 000,039,936 | ---- | C] (Microsoft Corporation)
snmpstup.dll -> C:\WINDOWS\System32\dllcache\snmpstup.dll -> [2010/03/04 14:40:00 | 000,010,240 | ---- | C] (Microsoft Corporation)
snmptrap.exe -> C:\WINDOWS\System32\dllcache\snmptrap.exe -> [2010/03/04 14:40:00 | 000,008,704 | ---- | C] (Microsoft Corporation)
EXCH_snprfdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll -> [2010/03/04 14:40:00 | 000,007,168 | ---- | C] (Microsoft Corporation)
snmpmib.dll -> C:\WINDOWS\System32\dllcache\snmpmib.dll -> [2010/03/04 14:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation)
smtpsvc.dll -> C:\WINDOWS\System32\dllcache\smtpsvc.dll -> [2010/03/04 14:39:59 | 000,463,360 | ---- | C] (Microsoft Corporation)
snmp.exe -> C:\WINDOWS\System32\dllcache\snmp.exe -> [2010/03/04 14:39:59 | 000,033,280 | ---- | C] (Microsoft Corporation)
EXCH_smtpctrs.dll -> C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll -> [2010/03/04 14:39:59 | 000,012,800 | ---- | C] (Microsoft Corporation
)
smtpapi.dll -> C:\WINDOWS\System32\dllcache\smtpapi.dll -> [2010/03/04 14:39:59 | 000,010,752 | ---- | C] (Microsoft Corporation)
smimsgif.dll -> C:\WINDOWS\System32\dllcache\smimsgif.dll -> [2010/03/04 14:39:59 | 000,005,632 | ---- | C] (Microsoft Corporation)
smi2smir.exe -> C:\WINDOWS\System32\dllcache\smi2smir.exe -> [2010/03/04 14:39:58 | 000,236,544 | ---- | C] (Microsoft Corporation)
sm9aw.dll -> C:\WINDOWS\System32\dllcache\sm9aw.dll -> [2010/03/04 14:39:58 | 000,038,912 | ---- | C] (Microsoft Corporation)
smb6w.dll -> C:\WINDOWS\System32\dllcache\smb6w.dll -> [2010/03/04 14:39:58 | 000,031,744 | ---- | C] (Microsoft Corporation)
sma3w.dll -> C:\WINDOWS\System32\dllcache\sma3w.dll -> [2010/03/04 14:39:58 | 000,031,744 | ---- | C] (Microsoft Corporation)
sm93w.dll -> C:\WINDOWS\System32\dllcache\sm93w.dll -> [2010/03/04 14:39:58 | 000,026,624 | ---- | C] (Microsoft Corporation)
sm92w.dll -> C:\WINDOWS\System32\dllcache\sm92w.dll -> [2010/03/04 14:39:58 | 000,026,624 | ---- | C] (Microsoft Corporation)
sm90w.dll -> C:\WINDOWS\System32\dllcache\sm90w.dll -> [2010/03/04 14:39:58 | 000,026,112 | ---- | C] (Microsoft Corporation)
sm8dw.dll -> C:\WINDOWS\System32\dllcache\sm8dw.dll -> [2010/03/04 14:39:58 | 000,026,112 | ---- | C] (Microsoft Corporation)
smierrsm.dll -> C:\WINDOWS\System32\dllcache\smierrsm.dll -> [2010/03/04 14:39:58 | 000,015,872 | ---- | C] (Microsoft Corporation)
smierrsy.dll -> C:\WINDOWS\System32\dllcache\smierrsy.dll -> [2010/03/04 14:39:58 | 000,005,632 | ---- | C] (Microsoft Corporation)
sm87w.dll -> C:\WINDOWS\System32\dllcache\sm87w.dll -> [2010/03/04 14:39:57 | 000,030,208 | ---- | C] (Microsoft Corporation)
sm81w.dll -> C:\WINDOWS\System32\dllcache\sm81w.dll -> [2010/03/04 14:39:57 | 000,030,208 | ---- | C] (Microsoft Corporation)
sm8cw.dll -> C:\WINDOWS\System32\dllcache\sm8cw.dll -> [2010/03/04 14:39:57 | 000,029,184 | ---- | C] (Microsoft Corporation)
sm8aw.dll -> C:\WINDOWS\System32\dllcache\sm8aw.dll -> [2010/03/04 14:39:57 | 000,026,112 | ---- | C] (Microsoft Corporation)
sm89w.dll -> C:\WINDOWS\System32\dllcache\sm89w.dll -> [2010/03/04 14:39:57 | 000,026,112 | ---- | C] (Microsoft Corporation)
sm59w.dll -> C:\WINDOWS\System32\dllcache\sm59w.dll -> [2010/03/04 14:39:57 | 000,025,088 | ---- | C] (Microsoft Corporation)
simptcp.dll -> C:\WINDOWS\System32\dllcache\simptcp.dll -> [2010/03/04 14:39:57 | 000,019,456 | ---- | C] (Microsoft Corporation)
seo.dll -> C:\WINDOWS\System32\dllcache\seo.dll -> [2010/03/04 14:39:54 | 000,221,696 | ---- | C] (Microsoft Corporation)
EXCH_scripto.dll -> C:\WINDOWS\System32\dllcache\EXCH_scripto.dll -> [2010/03/04 14:39:54 | 000,057,856 | ---- | C] (Microsoft Corporation)
EXCH_seos.dll -> C:\WINDOWS\System32\dllcache\EXCH_seos.dll -> [2010/03/04 14:39:54 | 000,026,112 | ---- | C] (Microsoft Corporation)
rwia330.dll -> C:\WINDOWS\System32\dllcache\rwia330.dll -> [2010/03/04 14:39:53 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.)
rwnh.dll -> C:\WINDOWS\System32\dllcache\rwnh.dll -> [2010/03/04 14:39:53 | 000,009,728 | ---- | C] (Microsoft Corporation)
rwia001.dll -> C:\WINDOWS\System32\dllcache\rwia001.dll -> [2010/03/04 14:39:52 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.)
rw330ext.dll -> C:\WINDOWS\System32\dllcache\rw330ext.dll -> [2010/03/04 14:39:52 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.)
rw001ext.dll -> C:\WINDOWS\System32\dllcache\rw001ext.dll -> [2010/03/04 14:39:52 | 000,028,160 | ---- | C] (Microsoft Corporation)
romanime.ime -> C:\WINDOWS\System32\dllcache\romanime.ime -> [2010/03/04 14:39:51 | 000,026,112 | ---- | C] (Microsoft Corporation)
rpcref.dll -> C:\WINDOWS\System32\dllcache\rpcref.dll -> [2010/03/04 14:39:51 | 000,004,096 | ---- | C] (Microsoft Corporation)
EXCH_regtrace.exe -> C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe -> [2010/03/04 14:39:50 | 000,023,040 | ---- | C] (Microsoft Corporation)
register.exe -> C:\WINDOWS\System32\dllcache\register.exe -> [2010/03/04 14:39:50 | 000,014,848 | ---- | C] (Microsoft Corporation)
ramdisk.sys -> C:\WINDOWS\System32\dllcache\ramdisk.sys -> [2010/03/04 14:39:49 | 000,020,736 | ---- | C] (Microsoft Corporation)
quser.exe -> C:\WINDOWS\System32\dllcache\quser.exe -> [2010/03/04 14:39:49 | 000,016,896 | ---- | C] (Microsoft Corporation)
quick.ime -> C:\WINDOWS\System32\dllcache\quick.ime -> [2010/03/04 14:39:48 | 000,077,824 | ---- | C] (Microsoft Corporation)
query.exe -> C:\WINDOWS\System32\dllcache\query.exe -> [2010/03/04 14:39:48 | 000,009,728 | ---- | C] (Microsoft Corporation)
pwsdata.dll -> C:\WINDOWS\System32\dllcache\pwsdata.dll -> [2010/03/04 14:39:47 | 000,007,680 | ---- | C] (Microsoft Corporation)
pmxviceo.dll -> C:\WINDOWS\System32\dllcache\pmxviceo.dll -> [2010/03/04 14:39:46 | 000,131,584 | ---- | C] (Microsoft Corporation)
pintlphr.exe -> C:\WINDOWS\System32\dllcache\pintlphr.exe -> [2010/03/04 14:39:46 | 000,070,144 | ---- | C] (Microsoft Corporation)
pmigrate.dll -> C:\WINDOWS\System32\dllcache\pmigrate.dll -> [2010/03/04 14:39:46 | 000,067,584 | ---- | C] (Microsoft Corporation)
pmxmcro.dll -> C:\WINDOWS\System32\dllcache\pmxmcro.dll -> [2010/03/04 14:39:46 | 000,011,264 | ---- | C] (Microsoft Corporation)
pmxgl.dll -> C:\WINDOWS\System32\dllcache\pmxgl.dll -> [2010/03/04 14:39:46 | 000,006,144 | ---- | C] (Microsoft Corporation)
pintlgnt.ime -> C:\WINDOWS\System32\dllcache\pintlgnt.ime -> [2010/03/04 14:39:45 | 000,482,304 | ---- | C] (Microsoft Corporation)
phon.ime -> C:\WINDOWS\System32\dllcache\phon.ime -> [2010/03/04 14:39:45 | 000,079,360 | ---- | C] (Microsoft Corporation)
pintlcsd.dll -> C:\WINDOWS\System32\dllcache\pintlcsd.dll -> [2010/03/04 14:39:45 | 000,053,760 | ---- | C] (Microsoft Corporation)
permchk.dll -> C:\WINDOWS\System32\dllcache\permchk.dll -> [2010/03/04 14:39:45 | 000,020,992 | ---- | C] (Microsoft Corporation)
padrs411.dll -> C:\WINDOWS\System32\dllcache\padrs411.dll -> [2010/03/04 14:39:44 | 000,036,927 | ---- | C] (Microsoft Corporation)
pagecnt.dll -> C:\WINDOWS\System32\dllcache\pagecnt.dll -> [2010/03/04 14:39:44 | 000,031,744 | ---- | C] (Microsoft Corporation)
padrs404.dll -> C:\WINDOWS\System32\dllcache\padrs404.dll -> [2010/03/04 14:39:44 | 000,015,872 | ---- | C] (Microsoft Corporation)
padrs804.dll -> C:\WINDOWS\System32\dllcache\padrs804.dll -> [2010/03/04 14:39:44 | 000,015,360 | ---- | C] (Microsoft Corporation)
padrs412.dll -> C:\WINDOWS\System32\dllcache\padrs412.dll -> [2010/03/04 14:39:44 | 000,014,336 | ---- | C] (Microsoft Corporation)
nsepm.dll -> C:\WINDOWS\System32\dllcache\nsepm.dll -> [2010/03/04 14:39:41 | 000,045,056 | ---- | C] (Microsoft Corporation)
EXCH_ntfsdrv.dll -> C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll -> [2010/03/04 14:39:41 | 000,038,912 | ---- | C] (Microsoft Corporation)
nextlink.dll -> C:\WINDOWS\System32\dllcache\nextlink.dll -> [2010/03/04 14:39:40 | 000,053,248 | ---- | C] (Microsoft Corporation)
multibox.dll -> C:\WINDOWS\System32\dllcache\multibox.dll -> [2010/03/04 14:39:38 | 000,229,439 | ---- | C] (Microsoft Corporation)
mtstocom.exe -> C:\WINDOWS\System32\dllcache\mtstocom.exe -> [2010/03/04 14:39:38 | 000,119,808 | ---- | C] (Microsoft Corporation)
msir3jp.lex -> C:\WINDOWS\System32\dllcache\msir3jp.lex -> [2010/03/04 14:39:34 | 001,875,968 | ---- | C] (Microsoft Corporation)
msir3jp.dll -> C:\WINDOWS\System32\dllcache\msir3jp.dll -> [2010/03/04 14:39:34 | 000,098,304 | ---- | C] (Microsoft Corporation)
msiregmv.exe -> C:\WINDOWS\System32\dllcache\msiregmv.exe -> [2010/03/04 14:39:34 | 000,040,960 | ---- | C] (Microsoft Corporation)
migregdb.exe -> C:\WINDOWS\System32\dllcache\migregdb.exe -> [2010/03/04 14:39:28 | 000,007,680 | ---- | C] (Microsoft Corporation)
mga.sys -> C:\WINDOWS\System32\dllcache\mga.sys -> [2010/03/04 14:39:27 | 000,092,416 | ---- | C] (Microsoft Corporation)
mga.dll -> C:\WINDOWS\System32\dllcache\mga.dll -> [2010/03/04 14:39:27 | 000,092,032 | ---- | C] (Microsoft Corporation)
metada51.dll -> C:\WINDOWS\System32\dllcache\metada51.dll -> [2010/03/04 14:39:27 | 000,086,016 | ---- | C] (Microsoft Corporation)
md5filt.dll -> C:\WINDOWS\System32\dllcache\md5filt.dll -> [2010/03/04 14:39:27 | 000,037,888 | ---- | C] (Microsoft Corporation)
mdsync.dll -> C:\WINDOWS\System32\dllcache\mdsync.dll -> [2010/03/04 14:39:27 | 000,026,624 | ---- | C] (Microsoft Corporation)
EXCH_mailmsg.dll -> C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll -> [2010/03/04 14:39:26 | 000,065,536 | ---- | C] (Microsoft Corporation)
lpdsvc.dll -> C:\WINDOWS\System32\dllcache\lpdsvc.dll -> [2010/03/04 14:39:25 | 000,023,040 | ---- | C] (Microsoft Corporation)
logscrpt.dll -> C:\WINDOWS\System32\dllcache\logscrpt.dll -> [2010/03/04 14:39:25 | 000,022,016 | ---- | C] (Microsoft Corporation)
lprmon.dll -> C:\WINDOWS\System32\dllcache\lprmon.dll -> [2010/03/04 14:39:25 | 000,019,456 | ---- | C] (Microsoft Corporation)
lonsint.dll -> C:\WINDOWS\System32\dllcache\lonsint.dll -> [2010/03/04 14:39:25 | 000,013,312 | ---- | C] (Microsoft Corporation)
lmmib2.dll -> C:\WINDOWS\System32\dllcache\lmmib2.dll -> [2010/03/04 14:39:24 | 000,033,792 | ---- | C] (Microsoft Corporation)
korwbrkr.dll -> C:\WINDOWS\System32\dllcache\korwbrkr.dll -> [2010/03/04 14:39:23 | 000,070,656 | ---- | C] (Microsoft Corporation)
kbdvntc.dll -> C:\WINDOWS\System32\dllcache\kbdvntc.dll -> [2010/03/04 14:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdusa.dll -> C:\WINDOWS\System32\dllcache\kbdusa.dll -> [2010/03/04 14:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdurdu.dll -> C:\WINDOWS\System32\dllcache\kbdurdu.dll -> [2010/03/04 14:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdnecat.dll -> C:\WINDOWS\System32\dllcache\kbdnecat.dll -> [2010/03/04 14:39:22 | 000,009,216 | ---- | C] (Microsoft Corporation)
kbdnecnt.dll -> C:\WINDOWS\System32\dllcache\kbdnecnt.dll -> [2010/03/04 14:39:22 | 000,007,680 | ---- | C] (Microsoft Corporation)
kbdth3.dll -> C:\WINDOWS\System32\dllcache\kbdth3.dll -> [2010/03/04 14:39:22 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdth2.dll -> C:\WINDOWS\System32\dllcache\kbdth2.dll -> [2010/03/04 14:39:22 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdth1.dll -> C:\WINDOWS\System32\dllcache\kbdth1.dll -> [2010/03/04 14:39:22 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdth0.dll -> C:\WINDOWS\System32\dllcache\kbdth0.dll -> [2010/03/04 14:39:22 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdsyr2.dll -> C:\WINDOWS\System32\dllcache\kbdsyr2.dll -> [2010/03/04 14:39:22 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdsyr1.dll -> C:\WINDOWS\System32\dllcache\kbdsyr1.dll -> [2010/03/04 14:39:22 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdnec95.dll -> C:\WINDOWS\System32\dllcache\kbdnec95.dll -> [2010/03/04 14:39:21 | 000,007,168 | ---- | C] (Microsoft Corporation)
kbdlk41a.dll -> C:\WINDOWS\System32\dllcache\kbdlk41a.dll -> [2010/03/04 14:39:21 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdlk41j.dll -> C:\WINDOWS\System32\dllcache\kbdlk41j.dll -> [2010/03/04 14:39:21 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdinpun.dll -> C:\WINDOWS\System32\dllcache\kbdinpun.dll -> [2010/03/04 14:39:21 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdintel.dll -> C:\WINDOWS\System32\dllcache\kbdintel.dll -> [2010/03/04 14:39:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdintam.dll -> C:\WINDOWS\System32\dllcache\kbdintam.dll -> [2010/03/04 14:39:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdinmar.dll -> C:\WINDOWS\System32\dllcache\kbdinmar.dll -> [2010/03/04 14:39:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdinkan.dll -> C:\WINDOWS\System32\dllcache\kbdinkan.dll -> [2010/03/04 14:39:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdinhin.dll -> C:\WINDOWS\System32\dllcache\kbdinhin.dll -> [2010/03/04 14:39:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdibm02.dll -> C:\WINDOWS\System32\dllcache\kbdibm02.dll -> [2010/03/04 14:39:20 | 000,007,168 | ---- | C] (Microsoft Corporation)
kbdinguj.dll -> C:\WINDOWS\System32\dllcache\kbdinguj.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdindev.dll -> C:\WINDOWS\System32\dllcache\kbdindev.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdheb.dll -> C:\WINDOWS\System32\dllcache\kbdheb.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdfa.dll -> C:\WINDOWS\System32\dllcache\kbdfa.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbddiv2.dll -> C:\WINDOWS\System32\dllcache\kbddiv2.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbddiv1.dll -> C:\WINDOWS\System32\dllcache\kbddiv1.dll -> [2010/03/04 14:39:20 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdgeo.dll -> C:\WINDOWS\System32\dllcache\kbdgeo.dll -> [2010/03/04 14:39:20 | 000,005,120 | ---- | C] (Microsoft Corporation)
jupiw.dll -> C:\WINDOWS\System32\dllcache\jupiw.dll -> [2010/03/04 14:39:19 | 000,018,432 | ---- | C] (Microsoft Corporation)
kbdax2.dll -> C:\WINDOWS\System32\dllcache\kbdax2.dll -> [2010/03/04 14:39:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbd106n.dll -> C:\WINDOWS\System32\dllcache\kbd106n.dll -> [2010/03/04 14:39:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbd101a.dll -> C:\WINDOWS\System32\dllcache\kbd101a.dll -> [2010/03/04 14:39:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbd101.dll -> C:\WINDOWS\System32\dllcache\kbd101.dll -> [2010/03/04 14:39:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbda3.dll -> C:\WINDOWS\System32\dllcache\kbda3.dll -> [2010/03/04 14:39:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbda2.dll -> C:\WINDOWS\System32\dllcache\kbda2.dll -> [2010/03/04 14:39:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbda1.dll -> C:\WINDOWS\System32\dllcache\kbda1.dll -> [2010/03/04 14:39:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdarmw.dll -> C:\WINDOWS\System32\dllcache\kbdarmw.dll -> [2010/03/04 14:39:19 | 000,005,120 | ---- | C] (Microsoft Corporation)
kbdarme.dll -> C:\WINDOWS\System32\dllcache\kbdarme.dll -> [2010/03/04 14:39:19 | 000,005,120 | ---- | C] (Microsoft Corporation)
iscomlog.dll -> C:\WINDOWS\System32\dllcache\iscomlog.dll -> [2010/03/04 14:39:18 | 000,027,136 | ---- | C] (Microsoft Corporation)
iwrps.dll -> C:\WINDOWS\System32\dllcache\iwrps.dll -> [2010/03/04 14:39:18 | 000,009,216 | ---- | C] (Microsoft Corporation)
isapips.dll -> C:\WINDOWS\System32\dllcache\isapips.dll -> [2010/03/04 14:39:18 | 000,007,168 | ---- | C] (Microsoft Corporation)
infocomm.dll -> C:\WINDOWS\System32\dllcache\infocomm.dll -> [2010/03/04 14:39:17 | 000,257,024 | ---- | C] (Microsoft Corporation)
iprip.dll -> C:\WINDOWS\System32\dllcache\iprip.dll -> [2010/03/04 14:39:17 | 000,035,840 | ---- | C] (Microsoft Corporation)
infoctrs.dll -> C:\WINDOWS\System32\dllcache\infoctrs.dll -> [2010/03/04 14:39:17 | 000,009,216 | ---- | C] (Microsoft Corporation)
imskdic.dll -> C:\WINDOWS\System32\dllcache\imskdic.dll -> [2010/03/04 14:39:16 | 000,471,102 | ---- | C] (Microsoft Corporation)
imskf.dll -> C:\WINDOWS\System32\dllcache\imskf.dll -> [2010/03/04 14:39:16 | 000,315,455 | ---- | C] (Microsoft Corporation)
imlang.dll -> C:\WINDOWS\System32\dllcache\imlang.dll -> [2010/03/04 14:39:16 | 000,102,456 | ---- | C] (Microsoft Corporation)
inetin51.exe -> C:\WINDOWS\System32\dllcache\inetin51.exe -> [2010/03/04 14:39:16 | 000,015,872 | ---- | C] (Microsoft Corporation)
imjpdct.exe -> C:\WINDOWS\System32\dllcache\imjpdct.exe -> [2010/03/04 14:39:15 | 000,307,257 | ---- | C] (Microsoft Corporation)
imjputyc.dll -> C:\WINDOWS\System32\dllcache\imjputyc.dll -> [2010/03/04 14:39:15 | 000,274,489 | ---- | C] (Microsoft Corporation)
imjputy.exe -> C:\WINDOWS\System32\dllcache\imjputy.exe -> [2010/03/04 14:39:15 | 000,262,200 | ---- | C] (Microsoft Corporation)
imjprw.exe -> C:\WINDOWS\System32\dllcache\imjprw.exe -> [2010/03/04 14:39:15 | 000,233,527 | ---- | C] (Microsoft Corporation)
imjpmig.exe -> C:\WINDOWS\System32\dllcache\imjpmig.exe -> [2010/03/04 14:39:15 | 000,208,952 | ---- | C] (Microsoft Corporation)
imjpdsvr.exe -> C:\WINDOWS\System32\dllcache\imjpdsvr.exe -> [2010/03/04 14:39:15 | 000,155,705 | ---- | C] (Microsoft Corporation)
imkrinst.exe -> C:\WINDOWS\System32\dllcache\imkrinst.exe -> [2010/03/04 14:39:15 | 000,059,904 | ---- | C] (Microsoft Corporation)
imjpuex.exe -> C:\WINDOWS\System32\dllcache\imjpuex.exe -> [2010/03/04 14:39:15 | 000,045,109 | ---- | C] (Microsoft Corporation)
imjp81k.dll -> C:\WINDOWS\System32\dllcache\imjp81k.dll -> [2010/03/04 14:39:14 | 000,811,064 | ---- | C] (Microsoft Corporation)
imjpcus.dll -> C:\WINDOWS\System32\dllcache\imjpcus.dll -> [2010/03/04 14:39:14 | 000,716,856 | ---- | C] (Microsoft Corporation)
imjpcic.dll -> C:\WINDOWS\System32\dllcache\imjpcic.dll -> [2010/03/04 14:39:14 | 000,368,696 | ---- | C] (Microsoft Corporation)
imjp81.ime -> C:\WINDOWS\System32\dllcache\imjp81.ime -> [2010/03/04 14:39:14 | 000,340,023 | ---- | C] (Microsoft Corporation)
imjpdct.dll -> C:\WINDOWS\System32\dllcache\imjpdct.dll -> [2010/03/04 14:39:14 | 000,081,976 | ---- | C] (Microsoft Corporation)
imjpdadm.exe -> C:\WINDOWS\System32\dllcache\imjpdadm.exe -> [2010/03/04 14:39:14 | 000,057,398 | ---- | C] (Microsoft Corporation)
imepadsv.exe -> C:\WINDOWS\System32\dllcache\imepadsv.exe -> [2010/03/04 14:39:13 | 000,311,359 | ---- | C] (Microsoft Corporation)
imekrcic.dll -> C:\WINDOWS\System32\dllcache\imekrcic.dll -> [2010/03/04 14:39:13 | 000,106,496 | ---- | C] (Microsoft Corporation)
imepadsm.dll -> C:\WINDOWS\System32\dllcache\imepadsm.dll -> [2010/03/04 14:39:13 | 000,102,463 | ---- | C] (Microsoft Corporation)
imekr61.ime -> C:\WINDOWS\System32\dllcache\imekr61.ime -> [2010/03/04 14:39:13 | 000,094,720 | ---- | C] (Microsoft Corporation)
imekrmbx.dll -> C:\WINDOWS\System32\dllcache\imekrmbx.dll -> [2010/03/04 14:39:13 | 000,086,016 | ---- | C] (Microsoft Corporation)
imekrmig.exe -> C:\WINDOWS\System32\dllcache\imekrmig.exe -> [2010/03/04 14:39:13 | 000,044,032 | ---- | C] (Microsoft Corporation)
iissync.exe -> C:\WINDOWS\System32\dllcache\iissync.exe -> [2010/03/04 14:39:13 | 000,006,656 | ---- | C] (Microsoft Corporation)
iismui.dll -> C:\WINDOWS\System32\dllcache\iismui.dll -> [2010/03/04 14:39:13 | 000,003,584 | ---- | C] (Microsoft Corporation)
iische51.dll -> C:\WINDOWS\System32\dllcache\iische51.dll -> [2010/03/04 14:39:12 | 000,145,408 | ---- | C] (Microsoft Corporation)
iislog51.dll -> C:\WINDOWS\System32\dllcache\iislog51.dll -> [2010/03/04 14:39:12 | 000,079,872 | ---- | C] (Microsoft Corporation)
iisclex4.dll -> C:\WINDOWS\System32\dllcache\iisclex4.dll -> [2010/03/04 14:39:12 | 000,060,928 | ---- | C] (Microsoft Corporation)
iisadmin.dll -> C:\WINDOWS\System32\dllcache\iisadmin.dll -> [2010/03/04 14:39:12 | 000,025,088 | ---- | C] (Microsoft Corporation)
iiscrmap.dll -> C:\WINDOWS\System32\dllcache\iiscrmap.dll -> [2010/03/04 14:39:12 | 000,019,456 | ---- | C] (Microsoft Corporation)
iisfecnv.dll -> C:\WINDOWS\System32\dllcache\iisfecnv.dll -> [2010/03/04 14:39:12 | 000,007,168 | ---- | C] (Microsoft Corporation)
hwxkor.dll -> C:\WINDOWS\System32\dllcache\hwxkor.dll -> [2010/03/04 14:39:07 | 010,129,408 | ---- | C] (Microsoft Corporation)
hwxcht.dll -> C:\WINDOWS\System32\dllcache\hwxcht.dll -> [2010/03/04 14:39:00 | 010,096,640 | ---- | C] (Microsoft Corporation)
httpod51.dll -> C:\WINDOWS\System32\dllcache\httpod51.dll -> [2010/03/04 14:39:00 | 000,061,952 | ---- | C] (Microsoft Corporation)
httpext.dll -> C:\WINDOWS\System32\dllcache\httpext.dll -> [2010/03/04 14:38:59 | 000,268,288 | ---- | C] (Microsoft Corporation)
hostmib.dll -> C:\WINDOWS\System32\dllcache\hostmib.dll -> [2010/03/04 14:38:59 | 000,039,936 | ---- | C] (Microsoft Corporation)
httpmb51.dll -> C:\WINDOWS\System32\dllcache\httpmb51.dll -> [2010/03/04 14:38:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
hanjadic.dll -> C:\WINDOWS\System32\dllcache\hanjadic.dll -> [2010/03/04 14:38:58 | 000,036,864 | ---- | C] (Microsoft Corporation)
fxsxp32.dll -> C:\WINDOWS\System32\dllcache\fxsxp32.dll -> [2010/03/04 14:38:57 | 000,400,896 | ---- | C] (Microsoft Corporation)
gzip.dll -> C:\WINDOWS\System32\dllcache\gzip.dll -> [2010/03/04 14:38:57 | 000,032,256 | ---- | C] (Microsoft Corporation)
fxsst.dll -> C:\WINDOWS\System32\dllcache\fxsst.dll -> [2010/03/04 14:38:56 | 000,562,688 | ---- | C] (Microsoft Corporation)
fxstiff.dll -> C:\WINDOWS\System32\dllcache\fxstiff.dll -> [2010/03/04 14:38:56 | 000,397,312 | ---- | C] (Microsoft Corporation)
fxssvc.exe -> C:\WINDOWS\System32\dllcache\fxssvc.exe -> [2010/03/04 14:38:56 | 000,268,288 | ---- | C] (Microsoft Corporation)
fxst30.dll -> C:\WINDOWS\System32\dllcache\fxst30.dll -> [2010/03/04 14:38:56 | 000,246,272 | ---- | C] (Microsoft Corporation)
fxswzrd.dll -> C:\WINDOWS\System32\dllcache\fxswzrd.dll -> [2010/03/04 14:38:56 | 000,195,072 | ---- | C] (Microsoft Corporation)
fxsui.dll -> C:\WINDOWS\System32\dllcache\fxsui.dll -> [2010/03/04 14:38:56 | 000,155,136 | ---- | C] (Microsoft Corporation)
fxsroute.dll -> C:\WINDOWS\System32\dllcache\fxsroute.dll -> [2010/03/04 14:38:56 | 000,031,744 | ---- | C] (Microsoft Corporation)
fxssend.exe -> C:\WINDOWS\System32\dllcache\fxssend.exe -> [2010/03/04 14:38:56 | 000,011,264 | ---- | C] (Microsoft Corporation)
fxsperf.dll -> C:\WINDOWS\System32\dllcache\fxsperf.dll -> [2010/03/04 14:38:56 | 000,008,704 | ---- | C] (Microsoft Corporation)
fxsres.dll -> C:\WINDOWS\System32\dllcache\fxsres.dll -> [2010/03/04 14:38:56 | 000,006,656 | ---- | C] (Microsoft Corporation)
fxscomex.dll -> C:\WINDOWS\System32\dllcache\fxscomex.dll -> [2010/03/04 14:38:55 | 000,285,184 | ---- | C] (Microsoft Corporation)
fxscover.exe -> C:\WINDOWS\System32\dllcache\fxscover.exe -> [2010/03/04 14:38:55 | 000,234,496 | ---- | C] (Microsoft Corporation)
fxsclnt.exe -> C:\WINDOWS\System32\dllcache\fxsclnt.exe -> [2010/03/04 14:38:55 | 000,142,848 | ---- | C] (Microsoft Corporation)
fxsclntr.dll -> C:\WINDOWS\System32\dllcache\fxsclntr.dll -> [2010/03/04 14:38:55 | 000,137,216 | ---- | C] (Microsoft Corporation)
fxscfgwz.dll -> C:\WINDOWS\System32\dllcache\fxscfgwz.dll -> [2010/03/04 14:38:55 | 000,112,128 | ---- | C] (Microsoft Corporation)
fxscom.dll -> C:\WINDOWS\System32\dllcache\fxscom.dll -> [2010/03/04 14:38:55 | 000,072,192 | ---- | C] (Microsoft Corporation)
fxsevent.dll -> C:\WINDOWS\System32\dllcache\fxsevent.dll -> [2010/03/04 14:38:55 | 000,060,416 | ---- | C] (Microsoft Corporation)
fxsdrv.dll -> C:\WINDOWS\System32\dllcache\fxsdrv.dll -> [2010/03/04 14:38:55 | 000,026,624 | ---- | C] (Microsoft Corporation)
fxsmon.dll -> C:\WINDOWS\System32\dllcache\fxsmon.dll -> [2010/03/04 14:38:55 | 000,023,552 | ---- | C] (Microsoft Corporation)
fxsext32.dll -> C:\WINDOWS\System32\dllcache\fxsext32.dll -> [2010/03/04 14:38:55 | 000,023,552 | ---- | C] (Microsoft Corporation)
fxsapi.dll -> C:\WINDOWS\System32\dllcache\fxsapi.dll -> [2010/03/04 14:38:54 | 000,451,584 | ---- | C] (Microsoft Corporation)
ftpsv251.dll -> C:\WINDOWS\System32\dllcache\ftpsv251.dll -> [2010/03/04 14:38:54 | 000,127,488 | ---- | C] (Microsoft Corporation)
ftpctrs2.dll -> C:\WINDOWS\System32\dllcache\ftpctrs2.dll -> [2010/03/04 14:38:54 | 000,007,680 | ---- | C] (Microsoft Corporation)
ftpmib.dll -> C:\WINDOWS\System32\dllcache\ftpmib.dll -> [2010/03/04 14:38:54 | 000,006,144 | ---- | C] (Microsoft Corporation)
ftlx041e.dll -> C:\WINDOWS\System32\dllcache\ftlx041e.dll -> [2010/03/04 14:38:54 | 000,006,144 | ---- | C] (Microsoft Corporation)
fp4autl.dll -> C:\WINDOWS\System32\dllcache\fp4autl.dll -> [2010/03/04 14:38:53 | 000,618,605 | ---- | C] (Microsoft Corporation)
fpadmcgi.exe -> C:\WINDOWS\System32\dllcache\fpadmcgi.exe -> [2010/03/04 14:38:53 | 000,024,632 | ---- | C] (Microsoft Corporation)
fpadmdll.dll -> C:\WINDOWS\System32\dllcache\fpadmdll.dll -> [2010/03/04 14:38:53 | 000,020,541 | ---- | C] (Microsoft Corporation)
flattemp.exe -> C:\WINDOWS\System32\dllcache\flattemp.exe -> [2010/03/04 14:38:53 | 000,014,848 | ---- | C] (Microsoft Corporation)
evntwin.exe -> C:\WINDOWS\System32\dllcache\evntwin.exe -> [2010/03/04 14:38:52 | 000,093,696 | ---- | C] (Microsoft Corporation)
EXCH_fcachdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll -> [2010/03/04 14:38:52 | 000,043,520 | ---- | C] (Microsoft Corporation)
exstrace.dll -> C:\WINDOWS\System32\dllcache\exstrace.dll -> [2010/03/04 14:38:52 | 000,014,336 | ---- | C] (Microsoft Corporation)
f3ahvoas.dll -> C:\WINDOWS\System32\dllcache\f3ahvoas.dll -> [2010/03/04 14:38:52 | 000,007,168 | ---- | C] (Microsoft Corporation)
evntagnt.dll -> C:\WINDOWS\System32\dllcache\evntagnt.dll -> [2010/03/04 14:38:51 | 000,106,496 | ---- | C] (Microsoft Corporation)
esuimgd.dll -> C:\WINDOWS\System32\dllcache\esuimgd.dll -> [2010/03/04 14:38:51 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.)
esunid.dll -> C:\WINDOWS\System32\dllcache\esunid.dll -> [2010/03/04 14:38:51 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.)
esucmd.dll -> C:\WINDOWS\System32\dllcache\esucmd.dll -> [2010/03/04 14:38:51 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.)
et4000.sys -> C:\WINDOWS\System32\dllcache\et4000.sys -> [2010/03/04 14:38:51 | 000,025,856 | ---- | C] (Microsoft Corporation)
evntcmd.exe -> C:\WINDOWS\System32\dllcache\evntcmd.exe -> [2010/03/04 14:38:51 | 000,024,576 | ---- | C] (Microsoft Corporation)
edb500.dll -> C:\WINDOWS\System32\dllcache\edb500.dll -> [2010/03/04 14:38:50 | 000,514,587 | ---- | C] (Microsoft Corporation)
dayi.ime -> C:\WINDOWS\System32\dllcache\dayi.ime -> [2010/03/04 14:38:45 | 000,078,848 | ---- | C] (Microsoft Corporation)
davcdata.exe -> C:\WINDOWS\System32\dllcache\davcdata.exe -> [2010/03/04 14:38:45 | 000,042,496 | ---- | C] (Microsoft Corporation)
cprofile.exe -> C:\WINDOWS\System32\dllcache\cprofile.exe -> [2010/03/04 14:38:44 | 000,019,456 | ---- | C] (Microsoft Corporation)
cplexe.exe -> C:\WINDOWS\System32\dllcache\cplexe.exe -> [2010/03/04 14:38:43 | 000,057,399 | ---- | C] (Microsoft Corporation)
convlog.exe -> C:\WINDOWS\System32\dllcache\convlog.exe -> [2010/03/04 14:38:43 | 000,056,832 | ---- | C] (Microsoft Corporation)
controt.dll -> C:\WINDOWS\System32\dllcache\controt.dll -> [2010/03/04 14:38:43 | 000,033,792 | ---- | C] (Microsoft Corporation)
counters.dll -> C:\WINDOWS\System32\dllcache\counters.dll -> [2010/03/04 14:38:43 | 000,020,480 | ---- | C] (Microsoft Corporation)
compfilt.dll -> C:\WINDOWS\System32\dllcache\compfilt.dll -> [2010/03/04 14:38:42 | 000,024,064 | ---- | C] (Microsoft Corporation)
cintsetp.exe -> C:\WINDOWS\System32\dllcache\cintsetp.exe -> [2010/03/04 14:38:41 | 000,480,256 | ---- | C] (Microsoft Corporation)
cintime.dll -> C:\WINDOWS\System32\dllcache\cintime.dll -> [2010/03/04 14:38:41 | 000,198,656 | ---- | C] (Microsoft Corporation)
cintlgnt.ime -> C:\WINDOWS\System32\dllcache\cintlgnt.ime -> [2010/03/04 14:38:41 | 000,021,504 | ---- | C] (Microsoft Corporation)
chtbrkr.dll -> C:\WINDOWS\System32\dllcache\chtbrkr.dll -> [2010/03/04 14:38:40 | 000,838,144 | ---- | C] (Microsoft Corporation)
chtmbx.dll -> C:\WINDOWS\System32\dllcache\chtmbx.dll -> [2010/03/04 14:38:40 | 000,097,792 | ---- | C] (Microsoft Corporation)
chtskdic.dll -> C:\WINDOWS\System32\dllcache\chtskdic.dll -> [2010/03/04 14:38:40 | 000,056,320 | ---- | C] (Microsoft Corporation)
chsbrkr.dll -> C:\WINDOWS\System32\dllcache\chsbrkr.dll -> [2010/03/04 14:38:39 | 001,677,824 | ---- | C] (Microsoft Corporation)

cg150mt · 11/05/2010

Continuando ..... o Log

chajei.ime -> C:\WINDOWS\System32\dllcache\chajei.ime -> [2010/03/04 14:38:39 | 000,078,336 | ---- | C] (Microsoft Corporation)
chgport.exe -> C:\WINDOWS\System32\dllcache\chgport.exe -> [2010/03/04 14:38:39 | 000,016,384 | ---- | C] (Microsoft Corporation)
chgusr.exe -> C:\WINDOWS\System32\dllcache\chgusr.exe -> [2010/03/04 14:38:39 | 000,014,848 | ---- | C] (Microsoft Corporation)
chglogon.exe -> C:\WINDOWS\System32\dllcache\chglogon.exe -> [2010/03/04 14:38:39 | 000,013,824 | ---- | C] (Microsoft Corporation)
change.exe -> C:\WINDOWS\System32\dllcache\change.exe -> [2010/03/04 14:38:39 | 000,010,240 | ---- | C] (Microsoft Corporation)
cap7146.sys -> C:\WINDOWS\System32\dllcache\cap7146.sys -> [2010/03/04 14:38:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH)
c_g18030.dll -> C:\WINDOWS\System32\dllcache\c_g18030.dll -> [2010/03/04 14:38:37 | 000,218,112 | ---- | C] (Microsoft Corporation)
c_iscii.dll -> C:\WINDOWS\System32\dllcache\c_iscii.dll -> [2010/03/04 14:38:37 | 000,010,752 | ---- | C] (Microsoft Corporation)
c_is2022.dll -> C:\WINDOWS\System32\dllcache\c_is2022.dll -> [2010/03/04 14:38:37 | 000,006,656 | ---- | C] (Microsoft Corporation)
browscap.dll -> C:\WINDOWS\System32\dllcache\browscap.dll -> [2010/03/04 14:38:31 | 000,045,568 | ---- | C] (Microsoft Corporation)
asp51.dll -> C:\WINDOWS\System32\dllcache\asp51.dll -> [2010/03/04 14:38:29 | 000,374,784 | ---- | C] (Microsoft Corporation)
asptxn.dll -> C:\WINDOWS\System32\dllcache\asptxn.dll -> [2010/03/04 14:38:29 | 000,029,184 | ---- | C] (Microsoft Corporation)
aspperf.dll -> C:\WINDOWS\System32\dllcache\aspperf.dll -> [2010/03/04 14:38:29 | 000,010,240 | ---- | C] (Microsoft Corporation)
authfilt.dll -> C:\WINDOWS\System32\dllcache\authfilt.dll -> [2010/03/04 14:38:29 | 000,009,216 | ---- | C] (Microsoft Corporation)
aqueue.dll -> C:\WINDOWS\System32\dllcache\aqueue.dll -> [2010/03/04 14:38:28 | 000,332,800 | ---- | C] (Microsoft Corporation)
appconf.dll -> C:\WINDOWS\System32\dllcache\appconf.dll -> [2010/03/04 14:38:28 | 000,109,568 | ---- | C] (Microsoft Corporation)
EXCH_aqadmin.dll -> C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll -> [2010/03/04 14:38:28 | 000,045,056 | ---- | C] (Microsoft Corporation)
agt0804.dll -> C:\WINDOWS\System32\dllcache\agt0804.dll -> [2010/03/04 14:38:28 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0412.dll -> C:\WINDOWS\System32\dllcache\agt0412.dll -> [2010/03/04 14:38:28 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0411.dll -> C:\WINDOWS\System32\dllcache\agt0411.dll -> [2010/03/04 14:38:28 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt040d.dll -> C:\WINDOWS\System32\dllcache\agt040d.dll -> [2010/03/04 14:38:27 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0404.dll -> C:\WINDOWS\System32\dllcache\agt0404.dll -> [2010/03/04 14:38:27 | 000,019,456 | ---- | C] (Microsoft Corporation)

cg150mt · 11/05/2010

Continuando .... O log..

agt0401.dll -> C:\WINDOWS\System32\dllcache\agt0401.dll -> [2010/03/04 14:38:27 | 000,019,456 | ---- | C] (Microsoft Corporation)
adrot.dll -> C:\WINDOWS\System32\dllcache\adrot.dll -> [2010/03/04 14:38:26 | 000,050,176 | ---- | C] (Microsoft Corporation)
admexs.dll -> C:\WINDOWS\System32\dllcache\admexs.dll -> [2010/03/04 14:38:26 | 000,029,696 | ---- | C] (Microsoft Corporation)
admxprox.dll -> C:\WINDOWS\System32\dllcache\admxprox.dll -> [2010/03/04 14:38:26 | 000,006,144 | ---- | C] (Microsoft Corporation)
EXCH_adsiisex.dll -> C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll -> [2010/03/04 14:38:26 | 000,005,632 | ---- | C] (Microsoft Corporation)
wamregps.dll -> C:\WINDOWS\System32\dllcache\wamregps.dll -> [2010/03/04 14:38:23 | 000,007,168 | ---- | C] (Microsoft Corporation)
smtpsnap.dll -> C:\WINDOWS\System32\dllcache\smtpsnap.dll -> [2010/03/04 14:38:22 | 002,134,528 | ---- | C] (Microsoft Corporation)
smtpadm.dll -> C:\WINDOWS\System32\dllcache\smtpadm.dll -> [2010/03/04 14:38:22 | 000,189,952 | ---- | C] (Microsoft Corporation)
tcptest.exe -> C:\WINDOWS\System32\dllcache\tcptest.exe -> [2010/03/04 14:38:22 | 000,032,827 | ---- | C] (Microsoft Corporation)
tcptsat.dll -> C:\WINDOWS\System32\dllcache\tcptsat.dll -> [2010/03/04 14:38:22 | 000,016,384 | ---- | C] (Microsoft Corporation)
staxmem.dll -> C:\WINDOWS\System32\dllcache\staxmem.dll -> [2010/03/04 14:38:22 | 000,008,192 | ---- | C] (Microsoft Corporation)
shtml.dll -> C:\WINDOWS\System32\dllcache\shtml.dll -> [2010/03/04 14:38:21 | 000,020,536 | ---- | C] (Microsoft Corporation)
shtml.exe -> C:\WINDOWS\System32\dllcache\shtml.exe -> [2010/03/04 14:38:21 | 000,016,437 | ---- | C] (Microsoft Corporation)
logui.ocx -> C:\WINDOWS\System32\dllcache\logui.ocx -> [2010/03/04 14:38:18 | 000,077,312 | ---- | C] (Microsoft Corporation)
inetmgr.dll -> C:\WINDOWS\System32\dllcache\inetmgr.dll -> [2010/03/04 14:38:17 | 000,837,120 | ---- | C] (Microsoft Corporation)
iisui.dll -> C:\WINDOWS\System32\dllcache\iisui.dll -> [2010/03/04 14:38:17 | 000,171,520 | ---- | C] (Microsoft Corporation)
iisrtl.dll -> C:\WINDOWS\System32\dllcache\iisrtl.dll -> [2010/03/04 14:38:17 | 000,133,632 | ---- | C] (Microsoft Corporation)
isatq.dll -> C:\WINDOWS\System32\dllcache\isatq.dll -> [2010/03/04 14:38:17 | 000,068,608 | ---- | C] (Microsoft Corporation)
inetsloc.dll -> C:\WINDOWS\System32\dllcache\inetsloc.dll -> [2010/03/04 14:38:17 | 000,019,968 | ---- | C] (Microsoft Corporation)
infoadmn.dll -> C:\WINDOWS\System32\dllcache\infoadmn.dll -> [2010/03/04 14:38:17 | 000,013,312 | ---- | C] (Microsoft Corporation)
inetmgr.exe -> C:\WINDOWS\System32\dllcache\inetmgr.exe -> [2010/03/04 14:38:17 | 000,007,680 | ---- | C] (Microsoft Corporation)
fpmmcsat.dll -> C:\WINDOWS\System32\dllcache\fpmmcsat.dll -> [2010/03/04 14:38:16 | 000,217,088 | ---- | C] (Microsoft Corporation)
iisext51.dll -> C:\WINDOWS\System32\dllcache\iisext51.dll -> [2010/03/04 14:38:16 | 000,068,608 | ---- | C] (Microsoft Corporation)
iismap.dll -> C:\WINDOWS\System32\dllcache\iismap.dll -> [2010/03/04 14:38:16 | 000,064,512 | ---- | C] (Microsoft Corporation)
iisrstas.exe -> C:\WINDOWS\System32\dllcache\iisrstas.exe -> [2010/03/04 14:38:16 | 000,031,232 | ---- | C] (Microsoft Corporation)
fpremadm.exe -> C:\WINDOWS\System32\dllcache\fpremadm.exe -> [2010/03/04 14:38:16 | 000,020,538 | ---- | C] (Microsoft Corporation)
iisreset.exe -> C:\WINDOWS\System32\dllcache\iisreset.exe -> [2010/03/04 14:38:16 | 000,014,848 | ---- | C] (Microsoft Corporation)
ftpsapi2.dll -> C:\WINDOWS\System32\dllcache\ftpsapi2.dll -> [2010/03/04 14:38:16 | 000,006,144 | ---- | C] (Microsoft Corporation)
iisrstap.dll -> C:\WINDOWS\System32\dllcache\iisrstap.dll -> [2010/03/04 14:38:16 | 000,005,632 | ---- | C] (Microsoft Corporation)
fp4awel.dll -> C:\WINDOWS\System32\dllcache\fp4awel.dll -> [2010/03/04 14:38:15 | 000,876,653 | ---- | C] (Microsoft Corporation)
fpmmc.dll -> C:\WINDOWS\System32\dllcache\fpmmc.dll -> [2010/03/04 14:38:15 | 000,598,071 | ---- | C] (Microsoft Corporation)
fpcount.exe -> C:\WINDOWS\System32\dllcache\fpcount.exe -> [2010/03/04 14:38:15 | 000,188,494 | ---- | C] (Microsoft Corporation)
fp98swin.exe -> C:\WINDOWS\System32\dllcache\fp98swin.exe -> [2010/03/04 14:38:15 | 000,109,328 | ---- | C] (Microsoft Corporation)
fp4awebs.dll -> C:\WINDOWS\System32\dllcache\fp4awebs.dll -> [2010/03/04 14:38:15 | 000,049,212 | ---- | C] (Microsoft Corporation)
fp4avss.dll -> C:\WINDOWS\System32\dllcache\fp4avss.dll -> [2010/03/04 14:38:15 | 000,032,826 | ---- | C] (Microsoft Corporation)
fpexedll.dll -> C:\WINDOWS\System32\dllcache\fpexedll.dll -> [2010/03/04 14:38:15 | 000,020,541 | ---- | C] (Microsoft Corporation)
fp98sadm.exe -> C:\WINDOWS\System32\dllcache\fp98sadm.exe -> [2010/03/04 14:38:15 | 000,014,608 | ---- | C] (Microsoft Corporation)
fp4amsft.dll -> C:\WINDOWS\System32\dllcache\fp4amsft.dll -> [2010/03/04 14:38:14 | 000,184,435 | ---- | C] (Microsoft Corporation)
fp4apws.dll -> C:\WINDOWS\System32\dllcache\fp4apws.dll -> [2010/03/04 14:38:14 | 000,147,513 | ---- | C] (Microsoft Corporation)
fp4atxt.dll -> C:\WINDOWS\System32\dllcache\fp4atxt.dll -> [2010/03/04 14:38:14 | 000,102,509 | ---- | C] (Microsoft Corporation)
fp4anscp.dll -> C:\WINDOWS\System32\dllcache\fp4anscp.dll -> [2010/03/04 14:38:14 | 000,082,035 | ---- | C] (Microsoft Corporation)
fp4areg.dll -> C:\WINDOWS\System32\dllcache\fp4areg.dll -> [2010/03/04 14:38:14 | 000,049,210 | ---- | C] (Microsoft Corporation)
fp4avnb.dll -> C:\WINDOWS\System32\dllcache\fp4avnb.dll -> [2010/03/04 14:38:14 | 000,041,020 | ---- | C] (Microsoft Corporation)
certwiz.ocx -> C:\WINDOWS\System32\dllcache\certwiz.ocx -> [2010/03/04 14:38:13 | 000,280,064 | ---- | C] (Microsoft Corporation)
cfgwiz.exe -> C:\WINDOWS\System32\dllcache\cfgwiz.exe -> [2010/03/04 14:38:13 | 000,188,480 | ---- | C] (Microsoft Corporation)
certmap.ocx -> C:\WINDOWS\System32\dllcache\certmap.ocx -> [2010/03/04 14:38:13 | 000,096,256 | ---- | C] (Microsoft Corporation)
cnfgprts.ocx -> C:\WINDOWS\System32\dllcache\cnfgprts.ocx -> [2010/03/04 14:38:13 | 000,076,800 | ---- | C] (Microsoft Corporation)
coadmin.dll -> C:\WINDOWS\System32\dllcache\coadmin.dll -> [2010/03/04 14:38:13 | 000,047,104 | ---- | C] (Microsoft Corporation)
author.dll -> C:\WINDOWS\System32\dllcache\author.dll -> [2010/03/04 14:38:13 | 000,020,540 | ---- | C] (Microsoft Corporation)
author.exe -> C:\WINDOWS\System32\dllcache\author.exe -> [2010/03/04 14:38:13 | 000,016,439 | ---- | C] (Microsoft Corporation)
adsiis51.dll -> C:\WINDOWS\System32\dllcache\adsiis51.dll -> [2010/03/04 14:38:12 | 000,290,816 | ---- | C] (Microsoft Corporation)
admwprox.dll -> C:\WINDOWS\System32\dllcache\admwprox.dll -> [2010/03/04 14:38:12 | 000,043,520 | ---- | C] (Microsoft Corporation)
admin.exe -> C:\WINDOWS\System32\dllcache\admin.exe -> [2010/03/04 14:38:12 | 000,016,439 | ---- | C] (Microsoft Corporation)
admin.dll -> C:\WINDOWS\System32\dllcache\admin.dll -> [2010/03/04 14:38:11 | 000,020,540 | ---- | C] (Microsoft Corporation)
xircom -> C:\WINDOWS\System32\xircom -> [2010/03/04 14:38:05 | 000,000,000 | ---D | C]
xerox -> C:\Arquivos de programas\xerox -> [2010/03/04 14:38:05 | 000,000,000 | ---D | C]
microsoft frontpage -> C:\Arquivos de programas\microsoft frontpage -> [2010/03/04 14:38:05 | 000,000,000 | ---D | C]
mapi32.dll -> C:\WINDOWS\System32\mapi32.dll -> [2010/03/04 14:37:20 | 000,112,128 | ---- | C] (Microsoft Corporation)
DRM -> C:\Documents and Settings\All Users\DRM -> [2010/03/04 14:36:12 | 000,000,000 | -HSD | C]
Downloaded Program Files -> C:\WINDOWS\Downloaded Program Files -> [2010/03/04 14:36:00 | 000,000,000 | --SD | C]
Offline Web Pages -> C:\WINDOWS\Offline Web Pages -> [2010/03/04 14:36:00 | 000,000,000 | R--D | C]
WindowsUpdate -> C:\Arquivos de programas\WindowsUpdate -> [2010/03/04 14:35:48 | 000,000,000 | -H-D | C]
Serviços on-line -> C:\Arquivos de programas\Serviços on-line -> [2010/03/04 14:35:43 | 000,000,000 | ---D | C]
DirectX -> C:\WINDOWS\System32\DirectX -> [2010/03/04 14:35:29 | 000,000,000 | ---D | C]
helphost.exe -> C:\WINDOWS\System32\dllcache\helphost.exe -> [2010/03/04 14:35:24 | 000,099,840 | ---- | C] (Microsoft Corporation)
notiflag.exe -> C:\WINDOWS\System32\dllcache\notiflag.exe -> [2010/03/04 14:35:24 | 000,035,328 | ---- | C] (Microsoft Corporation)
brpinfo.dll -> C:\WINDOWS\System32\dllcache\brpinfo.dll -> [2010/03/04 14:35:24 | 000,021,504 | ---- | C] (Microsoft Corporation)
atrace.dll -> C:\WINDOWS\System32\dllcache\atrace.dll -> [2010/03/04 14:35:24 | 000,011,264 | ---- | C] (Microsoft Corporation)
atrace.dll -> C:\WINDOWS\System32\atrace.dll -> [2010/03/04 14:35:24 | 000,011,264 | ---- | C] (Microsoft Corporation)
hcappres.dll -> C:\WINDOWS\System32\dllcache\hcappres.dll -> [2010/03/04 14:35:24 | 000,007,168 | ---- | C] (Microsoft Corporation)
srdiag.exe -> C:\WINDOWS\System32\dllcache\srdiag.exe -> [2010/03/04 14:35:18 | 000,047,104 | ---- | C] (Microsoft Corporation)
msinfo32.exe -> C:\WINDOWS\System32\dllcache\msinfo32.exe -> [2010/03/04 14:35:17 | 000,040,448 | ---- | C] (Microsoft Corporation)
wb32.exe -> C:\WINDOWS\System32\dllcache\wb32.exe -> [2010/03/04 14:35:17 | 000,012,288 | ---- | C] (Microsoft Corporation)
nmevtmsg.dll -> C:\WINDOWS\System32\nmevtmsg.dll -> [2010/03/04 14:35:17 | 000,012,288 | ---- | C] (Microsoft Corporation)
nmevtmsg.dll -> C:\WINDOWS\System32\dllcache\nmevtmsg.dll -> [2010/03/04 14:35:17 | 000,012,288 | ---- | C] (Microsoft Corporation)
cb32.exe -> C:\WINDOWS\System32\dllcache\cb32.exe -> [2010/03/04 14:35:17 | 000,012,288 | ---- | C] (Microsoft Corporation)
acctres.dll -> C:\WINDOWS\System32\dllcache\acctres.dll -> [2010/03/04 14:35:16 | 000,068,096 | ---- | C] (Microsoft Corporation)
acctres.dll -> C:\WINDOWS\System32\acctres.dll -> [2010/03/04 14:35:16 | 000,068,096 | ---- | C] (Microsoft Corporation)
Serviços -> C:\Arquivos de programas\Arquivos comuns\Serviços -> [2010/03/04 14:35:16 | 000,000,000 | ---D | C]
icwtutor.exe -> C:\WINDOWS\System32\dllcache\icwtutor.exe -> [2010/03/04 14:35:14 | 000,073,728 | ---- | C] (Microsoft Corporation)
icwres.dll -> C:\WINDOWS\System32\dllcache\icwres.dll -> [2010/03/04 14:35:14 | 000,065,536 | ---- | C] (Microsoft Corporation)
trialoc.dll -> C:\WINDOWS\System32\dllcache\trialoc.dll -> [2010/03/04 14:35:14 | 000,040,960 | ---- | C] (Microsoft Corporation)
wisc10.dll -> C:\WINDOWS\System32\dllcache\wisc10.dll -> [2010/03/04 14:35:14 | 000,025,088 | ---- | C] (Microsoft Corporation)
mssoapr.dll -> C:\WINDOWS\System32\dllcache\mssoapr.dll -> [2010/03/04 14:35:14 | 000,023,552 | ---- | C] (Microsoft Corporation)
isignup.exe -> C:\WINDOWS\System32\dllcache\isignup.exe -> [2010/03/04 14:35:14 | 000,016,384 | ---- | C] (Microsoft Corporation)
icfgnt5.dll -> C:\WINDOWS\System32\icfgnt5.dll -> [2010/03/04 14:35:14 | 000,016,384 | ---- | C] (Microsoft Corporation)
icfgnt5.dll -> C:\WINDOWS\System32\dllcache\icfgnt5.dll -> [2010/03/04 14:35:14 | 000,016,384 | ---- | C] (Microsoft Corporation)
Tasks -> C:\WINDOWS\Tasks -> [2010/03/04 14:35:14 | 000,000,000 | --SD | C]
mssoap1.dll -> C:\WINDOWS\System32\dllcache\mssoap1.dll -> [2010/03/04 14:35:13 | 000,235,520 | ---- | C] (Microsoft Corporation)
ieinfo5.ocx -> C:\WINDOWS\System32\dllcache\ieinfo5.ocx -> [2010/03/04 14:35:13 | 000,094,208 | ---- | C] (Microsoft Corporation)
MSSoap -> C:\Arquivos de programas\Arquivos comuns\MSSoap -> [2010/03/04 14:35:13 | 000,000,000 | ---D | C]
srchui.dll -> C:\WINDOWS\System32\dllcache\srchui.dll -> [2010/03/04 14:35:11 | 000,727,102 | ---- | C] (Microsoft Corporation)
srchctls.dll -> C:\WINDOWS\System32\dllcache\srchctls.dll -> [2010/03/04 14:35:11 | 000,058,434 | ---- | C] (Microsoft Corporation)
msgr3en.dll -> C:\WINDOWS\System32\dllcache\msgr3en.dll -> [2010/03/04 14:35:10 | 003,166,208 | ---- | C] (Microsoft Corporation)
VGX.dll -> C:\WINDOWS\System32\dllcache\VGX.dll -> [2010/03/04 14:35:10 | 000,759,296 | ---- | C] (Microsoft Corporation)
srchasst -> C:\WINDOWS\srchasst -> [2010/03/04 14:35:10 | 000,000,000 | ---D | C]
Macromed -> C:\WINDOWS\System32\Macromed -> [2010/03/04 14:35:10 | 000,000,000 | ---D | C]
setup_wm.exe -> C:\WINDOWS\System32\dllcache\setup_wm.exe -> [2010/03/04 14:35:09 | 001,674,240 | ---- | C] (Microsoft Corporation)
mpvis.dll -> C:\WINDOWS\System32\dllcache\mpvis.dll -> [2010/03/04 14:35:09 | 000,244,224 | ---- | C] (Microsoft Corporation)
wmpns.dll -> C:\WINDOWS\System32\dllcache\wmpns.dll -> [2010/03/04 14:35:09 | 000,221,184 | ---- | C] (Microsoft Corporation)
wmpband.dll -> C:\WINDOWS\System32\dllcache\wmpband.dll -> [2010/03/04 14:35:09 | 000,096,256 | ---- | C] (Microsoft Corporation)
migrate.exe -> C:\WINDOWS\System32\dllcache\migrate.exe -> [2010/03/04 14:35:08 | 000,786,432 | ---- | C] (Microsoft Corporation)
npdsplay.dll -> C:\WINDOWS\System32\dllcache\npdsplay.dll -> [2010/03/04 14:35:08 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.))
npdrmv2.dll -> C:\WINDOWS\System32\dllcache\npdrmv2.dll -> [2010/03/04 14:35:08 | 000,226,816 | ---- | C] (Microsoft Corporation)
wmplayer.exe -> C:\WINDOWS\System32\dllcache\wmplayer.exe -> [2010/03/04 14:35:08 | 000,064,000 | ---- | C] (Microsoft Corporation)
custsat.dll -> C:\WINDOWS\System32\dllcache\custsat.dll -> [2010/03/04 14:35:08 | 000,033,792 | ---- | C] (Microsoft Corporation)
npwmsdrm.dll -> C:\WINDOWS\System32\dllcache\npwmsdrm.dll -> [2010/03/04 14:35:08 | 000,010,240 | ---- | C] (Microsoft Corporation)
mplayer2.exe -> C:\WINDOWS\System32\dllcache\mplayer2.exe -> [2010/03/04 14:35:08 | 000,004,639 | ---- | C] (Microsoft Corporation)
wuaueng.dll -> C:\WINDOWS\System32\dllcache\wuaueng.dll -> [2010/03/04 14:35:07 | 001,135,616 | ---- | C] (Microsoft Corporation)
wuapi.dll -> C:\WINDOWS\System32\wuapi.dll -> [2010/03/04 14:35:07 | 000,431,616 | ---- | C] (Microsoft Corporation)
wuapi.dll -> C:\WINDOWS\System32\dllcache\wuapi.dll -> [2010/03/04 14:35:07 | 000,431,616 | ---- | C] (Microsoft Corporation)
wuaueng1.dll -> C:\WINDOWS\System32\wuaueng1.dll -> [2010/03/04 14:35:07 | 000,183,808 | ---- | C] (Microsoft Corporation)
wuaueng1.dll -> C:\WINDOWS\System32\dllcache\wuaueng1.dll -> [2010/03/04 14:35:07 | 000,183,808 | ---- | C] (Microsoft Corporation)
wuauclt1.exe -> C:\WINDOWS\System32\wuauclt1.exe -> [2010/03/04 14:35:07 | 000,167,936 | ---- | C] (Microsoft Corporation)
wuauclt1.exe -> C:\WINDOWS\System32\dllcache\wuauclt1.exe -> [2010/03/04 14:35:07 | 000,167,936 | ---- | C] (Microsoft Corporation)
wuaucpl.cpl -> C:\WINDOWS\System32\dllcache\wuaucpl.cpl -> [2010/03/04 14:35:07 | 000,162,816 | ---- | C] (Microsoft Corporation)
wuweb.dll -> C:\WINDOWS\System32\dllcache\wuweb.dll -> [2010/03/04 14:35:07 | 000,120,320 | ---- | C] (Microsoft Corporation)
wucltui.dll -> C:\WINDOWS\System32\wucltui.dll -> [2010/03/04 14:35:07 | 000,113,152 | ---- | C] (Microsoft Corporation)
wucltui.dll -> C:\WINDOWS\System32\dllcache\wucltui.dll -> [2010/03/04 14:35:07 | 000,113,152 | ---- | C] (Microsoft Corporation)
wuauclt.exe -> C:\WINDOWS\System32\dllcache\wuauclt.exe -> [2010/03/04 14:35:07 | 000,111,616 | ---- | C] (Microsoft Corporation)
wups.dll -> C:\WINDOWS\System32\wups.dll -> [2010/03/04 14:35:07 | 000,032,256 | ---- | C] (Microsoft Corporation)
wups.dll -> C:\WINDOWS\System32\dllcache\wups.dll -> [2010/03/04 14:35:07 | 000,032,256 | ---- | C] (Microsoft Corporation)
wuauserv.dll -> C:\WINDOWS\System32\dllcache\wuauserv.dll -> [2010/03/04 14:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation)
qmgr.dll -> C:\WINDOWS\System32\dllcache\qmgr.dll -> [2010/03/04 14:35:06 | 000,409,088 | ---- | C] (Microsoft Corporation)
qmgrprxy.dll -> C:\WINDOWS\System32\qmgrprxy.dll -> [2010/03/04 14:35:06 | 000,018,944 | ---- | C] (Microsoft Corporation)
qmgrprxy.dll -> C:\WINDOWS\System32\dllcache\qmgrprxy.dll -> [2010/03/04 14:35:06 | 000,018,944 | ---- | C] (Microsoft Corporation)
bitsprx2.dll -> C:\WINDOWS\System32\dllcache\bitsprx2.dll -> [2010/03/04 14:35:06 | 000,008,192 | ---- | C] (Microsoft Corporation)
bitsprx2.dll -> C:\WINDOWS\System32\bitsprx2.dll -> [2010/03/04 14:35:06 | 000,008,192 | ---- | C] (Microsoft Corporation)
bitsprx4.dll -> C:\WINDOWS\System32\dllcache\bitsprx4.dll -> [2010/03/04 14:35:06 | 000,007,168 | ---- | C] (Microsoft Corporation)
bitsprx4.dll -> C:\WINDOWS\System32\bitsprx4.dll -> [2010/03/04 14:35:06 | 000,007,168 | ---- | C] (Microsoft Corporation)
bitsprx3.dll -> C:\WINDOWS\System32\dllcache\bitsprx3.dll -> [2010/03/04 14:35:06 | 000,007,168 | ---- | C] (Microsoft Corporation)
bitsprx3.dll -> C:\WINDOWS\System32\bitsprx3.dll -> [2010/03/04 14:35:06 | 000,007,168 | ---- | C] (Microsoft Corporation)
wmm2res2.dll -> C:\WINDOWS\System32\dllcache\wmm2res2.dll -> [2010/03/04 14:35:05 | 000,005,632 | ---- | C] (Microsoft Corporation)
wmm2eres.dll -> C:\WINDOWS\System32\dllcache\wmm2eres.dll -> [2010/03/04 14:35:05 | 000,004,096 | ---- | C] (Microsoft Corporation)
wmm2res.dll -> C:\WINDOWS\System32\dllcache\wmm2res.dll -> [2010/03/04 14:35:04 | 004,274,176 | ---- | C] (Microsoft Corporation)
wmm2fxa.dll -> C:\WINDOWS\System32\dllcache\wmm2fxa.dll -> [2010/03/04 14:35:04 | 000,502,272 | ---- | C] (Microsoft Corporation)
wmm2filt.dll -> C:\WINDOWS\System32\dllcache\wmm2filt.dll -> [2010/03/04 14:35:04 | 000,402,432 | ---- | C] (Microsoft Corporation)
wmm2fxb.dll -> C:\WINDOWS\System32\dllcache\wmm2fxb.dll -> [2010/03/04 14:35:04 | 000,325,632 | ---- | C] (Microsoft Corporation)
wmm2ae.dll -> C:\WINDOWS\System32\dllcache\wmm2ae.dll -> [2010/03/04 14:35:04 | 000,167,936 | ---- | C] (Microsoft Corporation)
wmm2ext.dll -> C:\WINDOWS\System32\dllcache\wmm2ext.dll -> [2010/03/04 14:35:04 | 000,007,680 | ---- | C] (Microsoft Corporation)
moviemk.exe -> C:\WINDOWS\System32\dllcache\moviemk.exe -> [2010/03/04 14:35:03 | 003,558,912 | ---- | C] (Microsoft Corporation)
Movie Maker -> C:\Arquivos de programas\Movie Maker -> [2010/03/04 14:35:03 | 000,000,000 | ---D | C]
msobmain.dll -> C:\WINDOWS\System32\dllcache\msobmain.dll -> [2010/03/04 14:34:53 | 000,566,272 | ---- | C] (Microsoft Corporation)
msobcomm.dll -> C:\WINDOWS\System32\dllcache\msobcomm.dll -> [2010/03/04 14:34:53 | 000,122,368 | ---- | C] (Microsoft Corporation)
msobshel.dll -> C:\WINDOWS\System32\dllcache\msobshel.dll -> [2010/03/04 14:34:53 | 000,030,720 | ---- | C] (Microsoft Corporation)
msoobe.exe -> C:\WINDOWS\System32\dllcache\msoobe.exe -> [2010/03/04 14:34:53 | 000,029,184 | ---- | C] (Microsoft Corporation)
msobweb.dll -> C:\WINDOWS\System32\dllcache\msobweb.dll -> [2010/03/04 14:34:53 | 000,019,456 | ---- | C] (Microsoft Corporation)
msobdl.dll -> C:\WINDOWS\System32\dllcache\msobdl.dll -> [2010/03/04 14:34:53 | 000,016,384 | ---- | C] (Microsoft Corporation)
oobebaln.exe -> C:\WINDOWS\System32\dllcache\oobebaln.exe -> [2010/03/04 14:34:52 | 000,051,712 | ---- | C] (Microsoft Corporation)
uploadm.exe -> C:\WINDOWS\System32\dllcache\uploadm.exe -> [2010/03/04 14:34:50 | 000,151,040 | ---- | C] (Microsoft Corporation)
pchshell.dll -> C:\WINDOWS\System32\dllcache\pchshell.dll -> [2010/03/04 14:34:50 | 000,102,912 | ---- | C] (Microsoft Corporation)
safrslv.dll -> C:\WINDOWS\System32\safrslv.dll -> [2010/03/04 14:34:50 | 000,045,568 | ---- | C] (Microsoft Corporation)
safrslv.dll -> C:\WINDOWS\System32\dllcache\safrslv.dll -> [2010/03/04 14:34:50 | 000,045,568 | ---- | C] (Microsoft Corporation)
safrcdlg.dll -> C:\WINDOWS\System32\safrcdlg.dll -> [2010/03/04 14:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation)
safrcdlg.dll -> C:\WINDOWS\System32\dllcache\safrcdlg.dll -> [2010/03/04 14:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation)
racpldlg.dll -> C:\WINDOWS\System32\racpldlg.dll -> [2010/03/04 14:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation)
racpldlg.dll -> C:\WINDOWS\System32\dllcache\racpldlg.dll -> [2010/03/04 14:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation)
pchsvc.dll -> C:\WINDOWS\System32\dllcache\pchsvc.dll -> [2010/03/04 14:34:50 | 000,038,400 | ---- | C] (Microsoft Corporation)

cg150mt · 11/05/2010

Continuando .... o Log

safrdm.dll -> C:\WINDOWS\System32\safrdm.dll -> [2010/03/04 14:34:50 | 000,029,696 | ---- | C] (Microsoft Corporation)
safrdm.dll -> C:\WINDOWS\System32\dllcache\safrdm.dll -> [2010/03/04 14:34:50 | 000,029,696 | ---- | C] (Microsoft Corporation)
helpctr.exe -> C:\WINDOWS\System32\dllcache\helpctr.exe -> [2010/03/04 14:34:48 | 000,769,024 | ---- | C] (Microsoft Corporation)
helpsvc.exe -> C:\WINDOWS\System32\dllcache\helpsvc.exe -> [2010/03/04 14:34:48 | 000,744,448 | ---- | C] (Microsoft Corporation)
msconfig.exe -> C:\WINDOWS\System32\dllcache\msconfig.exe -> [2010/03/04 14:34:48 | 000,171,520 | ---- | C] (Microsoft Corporation)
hscupd.exe -> C:\WINDOWS\System32\dllcache\hscupd.exe -> [2010/03/04 14:34:48 | 000,018,432 | ---- | C] (Microsoft Corporation)
rstrui.exe -> C:\WINDOWS\System32\dllcache\rstrui.exe -> [2010/03/04 14:34:47 | 000,382,976 | ---- | C] (Microsoft Corporation)
srrstr.dll -> C:\WINDOWS\System32\srrstr.dll -> [2010/03/04 14:34:47 | 000,240,640 | ---- | C] (Microsoft Corporation)
srrstr.dll -> C:\WINDOWS\System32\dllcache\srrstr.dll -> [2010/03/04 14:34:47 | 000,240,640 | ---- | C] (Microsoft Corporation)
srsvc.dll -> C:\WINDOWS\System32\dllcache\srsvc.dll -> [2010/03/04 14:34:47 | 000,171,520 | ---- | C] (Microsoft Corporation)
fltmgr.sys -> C:\WINDOWS\System32\dllcache\fltmgr.sys -> [2010/03/04 14:34:47 | 000,129,792 | ---- | C] (Microsoft Corporation)
sr.sys -> C:\WINDOWS\System32\dllcache\sr.sys -> [2010/03/04 14:34:47 | 000,073,472 | ---- | C] (Microsoft Corporation)
srclient.dll -> C:\WINDOWS\System32\dllcache\srclient.dll -> [2010/03/04 14:34:47 | 000,067,584 | ---- | C] (Microsoft Corporation)
fltMc.exe -> C:\WINDOWS\System32\fltMc.exe -> [2010/03/04 14:34:47 | 000,023,040 | ---- | C] (Microsoft Corporation)
fltmc.exe -> C:\WINDOWS\System32\dllcache\fltmc.exe -> [2010/03/04 14:34:47 | 000,023,040 | ---- | C] (Microsoft Corporation)
fltlib.dll -> C:\WINDOWS\System32\dllcache\fltlib.dll -> [2010/03/04 14:34:47 | 000,016,896 | ---- | C] (Microsoft Corporation)
Restore -> C:\WINDOWS\System32\Restore -> [2010/03/04 14:34:47 | 000,000,000 | ---D | C]
nmas.dll -> C:\WINDOWS\System32\dllcache\nmas.dll -> [2010/03/04 14:34:46 | 000,229,376 | ---- | C] (Microsoft Corporation)
ils.dll -> C:\WINDOWS\System32\ils.dll -> [2010/03/04 14:34:46 | 000,081,920 | ---- | C] (Microsoft Corporation)
ils.dll -> C:\WINDOWS\System32\dllcache\ils.dll -> [2010/03/04 14:34:46 | 000,081,920 | ---- | C] (Microsoft Corporation)
msconf.dll -> C:\WINDOWS\System32\msconf.dll -> [2010/03/04 14:34:46 | 000,069,632 | ---- | C] (Microsoft Corporation)
msconf.dll -> C:\WINDOWS\System32\dllcache\msconf.dll -> [2010/03/04 14:34:46 | 000,069,632 | ---- | C] (Microsoft Corporation)
dcap32.dll -> C:\WINDOWS\System32\dllcache\dcap32.dll -> [2010/03/04 14:34:46 | 000,040,960 | ---- | C] (Microsoft Corporation)
mnmdd.dll -> C:\WINDOWS\System32\mnmdd.dll -> [2010/03/04 14:34:46 | 000,034,560 | ---- | C] (Microsoft Corporation)
mnmdd.dll -> C:\WINDOWS\System32\dllcache\mnmdd.dll -> [2010/03/04 14:34:46 | 000,034,560 | ---- | C] (Microsoft Corporation)
mnmsrvc.exe -> C:\WINDOWS\System32\dllcache\mnmsrvc.exe -> [2010/03/04 14:34:46 | 000,032,768 | ---- | C] (Microsoft Corporation)
isrdbg32.dll -> C:\WINDOWS\System32\isrdbg32.dll -> [2010/03/04 14:34:46 | 000,032,768 | ---- | C] (Intel Corporation)
isrdbg32.dll -> C:\WINDOWS\System32\dllcache\isrdbg32.dll -> [2010/03/04 14:34:46 | 000,032,768 | ---- | C] (Intel Corporation)
nmmkcert.dll -> C:\WINDOWS\System32\nmmkcert.dll -> [2010/03/04 14:34:46 | 000,028,672 | ---- | C] (Microsoft Corporation)
nmmkcert.dll -> C:\WINDOWS\System32\dllcache\nmmkcert.dll -> [2010/03/04 14:34:46 | 000,028,672 | ---- | C] (Microsoft Corporation)
nmasnt.dll -> C:\WINDOWS\System32\dllcache\nmasnt.dll -> [2010/03/04 14:34:46 | 000,028,672 | ---- | C] (Microsoft Corporation)
callcont.dll -> C:\WINDOWS\System32\dllcache\callcont.dll -> [2010/03/04 14:34:45 | 000,385,024 | ---- | C] (Microsoft Corporation)
mst120.dll -> C:\WINDOWS\System32\dllcache\mst120.dll -> [2010/03/04 14:34:45 | 000,274,432 | ---- | C] (Microsoft Corporation)
nac.dll -> C:\WINDOWS\System32\dllcache\nac.dll -> [2010/03/04 14:34:45 | 000,221,184 | ---- | C] (Microsoft Corporation)
nmcom.dll -> C:\WINDOWS\System32\dllcache\nmcom.dll -> [2010/03/04 14:34:45 | 000,077,824 | ---- | C] (Microsoft Corporation)
rrcm.dll -> C:\WINDOWS\System32\dllcache\rrcm.dll -> [2010/03/04 14:34:45 | 000,061,440 | ---- | C] (Microsoft Corporation)
mst123.dll -> C:\WINDOWS\System32\dllcache\mst123.dll -> [2010/03/04 14:34:45 | 000,057,344 | ---- | C] (Microsoft Corporation)
h323cc.dll -> C:\WINDOWS\System32\dllcache\h323cc.dll -> [2010/03/04 14:34:45 | 000,057,344 | ---- | C] (Microsoft Corporation)
confmrsl.dll -> C:\WINDOWS\System32\dllcache\confmrsl.dll -> [2010/03/04 14:34:45 | 000,045,056 | ---- | C] (Microsoft Corporation)
conf.exe -> C:\WINDOWS\System32\dllcache\conf.exe -> [2010/03/04 14:34:44 | 001,040,384 | ---- | C] (Microsoft Corporation)
msoeacct.dll -> C:\WINDOWS\System32\msoeacct.dll -> [2010/03/04 14:34:44 | 000,252,928 | ---- | C] (Microsoft Corporation)
msoeacct.dll -> C:\WINDOWS\System32\dllcache\msoeacct.dll -> [2010/03/04 14:34:44 | 000,252,928 | ---- | C] (Microsoft Corporation)
nmwb.dll -> C:\WINDOWS\System32\dllcache\nmwb.dll -> [2010/03/04 14:34:44 | 000,192,512 | ---- | C] (Microsoft Corporation)
nmoldwb.dll -> C:\WINDOWS\System32\dllcache\nmoldwb.dll -> [2010/03/04 14:34:44 | 000,172,032 | ---- | C] (Microsoft Corporation)
nmft.dll -> C:\WINDOWS\System32\dllcache\nmft.dll -> [2010/03/04 14:34:44 | 000,155,648 | ---- | C] (Microsoft Corporation)
msoert2.dll -> C:\WINDOWS\System32\msoert2.dll -> [2010/03/04 14:34:44 | 000,105,984 | ---- | C] (Microsoft Corporation)
msoert2.dll -> C:\WINDOWS\System32\dllcache\msoert2.dll -> [2010/03/04 14:34:44 | 000,105,984 | ---- | C] (Microsoft Corporation)
wabimp.dll -> C:\WINDOWS\System32\dllcache\wabimp.dll -> [2010/03/04 14:34:44 | 000,085,504 | ---- | C] (Microsoft Corporation)
nmchat.dll -> C:\WINDOWS\System32\dllcache\nmchat.dll -> [2010/03/04 14:34:44 | 000,081,920 | ---- | C] (Microsoft Corporation)
wab.exe -> C:\WINDOWS\System32\dllcache\wab.exe -> [2010/03/04 14:34:44 | 000,046,080 | ---- | C] (Microsoft Corporation)
wabfind.dll -> C:\WINDOWS\System32\dllcache\wabfind.dll -> [2010/03/04 14:34:44 | 000,032,768 | ---- | C] (Microsoft Corporation)
wabmig.exe -> C:\WINDOWS\System32\dllcache\wabmig.exe -> [2010/03/04 14:34:44 | 000,030,208 | ---- | C] (Microsoft Corporation)
NetMeeting -> C:\Arquivos de programas\NetMeeting -> [2010/03/04 14:34:44 | 000,000,000 | ---D | C]
inetcomm.dll -> C:\WINDOWS\System32\dllcache\inetcomm.dll -> [2010/03/04 14:34:43 | 000,691,712 | ---- | C] (Microsoft Corporation)
wab32.dll -> C:\WINDOWS\System32\dllcache\wab32.dll -> [2010/03/04 14:34:43 | 000,510,976 | ---- | C] (Microsoft Corporation)
wab32res.dll -> C:\WINDOWS\System32\dllcache\wab32res.dll -> [2010/03/04 14:34:43 | 000,260,608 | ---- | C] (Microsoft Corporation)
oeimport.dll -> C:\WINDOWS\System32\dllcache\oeimport.dll -> [2010/03/04 14:34:43 | 000,104,448 | ---- | C] (Microsoft Corporation)
directdb.dll -> C:\WINDOWS\System32\dllcache\directdb.dll -> [2010/03/04 14:34:43 | 000,086,528 | ---- | C] (Microsoft Corporation)
msimn.exe -> C:\WINDOWS\System32\dllcache\msimn.exe -> [2010/03/04 14:34:43 | 000,060,416 | ---- | C] (Microsoft Corporation)
inetres.dll -> C:\WINDOWS\System32\inetres.dll -> [2010/03/04 14:34:43 | 000,049,664 | ---- | C] (Microsoft Corporation)
inetres.dll -> C:\WINDOWS\System32\dllcache\inetres.dll -> [2010/03/04 14:34:43 | 000,049,664 | ---- | C] (Microsoft Corporation)
msoeres.dll -> C:\WINDOWS\System32\dllcache\msoeres.dll -> [2010/03/04 14:34:42 | 002,512,896 | ---- | C] (Microsoft Corporation)
oemig50.exe -> C:\WINDOWS\System32\dllcache\oemig50.exe -> [2010/03/04 14:34:42 | 000,060,928 | ---- | C] (Microsoft Corporation)
oemiglib.dll -> C:\WINDOWS\System32\dllcache\oemiglib.dll -> [2010/03/04 14:34:42 | 000,035,328 | ---- | C] (Microsoft Corporation)
mstask.dll -> C:\WINDOWS\System32\dllcache\mstask.dll -> [2010/03/04 14:34:41 | 000,278,528 | ---- | C] (Microsoft Corporation)
inetcfg.dll -> C:\WINDOWS\System32\inetcfg.dll -> [2010/03/04 14:34:41 | 000,278,528 | ---- | C] (Microsoft Corporation)
inetcfg.dll -> C:\WINDOWS\System32\dllcache\inetcfg.dll -> [2010/03/04 14:34:41 | 000,278,528 | ---- | C] (Microsoft Corporation)
schedsvc.dll -> C:\WINDOWS\System32\dllcache\schedsvc.dll -> [2010/03/04 14:34:41 | 000,193,536 | ---- | C] (Microsoft Corporation)
isign32.dll -> C:\WINDOWS\System32\isign32.dll -> [2010/03/04 14:34:41 | 000,086,016 | ---- | C] (Microsoft Corporation)
isign32.dll -> C:\WINDOWS\System32\dllcache\isign32.dll -> [2010/03/04 14:34:41 | 000,086,016 | ---- | C] (Microsoft Corporation)
setup50.exe -> C:\WINDOWS\System32\dllcache\setup50.exe -> [2010/03/04 14:34:41 | 000,073,728 | ---- | C] (Microsoft Corporation)
icwdial.dll -> C:\WINDOWS\System32\icwdial.dll -> [2010/03/04 14:34:41 | 000,073,728 | ---- | C] (Microsoft Corporation)
icwdial.dll -> C:\WINDOWS\System32\dllcache\icwdial.dll -> [2010/03/04 14:34:41 | 000,073,728 | ---- | C] (Microsoft Corporation)
icwphbk.dll -> C:\WINDOWS\System32\icwphbk.dll -> [2010/03/04 14:34:41 | 000,065,536 | ---- | C] (Microsoft Corporation)
icwphbk.dll -> C:\WINDOWS\System32\dllcache\icwphbk.dll -> [2010/03/04 14:34:41 | 000,065,536 | ---- | C] (Microsoft Corporation)
mstinit.exe -> C:\WINDOWS\System32\mstinit.exe -> [2010/03/04 14:34:41 | 000,012,288 | ---- | C] (Microsoft Corporation)
mstinit.exe -> C:\WINDOWS\System32\dllcache\mstinit.exe -> [2010/03/04 14:34:41 | 000,012,288 | ---- | C] (Microsoft Corporation)
Outlook Express -> C:\Arquivos de programas\Outlook Express -> [2010/03/04 14:34:41 | 000,000,000 | ---D | C]
icwconn1.exe -> C:\WINDOWS\System32\dllcache\icwconn1.exe -> [2010/03/04 14:34:40 | 000,217,600 | ---- | C] (Microsoft Corporation)
icwhelp.dll -> C:\WINDOWS\System32\dllcache\icwhelp.dll -> [2010/03/04 14:34:40 | 000,176,128 | ---- | C] (Microsoft Corporation)
icwconn2.exe -> C:\WINDOWS\System32\dllcache\icwconn2.exe -> [2010/03/04 14:34:40 | 000,086,016 | ---- | C] (Microsoft Corporation)
icwconn.dll -> C:\WINDOWS\System32\dllcache\icwconn.dll -> [2010/03/04 14:34:40 | 000,061,440 | ---- | C] (Microsoft Corporation)
icwutil.dll -> C:\WINDOWS\System32\dllcache\icwutil.dll -> [2010/03/04 14:34:40 | 000,049,152 | ---- | C] (Microsoft Corporation)
icwdl.dll -> C:\WINDOWS\System32\dllcache\icwdl.dll -> [2010/03/04 14:34:40 | 000,032,768 | ---- | C] (Microsoft Corporation)
icwrmind.exe -> C:\WINDOWS\System32\dllcache\icwrmind.exe -> [2010/03/04 14:34:40 | 000,024,576 | ---- | C] (Microsoft Corporation)
inetwiz.exe -> C:\WINDOWS\System32\dllcache\inetwiz.exe -> [2010/03/04 14:34:40 | 000,020,480 | ---- | C] (Microsoft Corporation)
dao360.dll -> C:\WINDOWS\System32\dllcache\dao360.dll -> [2010/03/04 14:34:39 | 000,554,008 | ---- | C] (Microsoft Corporation)
oledb32.dll -> C:\WINDOWS\System32\dllcache\oledb32.dll -> [2010/03/04 14:34:39 | 000,487,424 | ---- | C] (Microsoft Corporation)
sqlxmlx.dll -> C:\WINDOWS\System32\dllcache\sqlxmlx.dll -> [2010/03/04 14:34:39 | 000,217,088 | ---- | C] (Microsoft Corporation)
msdaps.dll -> C:\WINDOWS\System32\dllcache\msdaps.dll -> [2010/03/04 14:34:39 | 000,204,800 | ---- | C] (Microsoft Corporation)
msdatl3.dll -> C:\WINDOWS\System32\dllcache\msdatl3.dll -> [2010/03/04 14:34:39 | 000,094,208 | ---- | C] (Microsoft Corporation)
msdaosp.dll -> C:\WINDOWS\System32\dllcache\msdaosp.dll -> [2010/03/04 14:34:39 | 000,077,824 | ---- | C] (Microsoft Corporation)
oledb32r.dll -> C:\WINDOWS\System32\dllcache\oledb32r.dll -> [2010/03/04 14:34:39 | 000,069,632 | ---- | C] (Microsoft Corporation)
msado15.dll -> C:\WINDOWS\System32\dllcache\msado15.dll -> [2010/03/04 14:34:38 | 000,536,576 | ---- | C] (Microsoft Corporation)
msdasql.dll -> C:\WINDOWS\System32\dllcache\msdasql.dll -> [2010/03/04 14:34:38 | 000,315,392 | ---- | C] (Microsoft Corporation)
msdaora.dll -> C:\WINDOWS\System32\dllcache\msdaora.dll -> [2010/03/04 14:34:38 | 000,233,472 | ---- | C] (Microsoft Corporation)
msadox.dll -> C:\WINDOWS\System32\dllcache\msadox.dll -> [2010/03/04 14:34:38 | 000,200,704 | ---- | C] (Microsoft Corporation)
msadomd.dll -> C:\WINDOWS\System32\dllcache\msadomd.dll -> [2010/03/04 14:34:38 | 000,180,224 | ---- | C] (Microsoft Corporation)
msjro.dll -> C:\WINDOWS\System32\dllcache\msjro.dll -> [2010/03/04 14:34:38 | 000,102,400 | ---- | C] (Microsoft Corporation)
msado27.tlb -> C:\WINDOWS\System32\dllcache\msado27.tlb -> [2010/03/04 14:34:38 | 000,081,920 | ---- | C] (Microsoft Corporation)
msado26.tlb -> C:\WINDOWS\System32\dllcache\msado26.tlb -> [2010/03/04 14:34:38 | 000,081,920 | ---- | C] (Microsoft Corporation)
msado25.tlb -> C:\WINDOWS\System32\dllcache\msado25.tlb -> [2010/03/04 14:34:38 | 000,081,920 | ---- | C] (Microsoft Corporation)
msado21.tlb -> C:\WINDOWS\System32\dllcache\msado21.tlb -> [2010/03/04 14:34:38 | 000,061,440 | ---- | C] (Microsoft Corporation)
msado20.tlb -> C:\WINDOWS\System32\dllcache\msado20.tlb -> [2010/03/04 14:34:38 | 000,061,440 | ---- | C] (Microsoft Corporation)
msadrh15.dll -> C:\WINDOWS\System32\dllcache\msadrh15.dll -> [2010/03/04 14:34:38 | 000,057,344 | ---- | C] (Microsoft Corporation)
msador15.dll -> C:\WINDOWS\System32\dllcache\msador15.dll -> [2010/03/04 14:34:38 | 000,057,344 | ---- | C] (Microsoft Corporation)
msader15.dll -> C:\WINDOWS\System32\dllcache\msader15.dll -> [2010/03/04 14:34:38 | 000,028,672 | ---- | C] (Microsoft Corporation)
msxactps.dll -> C:\WINDOWS\System32\dllcache\msxactps.dll -> [2010/03/04 14:34:38 | 000,024,576 | ---- | C] (Microsoft Corporation)
msdatt.dll -> C:\WINDOWS\System32\dllcache\msdatt.dll -> [2010/03/04 14:34:38 | 000,020,480 | ---- | C] (Microsoft Corporation)
msdaorar.dll -> C:\WINDOWS\System32\dllcache\msdaorar.dll -> [2010/03/04 14:34:38 | 000,020,480 | ---- | C] (Microsoft Corporation)
msdasqlr.dll -> C:\WINDOWS\System32\dllcache\msdasqlr.dll -> [2010/03/04 14:34:38 | 000,016,384 | ---- | C] (Microsoft Corporation)
msdaurl.dll -> C:\WINDOWS\System32\dllcache\msdaurl.dll -> [2010/03/04 14:34:38 | 000,004,096 | ---- | C] (Microsoft Corporation)
msdasc.dll -> C:\WINDOWS\System32\dllcache\msdasc.dll -> [2010/03/04 14:34:38 | 000,004,096 | ---- | C] (Microsoft Corporation)
msdaer.dll -> C:\WINDOWS\System32\dllcache\msdaer.dll -> [2010/03/04 14:34:38 | 000,004,096 | ---- | C] (Microsoft Corporation)
msdaenum.dll -> C:\WINDOWS\System32\dllcache\msdaenum.dll -> [2010/03/04 14:34:38 | 000,004,096 | ---- | C] (Microsoft Corporation)
msdadc.dll -> C:\WINDOWS\System32\dllcache\msdadc.dll -> [2010/03/04 14:34:38 | 000,004,096 | ---- | C] (Microsoft Corporation)
msadce.dll -> C:\WINDOWS\System32\dllcache\msadce.dll -> [2010/03/04 14:34:37 | 000,331,776 | ---- | C] (Microsoft Corporation)
msdaprst.dll -> C:\WINDOWS\System32\dllcache\msdaprst.dll -> [2010/03/04 14:34:37 | 000,200,704 | ---- | C] (Microsoft Corporation)
msadds.dll -> C:\WINDOWS\System32\dllcache\msadds.dll -> [2010/03/04 14:34:37 | 000,155,648 | ---- | C] (Microsoft Corporation)
msadco.dll -> C:\WINDOWS\System32\dllcache\msadco.dll -> [2010/03/04 14:34:37 | 000,143,360 | ---- | C] (Microsoft Corporation)
msdarem.dll -> C:\WINDOWS\System32\dllcache\msdarem.dll -> [2010/03/04 14:34:37 | 000,118,784 | ---- | C] (Microsoft Corporation)
msadcf.dll -> C:\WINDOWS\System32\dllcache\msadcf.dll -> [2010/03/04 14:34:37 | 000,061,440 | ---- | C] (Microsoft Corporation)
msadcs.dll -> C:\WINDOWS\System32\dllcache\msadcs.dll -> [2010/03/04 14:34:37 | 000,053,248 | ---- | C] (Microsoft Corporation)
msdfmap.dll -> C:\WINDOWS\System32\dllcache\msdfmap.dll -> [2010/03/04 14:34:37 | 000,036,864 | ---- | C] (Microsoft Corporation)
msaddsr.dll -> C:\WINDOWS\System32\dllcache\msaddsr.dll -> [2010/03/04 14:34:37 | 000,024,576 | ---- | C] (Microsoft Corporation)
msadcer.dll -> C:\WINDOWS\System32\dllcache\msadcer.dll -> [2010/03/04 14:34:37 | 000,020,480 | ---- | C] (Microsoft Corporation)
msdaremr.dll -> C:\WINDOWS\System32\dllcache\msdaremr.dll -> [2010/03/04 14:34:37 | 000,016,384 | ---- | C] (Microsoft Corporation)
msdaprsr.dll -> C:\WINDOWS\System32\dllcache\msdaprsr.dll -> [2010/03/04 14:34:37 | 000,016,384 | ---- | C] (Microsoft Corporation)
msadcor.dll -> C:\WINDOWS\System32\dllcache\msadcor.dll -> [2010/03/04 14:34:37 | 000,016,384 | ---- | C] (Microsoft Corporation)
msadcfr.dll -> C:\WINDOWS\System32\dllcache\msadcfr.dll -> [2010/03/04 14:34:37 | 000,016,384 | ---- | C] (Microsoft Corporation)
System -> C:\Arquivos de programas\Arquivos comuns\System -> [2010/03/04 14:34:37 | 000,000,000 | ---D | C]
iexplore.exe -> C:\WINDOWS\System32\dllcache\iexplore.exe -> [2010/03/04 14:34:36 | 000,638,816 | ---- | C] (Microsoft Corporation)
hmmapi.dll -> C:\WINDOWS\System32\dllcache\hmmapi.dll -> [2010/03/04 14:34:36 | 000,068,608 | ---- | C] (Microsoft Corporation)
iedw.exe -> C:\WINDOWS\System32\dllcache\iedw.exe -> [2010/03/04 14:34:36 | 000,018,432 | ---- | C] (Microsoft Corporation)
Internet Explorer -> C:\Arquivos de programas\Internet Explorer -> [2010/03/04 14:34:33 | 000,000,000 | ---D | C]
Minhas imagens -> C:\Documents and Settings\All Users\Documentos\Minhas imagens -> [2010/03/04 14:34:32 | 000,000,000 | R--D | C]
ComPlus Applications -> C:\Arquivos de programas\ComPlus Applications -> [2010/03/04 14:33:48 | 000,000,000 | ---D | C]
Registration -> C:\WINDOWS\Registration -> [2010/03/04 14:33:40 | 000,000,000 | ---D | C]
Minhas músicas -> C:\Documents and Settings\All Users\Documentos\Minhas músicas -> [2010/03/04 14:33:31 | 000,000,000 | R--D | C]
Windows Media Player -> C:\Arquivos de programas\Windows Media Player -> [2010/03/04 14:33:31 | 000,000,000 | ---D | C]
Messenger -> C:\Arquivos de programas\Messenger -> [2010/03/04 14:33:24 | 000,000,000 | ---D | C]
bckgres.dll -> C:\WINDOWS\System32\dllcache\bckgres.dll -> [2010/03/04 14:33:23 | 001,817,687 | ---- | C] (Microsoft Corporation)
chkrres.dll -> C:\WINDOWS\System32\dllcache\chkrres.dll -> [2010/03/04 14:33:23 | 000,781,397 | ---- | C] (Microsoft Corporation)
rvseres.dll -> C:\WINDOWS\System32\dllcache\rvseres.dll -> [2010/03/04 14:33:23 | 000,753,236 | ---- | C] (Microsoft Corporation)
bckg.dll -> C:\WINDOWS\System32\dllcache\bckg.dll -> [2010/03/04 14:33:23 | 000,082,501 | ---- | C] (Microsoft Corporation)
rvse.dll -> C:\WINDOWS\System32\dllcache\rvse.dll -> [2010/03/04 14:33:23 | 000,048,706 | ---- | C] (Microsoft Corporation)
bckgzm.exe -> C:\WINDOWS\System32\dllcache\bckgzm.exe -> [2010/03/04 14:33:23 | 000,042,577 | ---- | C] (Microsoft Corporation)
chkrzm.exe -> C:\WINDOWS\System32\dllcache\chkrzm.exe -> [2010/03/04 14:33:23 | 000,042,575 | ---- | C] (Microsoft Corporation)
rvsezm.exe -> C:\WINDOWS\System32\dllcache\rvsezm.exe -> [2010/03/04 14:33:23 | 000,042,574 | ---- | C] (Microsoft Corporation)
shvlres.dll -> C:\WINDOWS\System32\dllcache\shvlres.dll -> [2010/03/04 14:33:22 | 002,178,131 | ---- | C] (Microsoft Corporation)
hrtzres.dll -> C:\WINDOWS\System32\dllcache\hrtzres.dll -> [2010/03/04 14:33:22 | 001,175,635 | ---- | C] (Microsoft Corporation)
shvl.dll -> C:\WINDOWS\System32\dllcache\shvl.dll -> [2010/03/04 14:33:22 | 000,066,113 | ---- | C] (Microsoft Corporation)
hrtz.dll -> C:\WINDOWS\System32\dllcache\hrtz.dll -> [2010/03/04 14:33:22 | 000,057,409 | ---- | C] (Microsoft Corporation)
shvlzm.exe -> C:\WINDOWS\System32\dllcache\shvlzm.exe -> [2010/03/04 14:33:22 | 000,042,573 | ---- | C] (Microsoft Corporation)
hrtzzm.exe -> C:\WINDOWS\System32\dllcache\hrtzzm.exe -> [2010/03/04 14:33:22 | 000,042,573 | ---- | C] (Microsoft Corporation)
zcorem.dll -> C:\WINDOWS\System32\dllcache\zcorem.dll -> [2010/03/04 14:33:22 | 000,041,029 | ---- | C] (Microsoft Corporation)
chkr.dll -> C:\WINDOWS\System32\dllcache\chkr.dll -> [2010/03/04 14:33:22 | 000,040,515 | ---- | C] (Microsoft Corporation)
uniansi.dll -> C:\WINDOWS\System32\dllcache\uniansi.dll -> [2010/03/04 14:33:22 | 000,032,339 | ---- | C] (Microsoft Corporation)
zonelibm.dll -> C:\WINDOWS\System32\dllcache\zonelibm.dll -> [2010/03/04 14:33:22 | 000,013,894 | ---- | C] (Microsoft Corporation)
zeeverm.dll -> C:\WINDOWS\System32\dllcache\zeeverm.dll -> [2010/03/04 14:33:22 | 000,004,677 | ---- | C] (Microsoft Corporation)
cmnresm.dll -> C:\WINDOWS\System32\dllcache\cmnresm.dll -> [2010/03/04 14:33:21 | 001,042,003 | ---- | C] (Microsoft Corporation)
cmnclim.dll -> C:\WINDOWS\System32\dllcache\cmnclim.dll -> [2010/03/04 14:33:21 | 000,217,160 | ---- | C] (Microsoft Corporation)
zoneclim.dll -> C:\WINDOWS\System32\dllcache\zoneclim.dll -> [2010/03/04 14:33:21 | 000,113,222 | ---- | C] (Microsoft Corporation)
zclientm.exe -> C:\WINDOWS\System32\dllcache\zclientm.exe -> [2010/03/04 14:33:21 | 000,036,937 | ---- | C] (Microsoft Corporation)
znetm.dll -> C:\WINDOWS\System32\dllcache\znetm.dll -> [2010/03/04 14:33:21 | 000,029,760 | ---- | C] (Microsoft Corporation)
write.exe -> C:\WINDOWS\System32\write.exe -> [2010/03/04 14:33:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
write.exe -> C:\WINDOWS\System32\dllcache\write.exe -> [2010/03/04 14:33:21 | 000,005,632 | ---- | C] (Microsoft Corporation)
MSN Gaming Zone -> C:\Arquivos de programas\MSN Gaming Zone -> [2010/03/04 14:33:21 | 000,000,000 | ---D | C]
avtapi.dll -> C:\WINDOWS\System32\dllcache\avtapi.dll -> [2010/03/04 14:33:14 | 000,231,424 | ---- | C] (Microsoft Corporation)
avtapi.dll -> C:\WINDOWS\System32\avtapi.dll -> [2010/03/04 14:33:14 | 000,231,424 | ---- | C] (Microsoft Corporation)
sndvol32.exe -> C:\WINDOWS\System32\sndvol32.exe -> [2010/03/04 14:33:14 | 000,139,264 | ---- | C] (Microsoft Corporation)
sndvol32.exe -> C:\WINDOWS\System32\dllcache\sndvol32.exe -> [2010/03/04 14:33:14 | 000,139,264 | ---- | C] (Microsoft Corporation)
avwav.dll -> C:\WINDOWS\System32\dllcache\avwav.dll -> [2010/03/04 14:33:14 | 000,073,216 | ---- | C] (Microsoft Corporation)
avwav.dll -> C:\WINDOWS\System32\avwav.dll -> [2010/03/04 14:33:14 | 000,073,216 | ---- | C] (Microsoft Corporation)
hticons.dll -> C:\WINDOWS\System32\hticons.dll -> [2010/03/04 14:33:14 | 000,044,544 | ---- | C] (Hilgraeve, Inc.)
winchat.exe -> C:\WINDOWS\System32\winchat.exe -> [2010/03/04 14:33:14 | 000,035,328 | ---- | C] (Microsoft Corporation)
winchat.exe -> C:\WINDOWS\System32\dllcache\winchat.exe -> [2010/03/04 14:33:14 | 000,035,328 | ---- | C] (Microsoft Corporation)
avmeter.dll -> C:\WINDOWS\System32\dllcache\avmeter.dll -> [2010/03/04 14:33:14 | 000,016,384 | ---- | C] (Microsoft Corporation)
avmeter.dll -> C:\WINDOWS\System32\avmeter.dll -> [2010/03/04 14:33:14 | 000,016,384 | ---- | C] (Microsoft Corporation)
htrn_jis.dll -> C:\WINDOWS\System32\dllcache\htrn_jis.dll -> [2010/03/04 14:33:14 | 000,013,312 | ---- | C] (Hilgraeve, Inc.)
getuname.dll -> C:\WINDOWS\System32\getuname.dll -> [2010/03/04 14:33:09 | 000,640,512 | ---- | C] (Microsoft Corporation)
getuname.dll -> C:\WINDOWS\System32\dllcache\getuname.dll -> [2010/03/04 14:33:09 | 000,640,512 | ---- | C] (Microsoft Corporation)
calc.exe -> C:\WINDOWS\System32\dllcache\calc.exe -> [2010/03/04 14:33:09 | 000,115,200 | ---- | C] (Microsoft Corporation)
calc.exe -> C:\WINDOWS\System32\calc.exe -> [2010/03/04 14:33:09 | 000,115,200 | ---- | C] (Microsoft Corporation)
charmap.exe -> C:\WINDOWS\System32\dllcache\charmap.exe -> [2010/03/04 14:33:09 | 000,080,896 | ---- | C] (Microsoft Corporation)
charmap.exe -> C:\WINDOWS\System32\charmap.exe -> [2010/03/04 14:33:09 | 000,080,896 | ---- | C] (Microsoft Corporation)
mshearts.exe -> C:\WINDOWS\System32\mshearts.exe -> [2010/03/04 14:33:08 | 000,128,000 | ---- | C] (Microsoft Corporation)
mshearts.exe -> C:\WINDOWS\System32\dllcache\mshearts.exe -> [2010/03/04 14:33:08 | 000,128,000 | ---- | C] (Microsoft Corporation)
winmine.exe -> C:\WINDOWS\System32\winmine.exe -> [2010/03/04 14:33:08 | 000,119,808 | ---- | C] (Microsoft Corporation)
winmine.exe -> C:\WINDOWS\System32\dllcache\winmine.exe -> [2010/03/04 14:33:08 | 000,119,808 | ---- | C] (Microsoft Corporation)
sol.exe -> C:\WINDOWS\System32\sol.exe -> [2010/03/04 14:33:08 | 000,057,344 | ---- | C] (Microsoft Corporation)
sol.exe -> C:\WINDOWS\System32\dllcache\sol.exe -> [2010/03/04 14:33:08 | 000,057,344 | ---- | C] (Microsoft Corporation)
freecell.exe -> C:\WINDOWS\System32\freecell.exe -> [2010/03/04 14:33:08 | 000,055,808 | ---- | C] (Microsoft Corporation)
freecell.exe -> C:\WINDOWS\System32\dllcache\freecell.exe -> [2010/03/04 14:33:08 | 000,055,808 | ---- | C] (Microsoft Corporation)
tsshutdn.exe -> C:\WINDOWS\System32\tsshutdn.exe -> [2010/03/04 14:33:08 | 000,017,408 | ---- | C] (Microsoft Corporation)
tsshutdn.exe -> C:\WINDOWS\System32\dllcache\tsshutdn.exe -> [2010/03/04 14:33:08 | 000,017,408 | ---- | C] (Microsoft Corporation)
tskill.exe -> C:\WINDOWS\System32\tskill.exe -> [2010/03/04 14:33:08 | 000,016,384 | ---- | C] (Microsoft Corporation)
tskill.exe -> C:\WINDOWS\System32\dllcache\tskill.exe -> [2010/03/04 14:33:08 | 000,016,384 | ---- | C] (Microsoft Corporation)
tsdiscon.exe -> C:\WINDOWS\System32\tsdiscon.exe -> [2010/03/04 14:33:08 | 000,015,360 | ---- | C] (Microsoft Corporation)
tsdiscon.exe -> C:\WINDOWS\System32\dllcache\tsdiscon.exe -> [2010/03/04 14:33:08 | 000,015,360 | ---- | C] (Microsoft Corporation)
tscon.exe -> C:\WINDOWS\System32\tscon.exe -> [2010/03/04 14:33:08 | 000,015,360 | ---- | C] (Microsoft Corporation)
tscon.exe -> C:\WINDOWS\System32\dllcache\tscon.exe -> [2010/03/04 14:33:08 | 000,015,360 | ---- | C] (Microsoft Corporation)
reset.exe -> C:\WINDOWS\System32\reset.exe -> [2010/03/04 14:33:08 | 000,009,728 | ---- | C] (Microsoft Corporation)
reset.exe -> C:\WINDOWS\System32\dllcache\reset.exe -> [2010/03/04 14:33:08 | 000,009,728 | ---- | C] (Microsoft Corporation)
regini.exe -> C:\WINDOWS\System32\regini.exe -> [2010/03/04 14:33:07 | 000,033,792 | ---- | C] (Microsoft Corporation)
regini.exe -> C:\WINDOWS\System32\dllcache\regini.exe -> [2010/03/04 14:33:07 | 000,033,792 | ---- | C] (Microsoft Corporation)
qwinsta.exe -> C:\WINDOWS\System32\qwinsta.exe -> [2010/03/04 14:33:07 | 000,022,528 | ---- | C] (Microsoft Corporation)
qwinsta.exe -> C:\WINDOWS\System32\dllcache\qwinsta.exe -> [2010/03/04 14:33:07 | 000,022,528 | ---- | C] (Microsoft Corporation)
msg.exe -> C:\WINDOWS\System32\msg.exe -> [2010/03/04 14:33:07 | 000,022,016 | ---- | C] (Microsoft Corporation)
msg.exe -> C:\WINDOWS\System32\dllcache\msg.exe -> [2010/03/04 14:33:07 | 000,022,016 | ---- | C] (Microsoft Corporation)
mtsadmin.tlb -> C:\WINDOWS\System32\dllcache\mtsadmin.tlb -> [2010/03/04 14:33:07 | 000,019,456 | ---- | C] (Microsoft Corporation)
qappsrv.exe -> C:\WINDOWS\System32\qappsrv.exe -> [2010/03/04 14:33:07 | 000,017,408 | ---- | C] (Microsoft Corporation)
qappsrv.exe -> C:\WINDOWS\System32\dllcache\qappsrv.exe -> [2010/03/04 14:33:07 | 000,017,408 | ---- | C] (Microsoft Corporation)
rwinsta.exe -> C:\WINDOWS\System32\rwinsta.exe -> [2010/03/04 14:33:07 | 000,016,384 | ---- | C] (Microsoft Corporation)
rwinsta.exe -> C:\WINDOWS\System32\dllcache\rwinsta.exe -> [2010/03/04 14:33:07 | 000,016,384 | ---- | C] (Microsoft Corporation)
logoff.exe -> C:\WINDOWS\System32\logoff.exe -> [2010/03/04 14:33:07 | 000,015,872 | ---- | C] (Microsoft Corporation)
logoff.exe -> C:\WINDOWS\System32\dllcache\logoff.exe -> [2010/03/04 14:33:07 | 000,015,872 | ---- | C] (Microsoft Corporation)
cdmodem.dll -> C:\WINDOWS\System32\dllcache\cdmodem.dll -> [2010/03/04 14:33:07 | 000,015,872 | ---- | C] (Microsoft Corporation)
cdmodem.dll -> C:\WINDOWS\System32\cdmodem.dll -> [2010/03/04 14:33:07 | 000,015,872 | ---- | C] (Microsoft Corporation)
shadow.exe -> C:\WINDOWS\System32\shadow.exe -> [2010/03/04 14:33:07 | 000,015,360 | ---- | C] (Microsoft Corporation)
shadow.exe -> C:\WINDOWS\System32\dllcache\shadow.exe -> [2010/03/04 14:33:07 | 000,015,360 | ---- | C] (Microsoft Corporation)
rdpcfgex.dll -> C:\WINDOWS\System32\rdpcfgex.dll -> [2010/03/04 14:33:07 | 000,004,608 | ---- | C] (Microsoft Corporation)
rdpcfgex.dll -> C:\WINDOWS\System32\dllcache\rdpcfgex.dll -> [2010/03/04 14:33:07 | 000,004,608 | ---- | C] (Microsoft Corporation)

cg150mt · 11/05/2010

Continuando.... O log

wmi2xml.dll -> C:\WINDOWS\System32\dllcache\wmi2xml.dll -> [2010/03/04 14:33:06 | 000,045,568 | ---- | C] (Microsoft Corporation)
updprov.dll -> C:\WINDOWS\System32\dllcache\updprov.dll -> [2010/03/04 14:33:04 | 000,116,224 | ---- | C] (Microsoft Corporation)
wmipicmp.dll -> C:\WINDOWS\System32\dllcache\wmipicmp.dll -> [2010/03/04 14:33:04 | 000,076,800 | ---- | C] (Microsoft Corporation)
tmplprov.dll -> C:\WINDOWS\System32\dllcache\tmplprov.dll -> [2010/03/04 14:33:04 | 000,061,952 | ---- | C] (Microsoft Corporation)
wmimsg.dll -> C:\WINDOWS\System32\dllcache\wmimsg.dll -> [2010/03/04 14:33:04 | 000,061,440 | ---- | C] (Microsoft Corporation)
wbemdisp.tlb -> C:\WINDOWS\System32\dllcache\wbemdisp.tlb -> [2010/03/04 14:33:04 | 000,059,904 | ---- | C] (Microsoft Corporation)
trnsprov.dll -> C:\WINDOWS\System32\dllcache\trnsprov.dll -> [2010/03/04 14:33:04 | 000,059,904 | ---- | C] (Microsoft Corporation)
wmitimep.dll -> C:\WINDOWS\System32\dllcache\wmitimep.dll -> [2010/03/04 14:33:04 | 000,052,224 | ---- | C] (Microsoft Corporation)
smtpcons.dll -> C:\WINDOWS\System32\dllcache\smtpcons.dll -> [2010/03/04 14:33:04 | 000,040,960 | ---- | C] (Microsoft Corporation)
wbemads.tlb -> C:\WINDOWS\System32\dllcache\wbemads.tlb -> [2010/03/04 14:33:04 | 000,031,232 | ---- | C] (Microsoft Corporation)
winmgmtr.dll -> C:\WINDOWS\System32\dllcache\winmgmtr.dll -> [2010/03/04 14:33:04 | 000,017,920 | ---- | C] (Microsoft Corporation)
unsecapp.exe -> C:\WINDOWS\System32\dllcache\unsecapp.exe -> [2010/03/04 14:33:04 | 000,016,896 | ---- | C] (Microsoft Corporation)
winmgmt.exe -> C:\WINDOWS\System32\dllcache\winmgmt.exe -> [2010/03/04 14:33:04 | 000,013,824 | ---- | C] (Microsoft Corporation)
wbemads.dll -> C:\WINDOWS\System32\dllcache\wbemads.dll -> [2010/03/04 14:33:04 | 000,012,288 | ---- | C] (Microsoft Corporation)
msiprov.dll -> C:\WINDOWS\System32\dllcache\msiprov.dll -> [2010/03/04 14:33:03 | 000,273,920 | ---- | C] (Microsoft Corporation)
dsprov.dll -> C:\WINDOWS\System32\dllcache\dsprov.dll -> [2010/03/04 14:33:03 | 000,120,320 | ---- | C] (Microsoft Corporation)
fwdprov.dll -> C:\WINDOWS\System32\dllcache\fwdprov.dll -> [2010/03/04 14:33:03 | 000,053,248 | ---- | C] (Microsoft Corporation)
dialer.exe -> C:\WINDOWS\System32\dllcache\dialer.exe -> [2010/03/04 14:33:02 | 000,545,280 | ---- | C] (Microsoft Corporation)
hypertrm.dll -> C:\WINDOWS\System32\hypertrm.dll -> [2010/03/04 14:33:02 | 000,352,768 | ---- | C] (Hilgraeve, Inc.)
pinball.exe -> C:\WINDOWS\System32\dllcache\pinball.exe -> [2010/03/04 14:33:02 | 000,283,648 | ---- | C] (Cinematronics)
accwiz.exe -> C:\WINDOWS\System32\dllcache\accwiz.exe -> [2010/03/04 14:33:02 | 000,188,416 | ---- | C] (Microsoft Corporation)
accwiz.exe -> C:\WINDOWS\System32\accwiz.exe -> [2010/03/04 14:33:02 | 000,188,416 | ---- | C] (Microsoft Corporation)
sndrec32.exe -> C:\WINDOWS\System32\sndrec32.exe -> [2010/03/04 14:33:02 | 000,132,608 | ---- | C] (Microsoft Corporation)
sndrec32.exe -> C:\WINDOWS\System32\dllcache\sndrec32.exe -> [2010/03/04 14:33:02 | 000,132,608 | ---- | C] (Microsoft Corporation)
mplay32.exe -> C:\WINDOWS\System32\mplay32.exe -> [2010/03/04 14:33:02 | 000,124,416 | ---- | C] (Microsoft Corporation)
mplay32.exe -> C:\WINDOWS\System32\dllcache\mplay32.exe -> [2010/03/04 14:33:02 | 000,124,416 | ---- | C] (Microsoft Corporation)
access.cpl -> C:\WINDOWS\System32\dllcache\access.cpl -> [2010/03/04 14:33:02 | 000,070,656 | ---- | C] (Microsoft Corporation)
access.cpl -> C:\WINDOWS\System32\access.cpl -> [2010/03/04 14:33:02 | 000,070,656 | ---- | C] (Microsoft Corporation)
spider.exe -> C:\WINDOWS\System32\spider.exe -> [2010/03/04 14:33:01 | 000,539,136 | ---- | C] (Microsoft Corporation)
spider.exe -> C:\WINDOWS\System32\dllcache\spider.exe -> [2010/03/04 14:33:01 | 000,539,136 | ---- | C] (Microsoft Corporation)
mspaint.exe -> C:\WINDOWS\System32\mspaint.exe -> [2010/03/04 14:33:01 | 000,345,600 | ---- | C] (Microsoft Corporation)
mspaint.exe -> C:\WINDOWS\System32\dllcache\mspaint.exe -> [2010/03/04 14:33:01 | 000,345,600 | ---- | C] (Microsoft Corporation)
clipbrd.exe -> C:\WINDOWS\System32\dllcache\clipbrd.exe -> [2010/03/04 14:33:01 | 000,104,960 | ---- | C] (Microsoft Corporation)
clipbrd.exe -> C:\WINDOWS\System32\clipbrd.exe -> [2010/03/04 14:33:01 | 000,104,960 | ---- | C] (Microsoft Corporation)
Windows NT -> C:\Arquivos de programas\Windows NT -> [2010/03/04 14:33:01 | 000,000,000 | ---D | C]
rhttpaa.dll -> C:\WINDOWS\System32\rhttpaa.dll -> [2010/03/04 14:33:00 | 000,290,304 | ---- | C] (Microsoft Corporation)
rhttpaa.dll -> C:\WINDOWS\System32\dllcache\rhttpaa.dll -> [2010/03/04 14:33:00 | 000,290,304 | ---- | C] (Microsoft Corporation)
rdpwd.sys -> C:\WINDOWS\System32\dllcache\rdpwd.sys -> [2010/03/04 14:33:00 | 000,139,656 | ---- | C] (Microsoft Corporation)
aaclient.dll -> C:\WINDOWS\System32\dllcache\aaclient.dll -> [2010/03/04 14:33:00 | 000,136,192 | ---- | C] (Microsoft Corporation)
aaclient.dll -> C:\WINDOWS\System32\aaclient.dll -> [2010/03/04 14:33:00 | 000,136,192 | ---- | C] (Microsoft Corporation)
tscfgwmi.dll -> C:\WINDOWS\System32\tscfgwmi.dll -> [2010/03/04 14:33:00 | 000,093,696 | ---- | C] (Microsoft Corporation)
tscfgwmi.dll -> C:\WINDOWS\System32\dllcache\tscfgwmi.dll -> [2010/03/04 14:33:00 | 000,093,696 | ---- | C] (Microsoft Corporation)
tsgqec.dll -> C:\WINDOWS\System32\tsgqec.dll -> [2010/03/04 14:33:00 | 000,053,248 | ---- | C] (Microsoft Corporation)
tsgqec.dll -> C:\WINDOWS\System32\dllcache\tsgqec.dll -> [2010/03/04 14:33:00 | 000,053,248 | ---- | C] (Microsoft Corporation)
tdtcp.sys -> C:\WINDOWS\System32\dllcache\tdtcp.sys -> [2010/03/04 14:33:00 | 000,021,896 | ---- | C] (Microsoft Corporation)
tdpipe.sys -> C:\WINDOWS\System32\dllcache\tdpipe.sys -> [2010/03/04 14:33:00 | 000,012,040 | ---- | C] (Microsoft Corporation)
lhmstscx.dll -> C:\WINDOWS\System32\dllcache\lhmstscx.dll -> [2010/03/04 14:32:59 | 002,061,824 | ---- | C] (Microsoft Corporation)
lhmstsc.exe -> C:\WINDOWS\System32\dllcache\lhmstsc.exe -> [2010/03/04 14:32:59 | 000,677,888 | ---- | C] (Microsoft Corporation)
rdchost.dll -> C:\WINDOWS\System32\rdchost.dll -> [2010/03/04 14:32:59 | 000,147,968 | ---- | C] (Microsoft Corporation)
rdchost.dll -> C:\WINDOWS\System32\dllcache\rdchost.dll -> [2010/03/04 14:32:59 | 000,147,968 | ---- | C] (Microsoft Corporation)
sessmgr.exe -> C:\WINDOWS\System32\dllcache\sessmgr.exe -> [2010/03/04 14:32:59 | 000,142,848 | ---- | C] (Microsoft Corporation)
rdshost.exe -> C:\WINDOWS\System32\rdshost.exe -> [2010/03/04 14:32:59 | 000,067,072 | ---- | C] (Microsoft Corporation)
rdshost.exe -> C:\WINDOWS\System32\dllcache\rdshost.exe -> [2010/03/04 14:32:59 | 000,067,072 | ---- | C] (Microsoft Corporation)
remotepg.dll -> C:\WINDOWS\System32\dllcache\remotepg.dll -> [2010/03/04 14:32:59 | 000,061,440 | ---- | C] (Microsoft Corporation)
rdsaddin.exe -> C:\WINDOWS\System32\rdsaddin.exe -> [2010/03/04 14:32:59 | 000,013,824 | ---- | C] (Microsoft Corporation)
rdsaddin.exe -> C:\WINDOWS\System32\dllcache\rdsaddin.exe -> [2010/03/04 14:32:59 | 000,013,824 | ---- | C] (Microsoft Corporation)
msdtcprx.dll -> C:\WINDOWS\System32\msdtcprx.dll -> [2010/03/04 14:32:58 | 000,427,008 | ---- | C] (Microsoft Corporation)
msdtcprx.dll -> C:\WINDOWS\System32\dllcache\msdtcprx.dll -> [2010/03/04 14:32:58 | 000,427,008 | ---- | C] (Microsoft Corporation)
termsrv.dll -> C:\WINDOWS\System32\dllcache\termsrv.dll -> [2010/03/04 14:32:58 | 000,296,960 | ---- | C] (Microsoft Corporation)
msdtcuiu.dll -> C:\WINDOWS\System32\msdtcuiu.dll -> [2010/03/04 14:32:58 | 000,161,792 | ---- | C] (Microsoft Corporation)
msdtcuiu.dll -> C:\WINDOWS\System32\dllcache\msdtcuiu.dll -> [2010/03/04 14:32:58 | 000,161,792 | ---- | C] (Microsoft Corporation)
mtxoci.dll -> C:\WINDOWS\System32\mtxoci.dll -> [2010/03/04 14:32:58 | 000,091,648 | ---- | C] (Microsoft Corporation)
mtxoci.dll -> C:\WINDOWS\System32\dllcache\mtxoci.dll -> [2010/03/04 14:32:58 | 000,091,648 | ---- | C] (Microsoft Corporation)
rdpwsx.dll -> C:\WINDOWS\System32\rdpwsx.dll -> [2010/03/04 14:32:58 | 000,087,176 | ---- | C] (Microsoft Corporation)
rdpwsx.dll -> C:\WINDOWS\System32\dllcache\rdpwsx.dll -> [2010/03/04 14:32:58 | 000,087,176 | ---- | C] (Microsoft Corporation)
rdpclip.exe -> C:\WINDOWS\System32\rdpclip.exe -> [2010/03/04 14:32:58 | 000,062,976 | ---- | C] (Microsoft Corporation)
rdpclip.exe -> C:\WINDOWS\System32\dllcache\rdpclip.exe -> [2010/03/04 14:32:58 | 000,062,976 | ---- | C] (Microsoft Corporation)
cfgbkend.dll -> C:\WINDOWS\System32\dllcache\cfgbkend.dll -> [2010/03/04 14:32:58 | 000,039,424 | ---- | C] (Microsoft Corporation)
cfgbkend.dll -> C:\WINDOWS\System32\cfgbkend.dll -> [2010/03/04 14:32:58 | 000,039,424 | ---- | C] (Microsoft Corporation)
qprocess.exe -> C:\WINDOWS\System32\qprocess.exe -> [2010/03/04 14:32:58 | 000,020,480 | ---- | C] (Microsoft Corporation)
qprocess.exe -> C:\WINDOWS\System32\dllcache\qprocess.exe -> [2010/03/04 14:32:58 | 000,020,480 | ---- | C] (Microsoft Corporation)
rdpsnd.dll -> C:\WINDOWS\System32\rdpsnd.dll -> [2010/03/04 14:32:58 | 000,019,968 | ---- | C] (Microsoft Corporation)
rdpsnd.dll -> C:\WINDOWS\System32\dllcache\rdpsnd.dll -> [2010/03/04 14:32:58 | 000,019,968 | ---- | C] (Microsoft Corporation)
icaapi.dll -> C:\WINDOWS\System32\icaapi.dll -> [2010/03/04 14:32:58 | 000,011,264 | ---- | C] (Microsoft Corporation)
icaapi.dll -> C:\WINDOWS\System32\dllcache\icaapi.dll -> [2010/03/04 14:32:58 | 000,011,264 | ---- | C] (Microsoft Corporation)
MsDtc -> C:\WINDOWS\System32\MsDtc -> [2010/03/04 14:32:58 | 000,000,000 | ---D | C]
msdtctm.dll -> C:\WINDOWS\System32\msdtctm.dll -> [2010/03/04 14:32:57 | 000,956,928 | ---- | C] (Microsoft Corporation)
msdtctm.dll -> C:\WINDOWS\System32\dllcache\msdtctm.dll -> [2010/03/04 14:32:57 | 000,956,928 | ---- | C] (Microsoft Corporation)
msdtclog.dll -> C:\WINDOWS\System32\msdtclog.dll -> [2010/03/04 14:32:57 | 000,058,880 | ---- | C] (Microsoft Corporation)
msdtclog.dll -> C:\WINDOWS\System32\dllcache\msdtclog.dll -> [2010/03/04 14:32:57 | 000,058,880 | ---- | C] (Microsoft Corporation)
xolehlp.dll -> C:\WINDOWS\System32\xolehlp.dll -> [2010/03/04 14:32:57 | 000,011,776 | ---- | C] (Microsoft Corporation)
xolehlp.dll -> C:\WINDOWS\System32\dllcache\xolehlp.dll -> [2010/03/04 14:32:57 | 000,011,776 | ---- | C] (Microsoft Corporation)
comrepl.exe -> C:\WINDOWS\System32\dllcache\comrepl.exe -> [2010/03/04 14:32:57 | 000,009,728 | ---- | C] (Microsoft Corporation)
msdtc.exe -> C:\WINDOWS\System32\dllcache\msdtc.exe -> [2010/03/04 14:32:57 | 000,006,144 | ---- | C] (Microsoft Corporation)
dcomcnfg.exe -> C:\WINDOWS\System32\dllcache\dcomcnfg.exe -> [2010/03/04 14:32:57 | 000,006,144 | ---- | C] (Microsoft Corporation)
dcomcnfg.exe -> C:\WINDOWS\System32\dcomcnfg.exe -> [2010/03/04 14:32:57 | 000,006,144 | ---- | C] (Microsoft Corporation)
comrereg.exe -> C:\WINDOWS\System32\dllcache\comrereg.exe -> [2010/03/04 14:32:57 | 000,006,144 | ---- | C] (Microsoft Corporation)
catsrvut.dll -> C:\WINDOWS\System32\dllcache\catsrvut.dll -> [2010/03/04 14:32:56 | 000,625,664 | ---- | C] (Microsoft Corporation)
catsrvut.dll -> C:\WINDOWS\System32\catsrvut.dll -> [2010/03/04 14:32:56 | 000,625,664 | ---- | C] (Microsoft Corporation)
comadmin.dll -> C:\WINDOWS\System32\dllcache\comadmin.dll -> [2010/03/04 14:32:56 | 000,195,072 | ---- | C] (Microsoft Corporation)
clbcatex.dll -> C:\WINDOWS\System32\dllcache\clbcatex.dll -> [2010/03/04 14:32:56 | 000,110,592 | ---- | C] (Microsoft Corporation)
clbcatex.dll -> C:\WINDOWS\System32\clbcatex.dll -> [2010/03/04 14:32:56 | 000,110,592 | ---- | C] (Microsoft Corporation)
comrepl.dll -> C:\WINDOWS\System32\dllcache\comrepl.dll -> [2010/03/04 14:32:56 | 000,097,792 | ---- | C] (Microsoft Corporation)
comrepl.dll -> C:\WINDOWS\System32\comrepl.dll -> [2010/03/04 14:32:56 | 000,097,792 | ---- | C] (Microsoft Corporation)
catsrvps.dll -> C:\WINDOWS\System32\dllcache\catsrvps.dll -> [2010/03/04 14:32:56 | 000,085,504 | ---- | C] (Microsoft Corporation)
catsrvps.dll -> C:\WINDOWS\System32\catsrvps.dll -> [2010/03/04 14:32:56 | 000,085,504 | ---- | C] (Microsoft Corporation)
colbact.dll -> C:\WINDOWS\System32\dllcache\colbact.dll -> [2010/03/04 14:32:56 | 000,060,416 | ---- | C] (Microsoft Corporation)
colbact.dll -> C:\WINDOWS\System32\colbact.dll -> [2010/03/04 14:32:56 | 000,060,416 | ---- | C] (Microsoft Corporation)
stclient.dll -> C:\WINDOWS\System32\stclient.dll -> [2010/03/04 14:32:56 | 000,059,392 | ---- | C] (Microsoft Corporation)
stclient.dll -> C:\WINDOWS\System32\dllcache\stclient.dll -> [2010/03/04 14:32:56 | 000,059,392 | ---- | C] (Microsoft Corporation)
mtxlegih.dll -> C:\WINDOWS\System32\mtxlegih.dll -> [2010/03/04 14:32:56 | 000,034,304 | ---- | C] (Microsoft Corporation)
mtxlegih.dll -> C:\WINDOWS\System32\dllcache\mtxlegih.dll -> [2010/03/04 14:32:56 | 000,034,304 | ---- | C] (Microsoft Corporation)
mtxdm.dll -> C:\WINDOWS\System32\mtxdm.dll -> [2010/03/04 14:32:56 | 000,030,720 | ---- | C] (Microsoft Corporation)
mtxdm.dll -> C:\WINDOWS\System32\dllcache\mtxdm.dll -> [2010/03/04 14:32:56 | 000,030,720 | ---- | C] (Microsoft Corporation)
comaddin.dll -> C:\WINDOWS\System32\dllcache\comaddin.dll -> [2010/03/04 14:32:56 | 000,028,160 | ---- | C] (Microsoft Corporation)
comaddin.dll -> C:\WINDOWS\System32\comaddin.dll -> [2010/03/04 14:32:56 | 000,028,160 | ---- | C] (Microsoft Corporation)
mtxex.dll -> C:\WINDOWS\System32\mtxex.dll -> [2010/03/04 14:32:56 | 000,004,096 | ---- | C] (Microsoft Corporation)
mtxex.dll -> C:\WINDOWS\System32\dllcache\mtxex.dll -> [2010/03/04 14:32:56 | 000,004,096 | ---- | C] (Microsoft Corporation)
Com -> C:\WINDOWS\System32\Com -> [2010/03/04 14:32:56 | 000,000,000 | ---D | C]
comsvcs.dll -> C:\WINDOWS\System32\dllcache\comsvcs.dll -> [2010/03/04 14:32:55 | 001,267,200 | ---- | C] (Microsoft Corporation)
comsvcs.dll -> C:\WINDOWS\System32\comsvcs.dll -> [2010/03/04 14:32:55 | 001,267,200 | ---- | C] (Microsoft Corporation)
comuid.dll -> C:\WINDOWS\System32\dllcache\comuid.dll -> [2010/03/04 14:32:55 | 000,539,648 | ---- | C] (Microsoft Corporation)
comuid.dll -> C:\WINDOWS\System32\comuid.dll -> [2010/03/04 14:32:55 | 000,539,648 | ---- | C] (Microsoft Corporation)
clbcatq.dll -> C:\WINDOWS\System32\dllcache\clbcatq.dll -> [2010/03/04 14:32:55 | 000,498,688 | ---- | C] (Microsoft Corporation)
catsrv.dll -> C:\WINDOWS\System32\dllcache\catsrv.dll -> [2010/03/04 14:32:55 | 000,226,304 | ---- | C] (Microsoft Corporation)
catsrv.dll -> C:\WINDOWS\System32\catsrv.dll -> [2010/03/04 14:32:55 | 000,226,304 | ---- | C] (Microsoft Corporation)
comsnap.dll -> C:\WINDOWS\System32\dllcache\comsnap.dll -> [2010/03/04 14:32:55 | 000,167,424 | ---- | C] (Microsoft Corporation)
comsnap.dll -> C:\WINDOWS\System32\comsnap.dll -> [2010/03/04 14:32:55 | 000,167,424 | ---- | C] (Microsoft Corporation)
wmic.exe -> C:\WINDOWS\System32\dllcache\wmic.exe -> [2010/03/04 14:32:53 | 000,365,056 | ---- | C] (Microsoft Corporation)
wbemupgd.dll -> C:\WINDOWS\System32\dllcache\wbemupgd.dll -> [2010/03/04 14:32:53 | 000,197,120 | ---- | C] (Microsoft Corporation)
wmiadap.exe -> C:\WINDOWS\System32\dllcache\wmiadap.exe -> [2010/03/04 14:32:53 | 000,196,608 | ---- | C] (Microsoft Corporation)
wmipcima.dll -> C:\WINDOWS\System32\dllcache\wmipcima.dll -> [2010/03/04 14:32:53 | 000,156,672 | ---- | C] (Microsoft Corporation)
wmisvc.dll -> C:\WINDOWS\System32\dllcache\wmisvc.dll -> [2010/03/04 14:32:53 | 000,145,408 | ---- | C] (Microsoft Corporation)
wmiprov.dll -> C:\WINDOWS\System32\dllcache\wmiprov.dll -> [2010/03/04 14:32:53 | 000,144,896 | ---- | C] (Microsoft Corporation)
wmidcprv.dll -> C:\WINDOWS\System32\dllcache\wmidcprv.dll -> [2010/03/04 14:32:53 | 000,140,800 | ---- | C] (Microsoft Corporation)
wmipdskq.dll -> C:\WINDOWS\System32\dllcache\wmipdskq.dll -> [2010/03/04 14:32:53 | 000,132,096 | ---- | C] (Microsoft Corporation)
wmiapsrv.exe -> C:\WINDOWS\System32\dllcache\wmiapsrv.exe -> [2010/03/04 14:32:53 | 000,126,464 | ---- | C] (Microsoft Corporation)
wmiutils.dll -> C:\WINDOWS\System32\dllcache\wmiutils.dll -> [2010/03/04 14:32:53 | 000,097,792 | ---- | C] (Microsoft Corporation)
wmiaprpl.dll -> C:\WINDOWS\System32\dllcache\wmiaprpl.dll -> [2010/03/04 14:32:53 | 000,088,576 | ---- | C] (Microsoft Corporation)
wmipjobj.dll -> C:\WINDOWS\System32\dllcache\wmipjobj.dll -> [2010/03/04 14:32:53 | 000,062,464 | ---- | C] (Microsoft Corporation)
wmipiprt.dll -> C:\WINDOWS\System32\dllcache\wmipiprt.dll -> [2010/03/04 14:32:53 | 000,061,952 | ---- | C] (Microsoft Corporation)
wmicookr.dll -> C:\WINDOWS\System32\dllcache\wmicookr.dll -> [2010/03/04 14:32:53 | 000,060,928 | ---- | C] (Microsoft Corporation)
wmipsess.dll -> C:\WINDOWS\System32\dllcache\wmipsess.dll -> [2010/03/04 14:32:53 | 000,041,472 | ---- | C] (Microsoft Corporation)
wmiapres.dll -> C:\WINDOWS\System32\dllcache\wmiapres.dll -> [2010/03/04 14:32:53 | 000,007,168 | ---- | C] (Microsoft Corporation)
wbemcore.dll -> C:\WINDOWS\System32\dllcache\wbemcore.dll -> [2010/03/04 14:32:52 | 000,531,968 | ---- | C] (Microsoft Corporation)
wbemess.dll -> C:\WINDOWS\System32\dllcache\wbemess.dll -> [2010/03/04 14:32:52 | 000,273,920 | ---- | C] (Microsoft Corporation)
provthrd.dll -> C:\WINDOWS\System32\dllcache\provthrd.dll -> [2010/03/04 14:32:52 | 000,237,056 | ---- | C] (Microsoft Corporation)
wbemcomn.dll -> C:\WINDOWS\System32\dllcache\wbemcomn.dll -> [2010/03/04 14:32:52 | 000,214,528 | ---- | C] (Microsoft Corporation)
wbemcntl.dll -> C:\WINDOWS\System32\dllcache\wbemcntl.dll -> [2010/03/04 14:32:52 | 000,199,168 | ---- | C] (Microsoft Corporation)
wbemdisp.dll -> C:\WINDOWS\System32\dllcache\wbemdisp.dll -> [2010/03/04 14:32:52 | 000,178,176 | ---- | C] (Microsoft Corporation)
repdrvfs.dll -> C:\WINDOWS\System32\dllcache\repdrvfs.dll -> [2010/03/04 14:32:52 | 000,178,176 | ---- | C] (Microsoft Corporation)
viewprov.dll -> C:\WINDOWS\System32\dllcache\viewprov.dll -> [2010/03/04 14:32:52 | 000,131,584 | ---- | C] (Microsoft Corporation)
wbemtest.exe -> C:\WINDOWS\System32\dllcache\wbemtest.exe -> [2010/03/04 14:32:52 | 000,118,784 | ---- | C] (Microsoft Corporation)
stdprov.dll -> C:\WINDOWS\System32\dllcache\stdprov.dll -> [2010/03/04 14:32:52 | 000,086,528 | ---- | C] (Microsoft Corporation)
wbemcons.dll -> C:\WINDOWS\System32\dllcache\wbemcons.dll -> [2010/03/04 14:32:52 | 000,071,680 | ---- | C] (Microsoft Corporation)
wbemsvc.dll -> C:\WINDOWS\System32\dllcache\wbemsvc.dll -> [2010/03/04 14:32:52 | 000,043,520 | ---- | C] (Microsoft Corporation)
scrcons.exe -> C:\WINDOWS\System32\dllcache\scrcons.exe -> [2010/03/04 14:32:52 | 000,036,352 | ---- | C] (Microsoft Corporation)
wbemprox.dll -> C:\WINDOWS\System32\dllcache\wbemprox.dll -> [2010/03/04 14:32:52 | 000,018,944 | ---- | C] (Microsoft Corporation)
esscli.dll -> C:\WINDOWS\System32\dllcache\esscli.dll -> [2010/03/04 14:32:51 | 000,247,808 | ---- | C] (Microsoft Corporation)
ntevt.dll -> C:\WINDOWS\System32\dllcache\ntevt.dll -> [2010/03/04 14:32:51 | 000,212,992 | ---- | C] (Microsoft Corporation)
framedyn.dll -> C:\WINDOWS\System32\dllcache\framedyn.dll -> [2010/03/04 14:32:51 | 000,185,344 | ---- | C] (Microsoft Corporation)
mofd.dll -> C:\WINDOWS\System32\dllcache\mofd.dll -> [2010/03/04 14:32:51 | 000,124,416 | ---- | C] (Microsoft Corporation)
policman.dll -> C:\WINDOWS\System32\dllcache\policman.dll -> [2010/03/04 14:32:51 | 000,092,672 | ---- | C] (Microsoft Corporation)
ncprov.dll -> C:\WINDOWS\System32\dllcache\ncprov.dll -> [2010/03/04 14:32:51 | 000,047,104 | ---- | C] (Microsoft Corporation)
krnlprov.dll -> C:\WINDOWS\System32\dllcache\krnlprov.dll -> [2010/03/04 14:32:51 | 000,024,576 | ---- | C] (Microsoft Corporation)
mofcomp.exe -> C:\WINDOWS\System32\dllcache\mofcomp.exe -> [2010/03/04 14:32:51 | 000,016,384 | ---- | C] (Microsoft Corporation)
cimwin32.dll -> C:\WINDOWS\System32\dllcache\cimwin32.dll -> [2010/03/04 14:32:50 | 001,359,360 | ---- | C] (Microsoft Corporation)
cmprops.dll -> C:\WINDOWS\System32\dllcache\cmprops.dll -> [2010/03/04 14:32:50 | 000,188,928 | ---- | C] (Microsoft Corporation)
cmprops.dll -> C:\WINDOWS\System32\cmprops.dll -> [2010/03/04 14:32:50 | 000,188,928 | ---- | C] (Microsoft Corporation)
licwmi.dll -> C:\WINDOWS\System32\licwmi.dll -> [2010/03/04 14:32:50 | 000,058,880 | ---- | C] (Microsoft Corporation)
licwmi.dll -> C:\WINDOWS\System32\dllcache\licwmi.dll -> [2010/03/04 14:32:50 | 000,058,880 | ---- | C] (Microsoft Corporation)
servdeps.dll -> C:\WINDOWS\System32\servdeps.dll -> [2010/03/04 14:32:50 | 000,056,320 | ---- | C] (Microsoft Corporation)
servdeps.dll -> C:\WINDOWS\System32\dllcache\servdeps.dll -> [2010/03/04 14:32:50 | 000,056,320 | ---- | C] (Microsoft Corporation)
mmfutil.dll -> C:\WINDOWS\System32\mmfutil.dll -> [2010/03/04 14:32:50 | 000,017,920 | ---- | C] (Microsoft Corporation)
mmfutil.dll -> C:\WINDOWS\System32\dllcache\mmfutil.dll -> [2010/03/04 14:32:50 | 000,017,920 | ---- | C] (Microsoft Corporation)
Meus vídeos -> C:\Documents and Settings\All Users\Documentos\Meus vídeos -> [2010/03/04 14:32:44 | 000,000,000 | R--D | C]
SISAGP.SYS -> C:\WINDOWS\System32\drivers\SISAGP.SYS -> [2010/03/04 11:25:29 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation)
usbui.dll -> C:\WINDOWS\System32\usbui.dll -> [2010/03/04 11:25:22 | 000,076,288 | ---- | C] (Microsoft Corporation)
RTL8139.sys -> C:\WINDOWS\System32\drivers\RTL8139.sys -> [2010/03/04 11:25:17 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation)
Installer -> C:\WINDOWS\Installer -> [2010/03/04 11:24:12 | 000,000,000 | -HSD | C]
ODBC -> C:\Arquivos de programas\Arquivos comuns\ODBC -> [2010/03/04 11:24:11 | 000,000,000 | ---D | C]
spcplui.dll -> C:\WINDOWS\System32\dllcache\spcplui.dll -> [2010/03/04 11:24:10 | 000,061,440 | ---- | C] (Microsoft Corporation)
spttseng.dll -> C:\WINDOWS\System32\dllcache\spttseng.dll -> [2010/03/04 11:24:09 | 000,774,144 | ---- | C] (Microsoft Corporation)
spcommon.dll -> C:\WINDOWS\System32\dllcache\spcommon.dll -> [2010/03/04 11:24:09 | 000,077,824 | ---- | C] (Microsoft Corporation)
sapi.dll -> C:\WINDOWS\System32\dllcache\sapi.dll -> [2010/03/04 11:24:08 | 000,741,376 | ---- | C] (Microsoft Corporation)
sapi.cpl -> C:\WINDOWS\System32\dllcache\sapi.cpl -> [2010/03/04 11:24:08 | 000,159,744 | ---- | C] (Microsoft Corporation)
sapisvr.exe -> C:\WINDOWS\System32\dllcache\sapisvr.exe -> [2010/03/04 11:24:08 | 000,036,864 | ---- | C] (Microsoft Corporation)
SpeechEngines -> C:\Arquivos de programas\Arquivos comuns\SpeechEngines -> [2010/03/04 11:24:08 | 000,000,000 | ---D | C]
Microsoft Shared -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared -> [2010/03/04 11:24:08 | 000,000,000 | ---D | C]
Arquivos de programas -> C:\Arquivos de programas -> [2010/03/04 11:24:07 | 000,000,000 | R--D | C]
Arquivos comuns -> C:\Arquivos de programas\Arquivos comuns -> [2010/03/04 11:24:07 | 000,000,000 | ---D | C]
agt0408.dll -> C:\WINDOWS\System32\dllcache\agt0408.dll -> [2010/03/04 11:24:05 | 000,022,016 | ---- | C] (Microsoft Corporation)
agt040e.dll -> C:\WINDOWS\System32\dllcache\agt040e.dll -> [2010/03/04 11:24:05 | 000,019,968 | ---- | C] (Microsoft Corporation)
agt041f.dll -> C:\WINDOWS\System32\dllcache\agt041f.dll -> [2010/03/04 11:24:05 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0419.dll -> C:\WINDOWS\System32\dllcache\agt0419.dll -> [2010/03/04 11:24:05 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0415.dll -> C:\WINDOWS\System32\dllcache\agt0415.dll -> [2010/03/04 11:24:05 | 000,019,456 | ---- | C] (Microsoft Corporation)
agt0405.dll -> C:\WINDOWS\System32\dllcache\agt0405.dll -> [2010/03/04 11:24:05 | 000,019,456 | ---- | C] (Microsoft Corporation)
kbdtuq.dll -> C:\WINDOWS\System32\kbdtuq.dll -> [2010/03/04 11:24:04 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdtuf.dll -> C:\WINDOWS\System32\kbdtuf.dll -> [2010/03/04 11:24:04 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdtuq.dll -> C:\WINDOWS\System32\dllcache\kbdtuq.dll -> [2010/03/04 11:24:04 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdtuf.dll -> C:\WINDOWS\System32\dllcache\kbdtuf.dll -> [2010/03/04 11:24:04 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdazel.dll -> C:\WINDOWS\System32\kbdazel.dll -> [2010/03/04 11:24:04 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdazel.dll -> C:\WINDOWS\System32\dllcache\kbdazel.dll -> [2010/03/04 11:24:04 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdycc.dll -> C:\WINDOWS\System32\kbdycc.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbduzb.dll -> C:\WINDOWS\System32\kbduzb.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdur.dll -> C:\WINDOWS\System32\kbdur.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdtat.dll -> C:\WINDOWS\System32\kbdtat.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdru1.dll -> C:\WINDOWS\System32\kbdru1.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdru.dll -> C:\WINDOWS\System32\kbdru.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdmon.dll -> C:\WINDOWS\System32\kbdmon.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdkyr.dll -> C:\WINDOWS\System32\kbdkyr.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdkaz.dll -> C:\WINDOWS\System32\kbdkaz.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdbu.dll -> C:\WINDOWS\System32\kbdbu.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdblr.dll -> C:\WINDOWS\System32\kbdblr.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdaze.dll -> C:\WINDOWS\System32\kbdaze.dll -> [2010/03/04 11:24:03 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdycc.dll -> C:\WINDOWS\System32\dllcache\kbdycc.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbduzb.dll -> C:\WINDOWS\System32\dllcache\kbduzb.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdur.dll -> C:\WINDOWS\System32\dllcache\kbdur.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdtat.dll -> C:\WINDOWS\System32\dllcache\kbdtat.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdru1.dll -> C:\WINDOWS\System32\dllcache\kbdru1.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdru.dll -> C:\WINDOWS\System32\dllcache\kbdru.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdmon.dll -> C:\WINDOWS\System32\dllcache\kbdmon.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdkyr.dll -> C:\WINDOWS\System32\dllcache\kbdkyr.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdkaz.dll -> C:\WINDOWS\System32\dllcache\kbdkaz.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdbu.dll -> C:\WINDOWS\System32\dllcache\kbdbu.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdblr.dll -> C:\WINDOWS\System32\dllcache\kbdblr.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdaze.dll -> C:\WINDOWS\System32\dllcache\kbdaze.dll -> [2010/03/04 11:24:03 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdhept.dll -> C:\WINDOWS\System32\kbdhept.dll -> [2010/03/04 11:24:02 | 000,008,192 | R--- | C] (Microsoft Corporation)
kbdhept.dll -> C:\WINDOWS\System32\dllcache\kbdhept.dll -> [2010/03/04 11:24:02 | 000,008,192 | ---- | C] (Microsoft Corporation)
kbdhela3.dll -> C:\WINDOWS\System32\kbdhela3.dll -> [2010/03/04 11:24:02 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdhela3.dll -> C:\WINDOWS\System32\dllcache\kbdhela3.dll -> [2010/03/04 11:24:02 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdhela2.dll -> C:\WINDOWS\System32\kbdhela2.dll -> [2010/03/04 11:24:02 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdgkl.dll -> C:\WINDOWS\System32\kbdgkl.dll -> [2010/03/04 11:24:02 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdhela2.dll -> C:\WINDOWS\System32\dllcache\kbdhela2.dll -> [2010/03/04 11:24:02 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdgkl.dll -> C:\WINDOWS\System32\dllcache\kbdgkl.dll -> [2010/03/04 11:24:02 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdhe319.dll -> C:\WINDOWS\System32\kbdhe319.dll -> [2010/03/04 11:24:02 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdhe220.dll -> C:\WINDOWS\System32\kbdhe220.dll -> [2010/03/04 11:24:02 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdhe.dll -> C:\WINDOWS\System32\kbdhe.dll -> [2010/03/04 11:24:02 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdhe319.dll -> C:\WINDOWS\System32\dllcache\kbdhe319.dll -> [2010/03/04 11:24:02 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdhe220.dll -> C:\WINDOWS\System32\dllcache\kbdhe220.dll -> [2010/03/04 11:24:02 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdhe.dll -> C:\WINDOWS\System32\dllcache\kbdhe.dll -> [2010/03/04 11:24:02 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdlv1.dll -> C:\WINDOWS\System32\kbdlv1.dll -> [2010/03/04 11:24:01 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdlv.dll -> C:\WINDOWS\System32\kbdlv.dll -> [2010/03/04 11:24:01 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdlv1.dll -> C:\WINDOWS\System32\dllcache\kbdlv1.dll -> [2010/03/04 11:24:01 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdlv.dll -> C:\WINDOWS\System32\dllcache\kbdlv.dll -> [2010/03/04 11:24:01 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdlt1.dll -> C:\WINDOWS\System32\kbdlt1.dll -> [2010/03/04 11:24:01 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdlt.dll -> C:\WINDOWS\System32\kbdlt.dll -> [2010/03/04 11:24:01 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdlt1.dll -> C:\WINDOWS\System32\dllcache\kbdlt1.dll -> [2010/03/04 11:24:01 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdlt.dll -> C:\WINDOWS\System32\dllcache\kbdlt.dll -> [2010/03/04 11:24:01 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdest.dll -> C:\WINDOWS\System32\kbdest.dll -> [2010/03/04 11:24:00 | 000,006,144 | R--- | C] (Microsoft Corporation)
kbdest.dll -> C:\WINDOWS\System32\dllcache\kbdest.dll -> [2010/03/04 11:24:00 | 000,006,144 | ---- | C] (Microsoft Corporation)
kbdcz.dll -> C:\WINDOWS\System32\kbdcz.dll -> [2010/03/04 11:23:59 | 000,007,168 | R--- | C] (Microsoft Corporation)
kbdcz.dll -> C:\WINDOWS\System32\dllcache\kbdcz.dll -> [2010/03/04 11:23:59 | 000,007,168 | ---- | C] (Microsoft Corporation)
kbdycl.dll -> C:\WINDOWS\System32\kbdycl.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdsl1.dll -> C:\WINDOWS\System32\kbdsl1.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdsl.dll -> C:\WINDOWS\System32\kbdsl.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdpl.dll -> C:\WINDOWS\System32\kbdpl.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdhu.dll -> C:\WINDOWS\System32\kbdhu.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdcz2.dll -> C:\WINDOWS\System32\kbdcz2.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdcz1.dll -> C:\WINDOWS\System32\kbdcz1.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdcr.dll -> C:\WINDOWS\System32\kbdcr.dll -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
KBDAL.DLL -> C:\WINDOWS\System32\KBDAL.DLL -> [2010/03/04 11:23:59 | 000,006,656 | R--- | C] (Microsoft Corporation)
kbdycl.dll -> C:\WINDOWS\System32\dllcache\kbdycl.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdsl1.dll -> C:\WINDOWS\System32\dllcache\kbdsl1.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdsl.dll -> C:\WINDOWS\System32\dllcache\kbdsl.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdpl.dll -> C:\WINDOWS\System32\dllcache\kbdpl.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdhu.dll -> C:\WINDOWS\System32\dllcache\kbdhu.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdcz2.dll -> C:\WINDOWS\System32\dllcache\kbdcz2.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdcz1.dll -> C:\WINDOWS\System32\dllcache\kbdcz1.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdcr.dll -> C:\WINDOWS\System32\dllcache\kbdcr.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdal.dll -> C:\WINDOWS\System32\dllcache\kbdal.dll -> [2010/03/04 11:23:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
kbdro.dll -> C:\WINDOWS\System32\kbdro.dll -> [2010/03/04 11:23:59 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdpl1.dll -> C:\WINDOWS\System32\kbdpl1.dll -> [2010/03/04 11:23:59 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdhu1.dll -> C:\WINDOWS\System32\kbdhu1.dll -> [2010/03/04 11:23:59 | 000,005,632 | R--- | C] (Microsoft Corporation)
kbdro.dll -> C:\WINDOWS\System32\dllcache\kbdro.dll -> [2010/03/04 11:23:59 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdpl1.dll -> C:\WINDOWS\System32\dllcache\kbdpl1.dll -> [2010/03/04 11:23:59 | 000,005,632 | ---- | C] (Microsoft Corporation)
kbdhu1.dll -> C:\WINDOWS\System32\dllcache\kbdhu1.dll -> [2010/03/04 11:23:59 | 000,005,632 | ---- | C] (Microsoft Corporation)
dgrpsetu.dll -> C:\WINDOWS\System32\dllcache\dgrpsetu.dll -> [2010/03/04 11:23:57 | 000,176,157 | ---- | C] (Digi International, Inc.)
dgrpsetu.dll -> C:\WINDOWS\System32\dgrpsetu.dll -> [2010/03/04 11:23:57 | 000,176,157 | ---- | C] (Digi International, Inc.)
EqnClass.Dll -> C:\WINDOWS\System32\EqnClass.Dll -> [2010/03/04 11:23:57 | 000,103,424 | ---- | C] (Equinox Systems Inc.)
eqnclass.dll -> C:\WINDOWS\System32\dllcache\eqnclass.dll -> [2010/03/04 11:23:57 | 000,103,424 | ---- | C] (Equinox Systems Inc.)
dgsetup.dll -> C:\WINDOWS\System32\dllcache\dgsetup.dll -> [2010/03/04 11:23:57 | 000,085,020 | ---- | C] (Digi International)
dgsetup.dll -> C:\WINDOWS\System32\dgsetup.dll -> [2010/03/04 11:23:57 | 000,085,020 | ---- | C] (Digi International)
spxcoins.dll -> C:\WINDOWS\System32\spxcoins.dll -> [2010/03/04 11:23:57 | 000,024,661 | ---- | C] (Perle Systems Ltd.)
spxcoins.dll -> C:\WINDOWS\System32\dllcache\spxcoins.dll -> [2010/03/04 11:23:57 | 000,024,661 | ---- | C] (Perle Systems Ltd.)
WFWNET.DRV -> C:\WINDOWS\System\WFWNET.DRV -> [2010/03/04 11:23:57 | 000,013,600 | ---- | C] (Microsoft Corporation)
irclass.dll -> C:\WINDOWS\System32\irclass.dll -> [2010/03/04 11:23:57 | 000,013,312 | ---- | C] (Microsoft Corporation)
irclass.dll -> C:\WINDOWS\System32\dllcache\irclass.dll -> [2010/03/04 11:23:57 | 000,013,312 | ---- | C] (Microsoft Corporation)
VER.DLL -> C:\WINDOWS\System\VER.DLL -> [2010/03/04 11:23:57 | 000,009,072 | ---- | C] (Microsoft Corporation)
TIMER.DRV -> C:\WINDOWS\System\TIMER.DRV -> [2010/03/04 11:23:57 | 000,004,096 | ---- | C] (Microsoft Corporation)
VGA.DRV -> C:\WINDOWS\System\VGA.DRV -> [2010/03/04 11:23:57 | 000,002,176 | ---- | C] (Microsoft Corporation)
MSVIDEO.DLL -> C:\WINDOWS\System\MSVIDEO.DLL -> [2010/03/04 11:23:56 | 000,127,120 | ---- | C] (Microsoft Corporation)
AVIFILE.DLL -> C:\WINDOWS\System\AVIFILE.DLL -> [2010/03/04 11:23:56 | 000,109,536 | ---- | C] (Microsoft Corporation)
OLECLI.DLL -> C:\WINDOWS\System\OLECLI.DLL -> [2010/03/04 11:23:56 | 000,083,456 | ---- | C] (Microsoft Corporation)
MCIAVI.DRV -> C:\WINDOWS\System\MCIAVI.DRV -> [2010/03/04 11:23:56 | 000,073,632 | ---- | C] (Microsoft Corporation)
AVICAP.DLL -> C:\WINDOWS\System\AVICAP.DLL -> [2010/03/04 11:23:56 | 000,070,144 | ---- | C] (Microsoft Corporation)
COMMDLG.DLL -> C:\WINDOWS\System\COMMDLG.DLL -> [2010/03/04 11:23:56 | 000,033,504 | ---- | C] (Microsoft Corporation)
MCIWAVE.DRV -> C:\WINDOWS\System\MCIWAVE.DRV -> [2010/03/04 11:23:56 | 000,028,160 | ---- | C] (Microsoft Corporation)
MCISEQ.DRV -> C:\WINDOWS\System\MCISEQ.DRV -> [2010/03/04 11:23:56 | 000,025,296 | ---- | C] (Microsoft Corporation)
OLESVR.DLL -> C:\WINDOWS\System\OLESVR.DLL -> [2010/03/04 11:23:56 | 000,024,064 | ---- | C] (Microsoft Corporation)
TAPI.DLL -> C:\WINDOWS\System\TAPI.DLL -> [2010/03/04 11:23:56 | 000,019,200 | ---- | C] (Microsoft Corporation)
LZEXPAND.DLL -> C:\WINDOWS\System\LZEXPAND.DLL -> [2010/03/04 11:23:56 | 000,009,936 | ---- | C] (Microsoft Corporation)
SHELL.DLL -> C:\WINDOWS\System\SHELL.DLL -> [2010/03/04 11:23:56 | 000,005,120 | ---- | C] (Microsoft Corporation)
SYSTEM.DRV -> C:\WINDOWS\System\SYSTEM.DRV -> [2010/03/04 11:23:56 | 000,003,360 | ---- | C] (Microsoft Corporation)
MOUSE.DRV -> C:\WINDOWS\System\MOUSE.DRV -> [2010/03/04 11:23:56 | 000,002,032 | ---- | C] (Microsoft Corporation)
KEYBOARD.DRV -> C:\WINDOWS\System\KEYBOARD.DRV -> [2010/03/04 11:23:56 | 000,002,000 | ---- | C] (Microsoft Corporation)
SOUND.DRV -> C:\WINDOWS\System\SOUND.DRV -> [2010/03/04 11:23:56 | 000,001,744 | ---- | C] (Microsoft Corporation)
MMTASK.TSK -> C:\WINDOWS\System\MMTASK.TSK -> [2010/03/04 11:23:56 | 000,001,152 | ---- | C] (Microsoft Corporation)
WINSPOOL.DRV -> C:\WINDOWS\System\WINSPOOL.DRV -> [2010/03/04 11:23:55 | 000,146,944 | ---- | C] (Microsoft Corporation)
MMSYSTEM.DLL -> C:\WINDOWS\System\MMSYSTEM.DLL -> [2010/03/04 11:23:55 | 000,070,080 | ---- | C] (Microsoft Corporation)
TASKMAN.EXE -> C:\WINDOWS\TASKMAN.EXE -> [2010/03/04 11:23:55 | 000,015,360 | ---- | C] (Microsoft Corporation)
taskman.exe -> C:\WINDOWS\System32\dllcache\taskman.exe -> [2010/03/04 11:23:55 | 000,015,360 | ---- | C] (Microsoft Corporation)
irenum.sys -> C:\WINDOWS\System32\dllcache\irenum.sys -> [2010/03/04 11:23:55 | 000,011,264 | ---- | C] (Microsoft Corporation)
batt.dll -> C:\WINDOWS\System32\dllcache\batt.dll -> [2010/03/04 11:23:55 | 000,008,704 | ---- | C] (Microsoft Corporation)
batt.dll -> C:\WINDOWS\System32\batt.dll -> [2010/03/04 11:23:55 | 000,008,704 | ---- | C] (Microsoft Corporation)
storprop.dll -> C:\WINDOWS\System32\storprop.dll -> [2010/03/04 11:23:54 | 000,075,776 | ---- | C] (Microsoft Corporation)
Menu Iniciar -> C:\Documents and Settings\All Users\Menu Iniciar -> [2010/03/04 11:23:45 | 000,000,000 | R--D | C]
Documentos -> C:\Documents and Settings\All Users\Documentos -> [2010/03/04 11:23:45 | 000,000,000 | R--D | C]
Modelos -> C:\Documents and Settings\All Users\Modelos -> [2010/03/04 11:23:45 | 000,000,000 | -H-D | C]
Favoritos -> C:\Documents and Settings\All Users\Favoritos -> [2010/03/04 11:23:45 | 000,000,000 | ---D | C]
Desktop -> C:\Documents and Settings\All Users\Desktop -> [2010/03/04 11:23:45 | 000,000,000 | ---D | C]
CatRoot2 -> C:\WINDOWS\System32\CatRoot2 -> [2010/03/04 11:23:31 | 000,000,000 | ---D | C]
CatRoot -> C:\WINDOWS\System32\CatRoot -> [2010/03/04 11:23:31 | 000,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft -> [2010/03/04 11:23:26 | 000,000,000 | --SD | C]
Dados de aplicativos -> C:\Documents and Settings\All Users\Dados de aplicativos -> [2010/03/04 11:23:26 | 000,000,000 | RH-D | C]
Documents and Settings -> C:\Documents and Settings -> [2010/03/04 11:23:00 | 000,000,000 | ---D | C]
System Volume Information -> C:\System Volume Information -> [2010/03/04 11:18:04 | 000,000,000 | -HSD | C]
Fonts -> C:\WINDOWS\Fonts -> [2010/03/04 11:16:32 | 000,000,000 | R-SD | C]
dllcache -> C:\WINDOWS\System32\dllcache -> [2010/03/04 11:16:32 | 000,000,000 | RHSD | C]
Web -> C:\WINDOWS\Web -> [2010/03/04 11:16:32 | 000,000,000 | R--D | C]
inf -> C:\WINDOWS\inf -> [2010/03/04 11:16:32 | 000,000,000 | -H-D | C]
WinSxS -> C:\WINDOWS\WinSxS -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
wins -> C:\WINDOWS\System32\wins -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
WINDOWS -> C:\WINDOWS -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
wbem -> C:\WINDOWS\System32\wbem -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
usmt -> C:\WINDOWS\System32\usmt -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
twain_32 -> C:\WINDOWS\twain_32 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Temp -> C:\WINDOWS\Temp -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
system32 -> C:\WINDOWS\system32 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
system -> C:\WINDOWS\system -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
spool -> C:\WINDOWS\System32\spool -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
ShellExt -> C:\WINDOWS\System32\ShellExt -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Setup -> C:\WINDOWS\System32\Setup -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
security -> C:\WINDOWS\security -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Resources -> C:\WINDOWS\Resources -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
repair -> C:\WINDOWS\repair -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
ras -> C:\WINDOWS\System32\ras -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
pt-BR -> C:\WINDOWS\System32\pt-BR -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Provisioning -> C:\WINDOWS\Provisioning -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
PeerNet -> C:\WINDOWS\PeerNet -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
pchealth -> C:\WINDOWS\pchealth -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
oobe -> C:\WINDOWS\System32\oobe -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
npp -> C:\WINDOWS\System32\npp -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Network Diagnostic -> C:\WINDOWS\Network Diagnostic -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
mui -> C:\WINDOWS\System32\mui -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
mui -> C:\WINDOWS\mui -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
msapps -> C:\WINDOWS\msapps -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
msagent -> C:\WINDOWS\msagent -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Media -> C:\WINDOWS\Media -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
L2Schemas -> C:\WINDOWS\L2Schemas -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
java -> C:\WINDOWS\java -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
inetsrv -> C:\WINDOWS\System32\inetsrv -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
IME -> C:\WINDOWS\System32\IME -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
ime -> C:\WINDOWS\ime -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
icsxml -> C:\WINDOWS\System32\icsxml -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
ias -> C:\WINDOWS\System32\ias -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Help -> C:\WINDOWS\Help -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
export -> C:\WINDOWS\System32\export -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
etc -> C:\WINDOWS\System32\drivers\etc -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
ehome -> C:\WINDOWS\ehome -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
drivers -> C:\WINDOWS\System32\drivers -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Driver Cache -> C:\WINDOWS\Driver Cache -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
disdn -> C:\WINDOWS\System32\drivers\disdn -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
dhcp -> C:\WINDOWS\System32\dhcp -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Debug -> C:\WINDOWS\Debug -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Cursors -> C:\WINDOWS\Cursors -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Connection Wizard -> C:\WINDOWS\Connection Wizard -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
config -> C:\WINDOWS\System32\config -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
Config -> C:\WINDOWS\Config -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
AppPatch -> C:\WINDOWS\AppPatch -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
addins -> C:\WINDOWS\addins -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
3com_dmi -> C:\WINDOWS\System32\3com_dmi -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
3076 -> C:\WINDOWS\System32\3076 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
2052 -> C:\WINDOWS\System32\2052 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1054 -> C:\WINDOWS\System32\1054 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1046 -> C:\WINDOWS\System32\1046 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1042 -> C:\WINDOWS\System32\1042 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1041 -> C:\WINDOWS\System32\1041 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1037 -> C:\WINDOWS\System32\1037 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1033 -> C:\WINDOWS\System32\1033 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1031 -> C:\WINDOWS\System32\1031 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1028 -> C:\WINDOWS\System32\1028 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
1025 -> C:\WINDOWS\System32\1025 -> [2010/03/04 11:16:32 | 000,000,000 | ---D | C]
drvc.dll -> C:\WINDOWS\System32\drvc.dll -> [2004/11/24 16:25:52 | 000,335,872 | ---- | C] ( )
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

[Files/Folders - Modified Within 90 Days]
NvApps.xml -> C:\WINDOWS\System32\NvApps.xml -> [2010/05/11 08:10:59 | 000,276,202 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/05/11 08:09:58 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/05/11 08:09:34 | 000,002,048 | --S- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/05/11 08:09:31 | 000,263,824 | ---- | M] ()
NTUSER.DAT -> C:\Documents and Settings\User\NTUSER.DAT -> [2010/05/10 18:09:22 | 003,407,872 | -H-- | M] ()
himprimir.ini -> C:\WINDOWS\himprimir.ini -> [2010/05/10 14:42:33 | 000,000,026 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/05/10 08:19:52 | 000,002,206 | ---- | M] ()
sefip.re -> C:\Documents and Settings\User\Desktop\sefip.re -> [2010/05/07 16:27:12 | 000,013,395 | ---- | M] ()
cc_20100504_150215.reg -> C:\Documents and Settings\User\Meus documentos\cc_20100504_150215.reg -> [2010/05/04 15:02:20 | 000,034,946 | ---- | M] ()
cg3041.pdf -> C:\Documents and Settings\User\Desktop\cg3041.pdf -> [2010/05/01 09:43:07 | 000,010,831 | ---- | M] ()
default.pls -> C:\Documents and Settings\User\default.pls -> [2010/04/30 17:35:22 | 000,000,080 | ---- | M] ()
NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2010/04/30 17:35:12 | 000,000,069 | ---- | M] ()
PDOXUSRS.NET -> C:\PDOXUSRS.NET -> [2010/04/29 08:24:40 | 000,013,030 | ---- | M] ()
win.ini -> C:\WINDOWS\win.ini -> [2010/04/29 08:15:03 | 000,000,507 | ---- | M] ()
system.ini -> C:\WINDOWS\system.ini -> [2010/04/29 08:15:03 | 000,000,227 | ---- | M] ()
boot.ini -> C:\boot.ini -> [2010/04/29 08:15:03 | 000,000,211 | -HS- | M] ()
Etiquetas disquete conectividade.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas disquete conectividade.doc -> [2010/04/28 17:58:29 | 000,077,312 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/04/28 13:48:31 | 000,007,168 | ---- | M] ()
Documento de Cadastro no PIS1.xls -> C:\Documents and Settings\User\Meus documentos\Documento de Cadastro no PIS1.xls -> [2010/04/28 13:43:45 | 000,052,736 | ---- | M] ()
CLIENTES.xls -> C:\Documents and Settings\User\Meus documentos\CLIENTES.xls -> [2010/04/28 11:46:14 | 000,093,696 | ---- | M] ()
Pasta1.xls -> C:\Documents and Settings\User\Desktop\Pasta1.xls -> [2010/04/27 16:35:44 | 000,019,968 | ---- | M] ()
RENILTON.pdf -> C:\Documents and Settings\User\Desktop\RENILTON.pdf -> [2010/04/27 15:59:15 | 000,015,534 | ---- | M] ()
LECI.pdf -> C:\Documents and Settings\User\Desktop\LECI.pdf -> [2010/04/27 14:54:02 | 000,016,610 | ---- | M] ()
Comprovante de Rendimentos Pagos e de Retenção de Imposto de Renda na Fonte.doc -> C:\Documents and Settings\User\Desktop\Comprovante de Rendimentos Pagos e de Retenção de Imposto de Renda na Fonte.doc -> [2010/04/26 15:29:00 | 000,046,592 | ---- | M] ()
deployJava1.dll -> C:\WINDOWS\System32\deployJava1.dll -> [2010/04/26 15:05:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/04/26 15:05:46 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/04/26 15:05:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
java.exe -> C:\WINDOWS\System32\java.exe -> [2010/04/26 15:05:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2010/04/26 15:05:46 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.)
Receitanet Java 2010.02a.lnk -> C:\Documents and Settings\All Users\Desktop\Receitanet Java 2010.02a.lnk -> [2010/04/26 14:52:25 | 000,000,925 | ---- | M] ()
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio.lnk -> C:\Documents and Settings\User\Desktop\IRPF2010 - Declaração de Ajuste Anual e Final de Espólio.lnk -> [2010/04/26 14:49:05 | 000,000,750 | ---- | M] ()
gbpkm.sys -> C:\WINDOWS\System32\drivers\gbpkm.sys -> [2010/04/23 15:31:36 | 000,030,504 | ---- | M] (GAS Tecnologia)
LIVROS 2003.xls -> C:\Documents and Settings\User\Meus documentos\LIVROS 2003.xls -> [2010/04/19 11:38:28 | 000,098,816 | ---- | M] ()
LIVROS.xls -> C:\Documents and Settings\User\Meus documentos\LIVROS.xls -> [2010/04/19 10:59:03 | 000,045,568 | ---- | M] ()
Pedido baixa ISS no mes Empresas.doc -> C:\Documents and Settings\User\Meus documentos\Pedido baixa ISS no mes Empresas.doc -> [2010/04/16 15:38:08 | 000,035,328 | ---- | M] ()
KIT_DOCUMENTOS_V40_15_03_20100.xls -> C:\Documents and Settings\User\Meus documentos\KIT_DOCUMENTOS_V40_15_03_20100.xls -> [2010/04/16 11:30:50 | 003,262,976 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\User\ntuser.ini -> [2010/04/15 18:00:40 | 000,000,210 | -HS- | M] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2010/04/14 17:41:43 | 000,001,803 | ---- | M] ()
CALC_EXTRAS(pub) (Reparado).xls -> C:\Documents and Settings\User\Meus documentos\CALC_EXTRAS(pub) (Reparado).xls -> [2010/04/07 10:59:16 | 000,160,256 | ---- | M] ()
CALC_EXTRAS(pub).xls -> C:\Documents and Settings\User\Meus documentos\CALC_EXTRAS(pub).xls -> [2010/04/07 08:42:27 | 000,162,304 | ---- | M] ()
Relação de faturamento para Sicredi.doc -> C:\Documents and Settings\User\Meus documentos\Relação de faturamento para Sicredi.doc -> [2010/03/31 10:16:19 | 000,032,768 | ---- | M] ()
DECLARACAO DE OPTANTE PELO SIMPLES.doc -> C:\Documents and Settings\User\Meus documentos\DECLARACAO DE OPTANTE PELO SIMPLES.doc -> [2010/03/30 17:53:38 | 000,024,576 | ---- | M] ()
RELACAO DE FATURAMENTO PARA BANCOS.doc -> C:\Documents and Settings\User\Meus documentos\RELACAO DE FATURAMENTO PARA BANCOS.doc -> [2010/03/29 16:20:09 | 000,032,256 | ---- | M] ()
Atalho para Meus documentos em 'Servidor' (X).lnk -> C:\Documents and Settings\User\Desktop\Atalho para Meus documentos em 'Servidor' (X).lnk -> [2010/03/29 13:43:59 | 000,000,304 | ---- | M] ()
IconCache.db -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\IconCache.db -> [2010/03/28 08:06:22 | 004,797,058 | -H-- | M] ()
nvoglnt.dll -> C:\WINDOWS\System32\nvoglnt.dll -> [2010/03/16 03:51:59 | 014,757,888 | ---- | M] (NVIDIA Corporation)
nvcompiler.dll -> C:\WINDOWS\System32\nvcompiler.dll -> [2010/03/16 03:51:59 | 011,640,832 | ---- | M] (NVIDIA Corporation)
nv4_mini.sys -> C:\WINDOWS\System32\drivers\nv4_mini.sys -> [2010/03/16 03:51:59 | 010,232,352 | ---- | M] (NVIDIA Corporation)
nv4_mini.sys -> C:\WINDOWS\System32\dllcache\nv4_mini.sys -> [2010/03/16 03:51:59 | 010,232,352 | ---- | M] (NVIDIA Corporation)
nv4_disp.dll -> C:\WINDOWS\System32\nv4_disp.dll -> [2010/03/16 03:51:59 | 006,432,128 | ---- | M] (NVIDIA Corporation)
nvcuda.dll -> C:\WINDOWS\System32\nvcuda.dll -> [2010/03/16 03:51:59 | 004,075,520 | ---- | M] (NVIDIA Corporation)
nvcuvenc.dll -> C:\WINDOWS\System32\nvcuvenc.dll -> [2010/03/16 03:51:59 | 002,646,632 | ---- | M] (NVIDIA Corporation)
nvdata.bin -> C:\WINDOWS\System32\nvdata.bin -> [2010/03/16 03:51:59 | 002,183,470 | ---- | M] ()
nvcuvid.dll -> C:\WINDOWS\System32\nvcuvid.dll -> [2010/03/16 03:51:59 | 002,030,184 | ---- | M] (NVIDIA Corporation)
nvapi.dll -> C:\WINDOWS\System32\nvapi.dll -> [2010/03/16 03:51:59 | 001,097,728 | ---- | M] (NVIDIA Corporation)
nvudisp.exe -> C:\WINDOWS\System32\nvudisp.exe -> [2010/03/16 03:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation)
nvcodins.dll -> C:\WINDOWS\System32\nvcodins.dll -> [2010/03/16 03:51:59 | 000,215,656 | ---- | M] (NVIDIA Corporation)
nvcod.dll -> C:\WINDOWS\System32\nvcod.dll -> [2010/03/16 03:51:59 | 000,215,656 | ---- | M] (NVIDIA Corporation)
OpenCL.dll -> C:\WINDOWS\System32\OpenCL.dll -> [2010/03/16 03:51:59 | 000,061,440 | ---- | M] (Khronos Group)
nvdisp.nvu -> C:\WINDOWS\System32\nvdisp.nvu -> [2010/03/16 03:51:59 | 000,025,695 | ---- | M] ()
nvinfo.pb -> C:\WINDOWS\System32\nvinfo.pb -> [2010/03/16 03:51:59 | 000,009,046 | ---- | M] ()
nvcpl.dll -> C:\WINDOWS\System32\nvcpl.dll -> [2010/03/16 03:37:50 | 013,670,504 | ---- | M] (NVIDIA Corporation)
nvmccs.dll -> C:\WINDOWS\System32\nvmccs.dll -> [2010/03/16 03:37:50 | 000,278,120 | ---- | M] (NVIDIA Corporation)
nvcolor.exe -> C:\WINDOWS\System32\nvcolor.exe -> [2010/03/16 03:37:50 | 000,145,000 | ---- | M] (NVIDIA Corporation)
nvmctray.dll -> C:\WINDOWS\System32\nvmctray.dll -> [2010/03/16 03:37:50 | 000,110,696 | ---- | M] (NVIDIA Corporation)
nvwddi.dll -> C:\WINDOWS\System32\nvwddi.dll -> [2010/03/16 03:37:44 | 000,081,920 | ---- | M] (NVIDIA Corporation)
NvwsApps.xml -> C:\WINDOWS\System32\NvwsApps.xml -> [2010/03/16 03:37:34 | 000,066,714 | ---- | M] ()
NVUNINST.EXE -> C:\WINDOWS\System32\NVUNINST.EXE -> [2010/03/12 11:26:36 | 000,600,680 | ---- | M] (NVIDIA Corporation)
Setup1.exe -> C:\WINDOWS\Setup1.exe -> [2010/03/11 17:25:19 | 000,286,720 | ---- | M] (Microsoft Corporation)
ST6UNST.EXE -> C:\WINDOWS\ST6UNST.EXE -> [2010/03/11 17:25:18 | 000,073,216 | ---- | M] (Microsoft Corporation)
KIT_DOCUMENTOS_V40_15_03_2010.xls -> C:\Documents and Settings\User\Meus documentos\KIT_DOCUMENTOS_V40_15_03_2010.xls -> [2010/03/11 16:48:52 | 003,195,904 | ---- | M] ()
MSJCE.dll -> C:\WINDOWS\System32\MSJCE.dll -> [2010/03/11 15:22:10 | 000,069,632 | ---- | M] ()
pessoa juridica Vieira e Pagel.xls -> C:\Documents and Settings\User\Meus documentos\pessoa juridica Vieira e Pagel.xls -> [2010/03/11 10:41:04 | 000,054,272 | ---- | M] ()
pessoa juridica Vieira e Pagel.doc -> C:\Documents and Settings\User\Meus documentos\pessoa juridica Vieira e Pagel.doc -> [2010/03/10 15:48:16 | 006,037,504 | ---- | M] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2010/03/08 09:56:48 | 000,004,205 | ---- | M] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010/03/08 09:56:48 | 000,000,290 | ---- | M] ()
nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2010/03/08 09:37:29 | 000,000,000 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT -> [2010/03/06 11:20:40 | 000,068,480 | ---- | M] ()
ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010/03/06 10:27:21 | 000,000,056 | -H-- | M] ()
Centro de controle do Avira AntiVir.lnk -> C:\Documents and Settings\All Users\Desktop\Centro de controle do Avira AntiVir.lnk -> [2010/03/04 16:49:31 | 000,001,779 | ---- | M] ()
Nero StartSmart.lnk -> C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk -> [2010/03/04 16:41:54 | 000,002,464 | ---- | M] ()
.rnd -> C:\Documents and Settings\User\.rnd -> [2010/03/04 16:41:06 | 000,001,024 | ---- | M] ()
nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [2010/03/04 16:27:06 | 000,023,392 | ---- | M] ()
amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [2010/03/04 16:27:06 | 000,016,832 | ---- | M] ()
MsftWdf_user_01_00_00.Wdf -> C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2010/03/04 16:26:10 | 000,000,000 | -H-- | M] ()
WgaTray.exe -> C:\WINDOWS\System32\WgaTray.exe -> [2010/03/04 16:15:13 | 000,332,672 | ---- | M] (Microsoft Corporation)
mixerdef.ini -> C:\WINDOWS\mixerdef.ini -> [2010/03/04 16:07:34 | 000,000,025 | ---- | M] ()
CMISETUP.INI -> C:\WINDOWS\CMISETUP.INI -> [2010/03/04 16:07:15 | 000,000,092 | ---- | M] ()
CMCDPLAY.INI -> C:\WINDOWS\CMCDPLAY.INI -> [2010/03/04 16:07:15 | 000,000,026 | ---- | M] ()
mixer.exe -> C:\WINDOWS\mixer.exe -> [2010/03/04 16:04:24 | 001,855,488 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw))
crlds3d.dll -> C:\WINDOWS\System\crlds3d.dll -> [2010/03/04 16:04:24 | 000,765,952 | ---- | M] (Sensaura Ltd)
cmuninst.exe -> C:\WINDOWS\cmuninst.exe -> [2010/03/04 16:04:24 | 000,139,264 | ---- | M] (C-Media Electronics Inc.)
cmuninst.dat -> C:\WINDOWS\cmuninst.dat -> [2010/03/04 16:04:24 | 000,135,168 | ---- | M] (C-Media Electronics Inc.)
cmijack.ini -> C:\WINDOWS\cmijack.ini -> [2010/03/04 16:04:24 | 000,039,279 | ---- | M] ()
cmijack.dat -> C:\WINDOWS\cmijack.dat -> [2010/03/04 16:04:24 | 000,039,279 | ---- | M] ()
cmnprop.dll -> C:\WINDOWS\System32\cmnprop.dll -> [2010/03/04 16:04:24 | 000,032,768 | ---- | M] (C-Media Corporation)
cmaudio.dat -> C:\WINDOWS\cmaudio.dat -> [2010/03/04 16:04:24 | 000,023,041 | ---- | M] ()
Audio3D.dll -> C:\WINDOWS\System32\Audio3D.dll -> [2010/03/04 16:04:23 | 000,712,704 | ---- | M] (Sensaura Ltd)
a3d.dll -> C:\WINDOWS\System32\dllcache\a3d.dll -> [2010/03/04 16:04:23 | 000,712,704 | ---- | M] (Sensaura Ltd)
a3d.dll -> C:\WINDOWS\System32\a3d.dll -> [2010/03/04 16:04:23 | 000,712,704 | ---- | M] (Sensaura Ltd)
cmaudio.sys -> C:\WINDOWS\System32\drivers\cmaudio.sys -> [2010/03/04 16:04:23 | 000,377,358 | ---- | M] (C-Media Inc)
msssc.dll -> C:\WINDOWS\System32\msssc.dll -> [2010/03/04 15:47:41 | 000,000,044 | ---- | M] ()
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/03/04 14:58:38 | 000,752,010 | ---- | M] ()
perfh016.dat -> C:\WINDOWS\System32\perfh016.dat -> [2010/03/04 14:58:38 | 000,344,380 | ---- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/03/04 14:58:38 | 000,311,604 | ---- | M] ()
perfc016.dat -> C:\WINDOWS\System32\perfc016.dat -> [2010/03/04 14:58:38 | 000,048,628 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/03/04 14:58:38 | 000,039,992 | ---- | M] ()
REGLOCS.OLD -> C:\WINDOWS\REGLOCS.OLD -> [2010/03/04 14:41:52 | 000,008,192 | ---- | M] ()
$winnt$.inf -> C:\WINDOWS\System32\$winnt$.inf -> [2010/03/04 14:40:30 | 000,000,261 | ---- | M] ()
CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010/03/04 14:37:42 | 000,002,969 | ---- | M] ()
MSDOS.SYS -> C:\MSDOS.SYS -> [2010/03/04 14:37:42 | 000,000,000 | RHS- | M] ()
IO.SYS -> C:\IO.SYS -> [2010/03/04 14:37:42 | 000,000,000 | RHS- | M] ()
control.ini -> C:\WINDOWS\control.ini -> [2010/03/04 14:37:42 | 000,000,000 | ---- | M] ()
CONFIG.SYS -> C:\CONFIG.SYS -> [2010/03/04 14:37:42 | 000,000,000 | ---- | M] ()
WMSysPr9.prx -> C:\WINDOWS\WMSysPr9.prx -> [2010/03/04 14:37:33 | 000,316,640 | ---- | M] ()
WindowsLogon.manifest -> C:\WINDOWS\System32\WindowsLogon.manifest -> [2010/03/04 14:36:00 | 000,000,488 | RH-- | M] ()
logonui.exe.manifest -> C:\WINDOWS\System32\logonui.exe.manifest -> [2010/03/04 14:36:00 | 000,000,488 | RH-- | M] ()
wuaucpl.cpl.manifest -> C:\WINDOWS\System32\wuaucpl.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
WindowsShell.Manifest -> C:\WINDOWS\WindowsShell.Manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
sapi.cpl.manifest -> C:\WINDOWS\System32\sapi.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
nwc.cpl.manifest -> C:\WINDOWS\System32\nwc.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
ncpa.cpl.manifest -> C:\WINDOWS\System32\ncpa.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
cdplayer.exe.manifest -> C:\WINDOWS\System32\cdplayer.exe.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | M] ()
emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2010/03/04 14:34:00 | 000,021,844 | ---- | M] ()
vbaddin.ini -> C:\WINDOWS\vbaddin.ini -> [2010/03/04 14:33:46 | 000,000,037 | ---- | M] ()
vb.ini -> C:\WINDOWS\vb.ini -> [2010/03/04 14:33:46 | 000,000,036 | ---- | M] ()
pid.PNF -> C:\WINDOWS\System32\pid.PNF -> [2010/03/04 11:30:44 | 000,004,444 | ---- | M] ()
CBO 2002 Livro 3.pdf -> C:\Documents and Settings\User\Meus documentos\CBO 2002 Livro 3.pdf -> [2010/02/25 17:10:54 | 001,559,030 | ---- | M] ()
CBO 2002 LISTA.PDF -> C:\Documents and Settings\User\Meus documentos\CBO 2002 LISTA.PDF -> [2010/02/25 17:08:35 | 000,522,939 | ---- | M] ()
DFC-GI 2010.lnk -> C:\Documents and Settings\User\Desktop\DFC-GI 2010.lnk -> [2010/02/25 13:42:38 | 000,000,650 | ---- | M] ()
AVISO PRÉVIO.doc -> C:\Documents and Settings\User\Meus documentos\AVISO PRÉVIO.doc -> [2010/02/23 14:27:38 | 000,022,016 | ---- | M] ()
AVISO PRÉVIO DO EMPREGADOR.doc -> C:\Documents and Settings\User\Meus documentos\AVISO PRÉVIO DO EMPREGADOR.doc -> [2010/02/23 14:26:35 | 000,024,064 | ---- | M] ()
CONTRATO DE COMPRA E VENDA DARLAN.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMPRA E VENDA DARLAN.doc -> [2010/02/20 10:55:32 | 000,023,040 | ---- | M] ()
CONTRATO DE COMPRA E VEND1 TERRENO NERI.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMPRA E VEND1 TERRENO NERI.doc -> [2010/02/20 10:50:26 | 000,022,528 | ---- | M] ()
DataHora.cns -> C:\DataHora.cns -> [2010/02/11 08:12:56 | 000,000,027 | ---- | M] ()
91 C:\Documents and Settings\User\Configurações locais\Temp\*.tmp files -> C:\Documents and Settings\User\Configurações locais\Temp\*.tmp ->
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

cg150mt · 11/05/2010

Continuando ... O log... este e o ultimo...
Mr. Wolf
Tive de fazer assim pois colocar tudo em uma so resposta o sistema do forum nao estava aceitando...
Desculpem

[Files - No Company Name]
cc_20100504_150215.reg -> C:\Documents and Settings\User\Meus documentos\cc_20100504_150215.reg -> [2010/05/04 15:02:17 | 000,034,946 | ---- | C] ()
sefip.re -> C:\Documents and Settings\User\Desktop\sefip.re -> [2010/05/04 10:05:31 | 000,013,395 | ---- | C] ()
cg3041.pdf -> C:\Documents and Settings\User\Desktop\cg3041.pdf -> [2010/05/01 09:43:07 | 000,010,831 | ---- | C] ()
default.pls -> C:\Documents and Settings\User\default.pls -> [2010/04/28 14:42:11 | 000,000,080 | ---- | C] ()
NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2010/04/28 13:48:21 | 000,000,069 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/04/28 13:48:12 | 000,007,168 | ---- | C] ()
RENILTON.pdf -> C:\Documents and Settings\User\Desktop\RENILTON.pdf -> [2010/04/27 15:59:14 | 000,015,534 | ---- | C] ()
LECI.pdf -> C:\Documents and Settings\User\Desktop\LECI.pdf -> [2010/04/27 14:54:01 | 000,016,610 | ---- | C] ()
Comprovante de Rendimentos Pagos e de Retenção de Imposto de Renda na Fonte.doc -> C:\Documents and Settings\User\Desktop\Comprovante de Rendimentos Pagos e de Retenção de Imposto de Renda na Fonte.doc -> [2010/04/26 15:28:59 | 000,046,592 | ---- | C] ()
Receitanet Java 2010.02a.lnk -> C:\Documents and Settings\All Users\Desktop\Receitanet Java 2010.02a.lnk -> [2010/04/26 14:52:25 | 000,000,925 | ---- | C] ()
MSJCE.dll -> C:\WINDOWS\System32\MSJCE.dll -> [2010/04/26 14:52:20 | 000,069,632 | ---- | C] ()
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio.lnk -> C:\Documents and Settings\User\Desktop\IRPF2010 - Declaração de Ajuste Anual e Final de Espólio.lnk -> [2010/04/26 14:49:05 | 000,000,750 | ---- | C] ()
KIT_DOCUMENTOS_V40_15_03_20100.xls -> C:\Documents and Settings\User\Meus documentos\KIT_DOCUMENTOS_V40_15_03_20100.xls -> [2010/04/16 11:22:54 | 003,262,976 | ---- | C] ()
nvinfo.pb -> C:\WINDOWS\System32\nvinfo.pb -> [2010/04/16 09:48:28 | 000,009,046 | ---- | C] ()
KIT_DOCUMENTOS_V40_15_03_2010.xls -> C:\Documents and Settings\User\Meus documentos\KIT_DOCUMENTOS_V40_15_03_2010.xls -> [2010/04/14 14:47:52 | 003,195,904 | ---- | C] ()
CALC_EXTRAS(pub) (Reparado).xls -> C:\Documents and Settings\User\Meus documentos\CALC_EXTRAS(pub) (Reparado).xls -> [2010/04/07 10:37:38 | 000,160,256 | ---- | C] ()
Hl_enc32.dll -> C:\WINDOWS\System32\Hl_enc32.dll -> [2010/03/24 09:40:50 | 000,076,800 | ---- | C] ()
RaisVal.dll -> C:\WINDOWS\System32\RaisVal.dll -> [2010/03/24 09:40:47 | 000,061,440 | ---- | C] ()
PKWIN32.DLL -> C:\WINDOWS\System32\PKWIN32.DLL -> [2010/03/24 09:40:46 | 000,040,960 | ---- | C] ()
selar32.dll -> C:\WINDOWS\System32\selar32.dll -> [2010/03/24 09:40:45 | 000,020,480 | ---- | C] ()
NvApps.xml -> C:\WINDOWS\System32\NvApps.xml -> [2010/03/16 03:37:34 | 000,276,202 | ---- | C] ()
NvwsApps.xml -> C:\WINDOWS\System32\NvwsApps.xml -> [2010/03/16 03:37:34 | 000,066,714 | ---- | C] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2010/03/12 11:26:03 | 000,001,803 | ---- | C] ()
pessoa juridica Vieira e Pagel.doc -> C:\Documents and Settings\User\Meus documentos\pessoa juridica Vieira e Pagel.doc -> [2010/03/10 14:34:43 | 006,037,504 | ---- | C] ()
pessoa juridica Vieira e Pagel.xls -> C:\Documents and Settings\User\Meus documentos\pessoa juridica Vieira e Pagel.xls -> [2010/03/10 14:34:43 | 000,054,272 | ---- | C] ()
UNWISE.EXE -> C:\WINDOWS\UNWISE.EXE -> [2010/03/08 09:58:40 | 000,165,376 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010/03/08 09:56:48 | 000,000,290 | ---- | C] ()
nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2010/03/08 09:37:29 | 000,000,000 | ---- | C] ()
ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010/03/06 10:27:21 | 000,000,056 | -H-- | C] ()
javasup.vxd -> C:\WINDOWS\System32\javasup.vxd -> [2010/03/06 09:33:03 | 000,007,315 | ---- | C] ()
jautoexp.dat -> C:\WINDOWS\jautoexp.dat -> [2010/03/06 09:33:03 | 000,006,550 | ---- | C] ()
zonedon.reg -> C:\WINDOWS\System32\zonedon.reg -> [2010/03/06 09:32:58 | 000,000,113 | ---- | C] ()
zonedoff.reg -> C:\WINDOWS\System32\zonedoff.reg -> [2010/03/06 09:32:58 | 000,000,113 | ---- | C] ()
cpwmon2k.dll -> C:\WINDOWS\System32\cpwmon2k.dll -> [2010/03/06 08:25:41 | 000,087,552 | ---- | C] ()
himprimir.ini -> C:\WINDOWS\himprimir.ini -> [2010/03/05 15:56:53 | 000,000,026 | ---- | C] ()
Prx.dll -> C:\WINDOWS\System32\Prx.dll -> [2010/03/05 13:35:33 | 002,256,384 | ---- | C] ()
Prox.dll -> C:\WINDOWS\System32\Prox.dll -> [2010/03/05 13:35:33 | 000,371,200 | ---- | C] ()
Rsa_w32.dll -> C:\WINDOWS\System32\Rsa_w32.dll -> [2010/03/05 13:35:33 | 000,051,712 | ---- | C] ()
Clhttp.prg -> C:\WINDOWS\System32\Clhttp.prg -> [2010/03/05 13:35:33 | 000,003,055 | ---- | C] ()
Clhtreg.prg -> C:\WINDOWS\System32\Clhtreg.prg -> [2010/03/05 13:35:33 | 000,002,545 | ---- | C] ()
Clhtcert.prg -> C:\WINDOWS\System32\Clhtcert.prg -> [2010/03/05 13:35:33 | 000,001,883 | ---- | C] ()
tcpconf.dat -> C:\WINDOWS\System32\tcpconf.dat -> [2010/03/05 13:35:33 | 000,000,148 | ---- | C] ()
Clusr2.prg -> C:\WINDOWS\System32\Clusr2.prg -> [2010/03/05 13:35:33 | 000,000,007 | ---- | C] ()
Clusr1.prg -> C:\WINDOWS\System32\Clusr1.prg -> [2010/03/05 13:35:33 | 000,000,007 | ---- | C] ()
Dao2535.tlb -> C:\WINDOWS\System32\Dao2535.tlb -> [2010/03/05 13:35:16 | 000,073,184 | ---- | C] ()
MSDATGRD.oca -> C:\WINDOWS\System32\MSDATGRD.oca -> [2010/03/05 13:35:16 | 000,065,536 | ---- | C] ()
Mshflxgd.srg -> C:\WINDOWS\System32\Mshflxgd.srg -> [2010/03/05 13:35:16 | 000,000,111 | ---- | C] ()
cnsHTTP.dll -> C:\WINDOWS\System32\cnsHTTP.dll -> [2010/03/05 13:35:12 | 000,435,200 | ---- | C] ()
simplezip.dll -> C:\WINDOWS\System32\simplezip.dll -> [2010/03/05 13:35:12 | 000,333,312 | ---- | C] ()
Stdcxom.tlb -> C:\WINDOWS\System32\Stdcxom.tlb -> [2010/03/05 13:35:11 | 000,008,108 | ---- | C] ()
Stdcxiac.tlb -> C:\WINDOWS\System32\Stdcxiac.tlb -> [2010/03/05 13:35:11 | 000,004,000 | ---- | C] ()
Stdcxiap.tlb -> C:\WINDOWS\System32\Stdcxiap.tlb -> [2010/03/05 13:35:11 | 000,001,664 | ---- | C] ()
base64.dll -> C:\WINDOWS\System32\base64.dll -> [2010/03/05 13:29:54 | 000,028,672 | ---- | C] ()
ZipDll.dll -> C:\WINDOWS\System32\ZipDll.dll -> [2010/03/05 13:29:49 | 000,130,560 | ---- | C] ()
UnzDll.dll -> C:\WINDOWS\System32\UnzDll.dll -> [2010/03/05 13:29:49 | 000,125,440 | ---- | C] ()
Hl_med32.dll -> C:\WINDOWS\System32\Hl_med32.dll -> [2010/03/05 13:28:53 | 000,218,112 | ---- | C] ()
Hlsoft32.dll -> C:\WINDOWS\System32\Hlsoft32.dll -> [2010/03/05 13:28:53 | 000,167,936 | ---- | C] ()
Hl_pub32.dll -> C:\WINDOWS\System32\Hl_pub32.dll -> [2010/03/05 13:28:53 | 000,031,744 | ---- | C] ()
Atalho para Meus documentos em 'Servidor' (X).lnk -> C:\Documents and Settings\User\Desktop\Atalho para Meus documentos em 'Servidor' (X).lnk -> [2010/03/05 11:23:30 | 000,000,304 | ---- | C] ()
Pasta1.xls -> C:\Documents and Settings\User\Desktop\Pasta1.xls -> [2010/03/04 18:11:40 | 000,019,968 | ---- | C] ()
CNPJ 2.6.lnk -> C:\Documents and Settings\User\Desktop\CNPJ 2.6.lnk -> [2010/03/04 18:11:40 | 000,001,555 | ---- | C] ()
CAT - Comunicação de Acidente de Trabalho.lnk -> C:\Documents and Settings\User\Desktop\CAT - Comunicação de Acidente de Trabalho.lnk -> [2010/03/04 18:11:40 | 000,001,382 | ---- | C] ()
DACON Mensal-Semestral 1.2.lnk -> C:\Documents and Settings\User\Desktop\DACON Mensal-Semestral 1.2.lnk -> [2010/03/04 18:11:40 | 000,001,014 | ---- | C] ()
DACON Semestral 1.1.lnk -> C:\Documents and Settings\User\Desktop\DACON Semestral 1.1.lnk -> [2010/03/04 18:11:40 | 000,000,966 | ---- | C] ()
DIPJ 2008.lnk -> C:\Documents and Settings\User\Desktop\DIPJ 2008.lnk -> [2010/03/04 18:11:40 | 000,000,821 | ---- | C] ()
DFC-GI 2010.lnk -> C:\Documents and Settings\User\Desktop\DFC-GI 2010.lnk -> [2010/03/04 18:11:40 | 000,000,650 | ---- | C] ()
SICALCP.EXE.lnk -> C:\Documents and Settings\User\Desktop\SICALCP.EXE.lnk -> [2010/03/04 18:11:40 | 000,000,541 | ---- | C] ()
RRDD.dot -> C:\Documents and Settings\User\Meus documentos\RRDD.dot -> [2010/03/04 18:11:10 | 000,265,728 | ---- | C] ()
RRDD GILDA BIASIN.doc -> C:\Documents and Settings\User\Meus documentos\RRDD GILDA BIASIN.doc -> [2010/03/04 18:11:10 | 000,234,496 | ---- | C] ()
SIMPLES%20ESTADUAL[1].ppt -> C:\Documents and Settings\User\Meus documentos\SIMPLES%20ESTADUAL[1].ppt -> [2010/03/04 18:11:10 | 000,225,792 | ---- | C] ()
TABELAS GFIP E FPAS.doc -> C:\Documents and Settings\User\Meus documentos\TABELAS GFIP E FPAS.doc -> [2010/03/04 18:11:10 | 000,216,064 | ---- | C] ()
Substituição Tributária.doc -> C:\Documents and Settings\User\Meus documentos\Substituição Tributária.doc -> [2010/03/04 18:11:10 | 000,095,744 | ---- | C] ()
Tabela Simples Federal.doc -> C:\Documents and Settings\User\Meus documentos\Tabela Simples Federal.doc -> [2010/03/04 18:11:10 | 000,048,640 | ---- | C] ()
sindicato luci declaração.doc -> C:\Documents and Settings\User\Meus documentos\sindicato luci declaração.doc -> [2010/03/04 18:11:10 | 000,039,936 | ---- | C] ()
Salario Familia Valores 02 2009.doc -> C:\Documents and Settings\User\Meus documentos\Salario Familia Valores 02 2009.doc -> [2010/03/04 18:11:10 | 000,039,424 | ---- | C] ()
Solicitacao Revisao de exclusao do simples.rtf -> C:\Documents and Settings\User\Meus documentos\Solicitacao Revisao de exclusao do simples.rtf -> [2010/03/04 18:11:10 | 000,038,393 | ---- | C] ()
tonello empregados.doc -> C:\Documents and Settings\User\Meus documentos\tonello empregados.doc -> [2010/03/04 18:11:10 | 000,031,232 | ---- | C] ()
Terceiro Segredo de Fátima.doc -> C:\Documents and Settings\User\Meus documentos\Terceiro Segredo de Fátima.doc -> [2010/03/04 18:11:10 | 000,029,184 | ---- | C] ()
tabela Lucro Real x Lucro Presumido.doc -> C:\Documents and Settings\User\Meus documentos\tabela Lucro Real x Lucro Presumido.doc -> [2010/03/04 18:11:10 | 000,028,672 | ---- | C] ()
SIMPLES CELSO.doc -> C:\Documents and Settings\User\Meus documentos\SIMPLES CELSO.doc -> [2010/03/04 18:11:10 | 000,022,528 | ---- | C] ()
SINDICATOS Telefones Regiao.xls -> C:\Documents and Settings\User\Meus documentos\SINDICATOS Telefones Regiao.xls -> [2010/03/04 18:11:10 | 000,021,504 | ---- | C] ()
TELEFONES CLIENTES.xls -> C:\Documents and Settings\User\Meus documentos\TELEFONES CLIENTES.xls -> [2010/03/04 18:11:10 | 000,020,480 | ---- | C] ()
Tabela de Relação de Faturmento Disleite.xls -> C:\Documents and Settings\User\Meus documentos\Tabela de Relação de Faturmento Disleite.xls -> [2010/03/04 18:11:10 | 000,017,408 | ---- | C] ()
VENDAS EMBUTIDOS.xls -> C:\Documents and Settings\User\Meus documentos\VENDAS EMBUTIDOS.xls -> [2010/03/04 18:11:10 | 000,015,872 | ---- | C] ()
ROSELI RDE.doc -> C:\Documents and Settings\User\Meus documentos\ROSELI RDE.doc -> [2010/03/04 18:11:09 | 000,245,760 | ---- | C] ()
requerimento de certidão negativa receita federal.doc -> C:\Documents and Settings\User\Meus documentos\requerimento de certidão negativa receita federal.doc -> [2010/03/04 18:11:09 | 000,105,472 | ---- | C] ()
RFB Solicitacao senha eletronica.doc -> C:\Documents and Settings\User\Meus documentos\RFB Solicitacao senha eletronica.doc -> [2010/03/04 18:11:09 | 000,086,016 | ---- | C] ()
RESCISAO DE CONTRATO DE TRABALHO.doc -> C:\Documents and Settings\User\Meus documentos\RESCISAO DE CONTRATO DE TRABALHO.doc -> [2010/03/04 18:11:09 | 000,078,336 | ---- | C] ()
Relação de Livros para Encadernação.doc -> C:\Documents and Settings\User\Meus documentos\Relação de Livros para Encadernação.doc -> [2010/03/04 18:11:09 | 000,043,520 | ---- | C] ()
Restituicao de ICMS.doc -> C:\Documents and Settings\User\Meus documentos\Restituicao de ICMS.doc -> [2010/03/04 18:11:09 | 000,041,472 | ---- | C] ()
Relação de Empregados e Empresas de Transportes.doc -> C:\Documents and Settings\User\Meus documentos\Relação de Empregados e Empresas de Transportes.doc -> [2010/03/04 18:11:09 | 000,034,816 | ---- | C] ()
RELATÓRIO DO MÊS JANEIRO 2005 ALBINO ALLES.doc -> C:\Documents and Settings\User\Meus documentos\RELATÓRIO DO MÊS JANEIRO 2005 ALBINO ALLES.doc -> [2010/03/04 18:11:09 | 000,033,792 | ---- | C] ()
Relação de faturamento para Sicredi.doc -> C:\Documents and Settings\User\Meus documentos\Relação de faturamento para Sicredi.doc -> [2010/03/04 18:11:09 | 000,032,768 | ---- | C] ()
RELACAO DE FATURAMENTO PARA BANCOS.doc -> C:\Documents and Settings\User\Meus documentos\RELACAO DE FATURAMENTO PARA BANCOS.doc -> [2010/03/04 18:11:09 | 000,032,256 | ---- | C] ()
Resfriar Faturamento RESFRIAR.doc -> C:\Documents and Settings\User\Meus documentos\Resfriar Faturamento RESFRIAR.doc -> [2010/03/04 18:11:09 | 000,031,744 | ---- | C] ()
Relação de faturamento Banco do Brasil.doc -> C:\Documents and Settings\User\Meus documentos\Relação de faturamento Banco do Brasil.doc -> [2010/03/04 18:11:09 | 000,031,744 | ---- | C] ()
Relação faturamento Marli barro.doc -> C:\Documents and Settings\User\Meus documentos\Relação faturamento Marli barro.doc -> [2010/03/04 18:11:09 | 000,030,208 | ---- | C] ()
Relação de Faturamento de Empresas para Bancos.doc -> C:\Documents and Settings\User\Meus documentos\Relação de Faturamento de Empresas para Bancos.doc -> [2010/03/04 18:11:09 | 000,029,696 | ---- | C] ()
RELAÇÃO DE DOCUMENTOS LEILA ROZA.doc -> C:\Documents and Settings\User\Meus documentos\RELAÇÃO DE DOCUMENTOS LEILA ROZA.doc -> [2010/03/04 18:11:09 | 000,027,648 | ---- | C] ()
Relação de faturamento P d A fachinello.doc -> C:\Documents and Settings\User\Meus documentos\Relação de faturamento P d A fachinello.doc -> [2010/03/04 18:11:09 | 000,027,136 | ---- | C] ()
Relação de faturamento HSBC.doc -> C:\Documents and Settings\User\Meus documentos\Relação de faturamento HSBC.doc -> [2010/03/04 18:11:09 | 000,027,136 | ---- | C] ()
Req. Prefeitura certidao negativa.doc -> C:\Documents and Settings\User\Meus documentos\Req. Prefeitura certidao negativa.doc -> [2010/03/04 18:11:09 | 000,024,576 | ---- | C] ()
Restituicao de ICMS1.doc -> C:\Documents and Settings\User\Meus documentos\Restituicao de ICMS1.doc -> [2010/03/04 18:11:09 | 000,019,968 | ---- | C] ()
requerimento celso.doc -> C:\Documents and Settings\User\Meus documentos\requerimento celso.doc -> [2010/03/04 18:11:09 | 000,019,968 | ---- | C] ()
Relação de Livros Receita Estadual.xls -> C:\Documents and Settings\User\Meus documentos\Relação de Livros Receita Estadual.xls -> [2010/03/04 18:11:09 | 000,016,896 | ---- | C] ()
RENDA.xls -> C:\Documents and Settings\User\Meus documentos\RENDA.xls -> [2010/03/04 18:11:09 | 000,015,360 | ---- | C] ()
Regulamento Icms 2001 e 2007.rar -> C:\Documents and Settings\User\Meus documentos\Regulamento Icms 2001 e 2007.rar -> [2010/03/04 18:11:08 | 002,780,165 | ---- | C] ()
REgulameto ICMS Novo 2008.pdf -> C:\Documents and Settings\User\Meus documentos\REgulameto ICMS Novo 2008.pdf -> [2010/03/04 18:11:08 | 002,317,758 | ---- | C] ()
Regulamento Icms ANEXO_VI_2008.pdf -> C:\Documents and Settings\User\Meus documentos\Regulamento Icms ANEXO_VI_2008.pdf -> [2010/03/04 18:11:08 | 000,342,476 | ---- | C] ()
Redarf.doc -> C:\Documents and Settings\User\Meus documentos\Redarf.doc -> [2010/03/04 18:11:08 | 000,328,192 | ---- | C] ()
RDT - Retificação de Dados do Trabalhador - FGTS - v009.dot -> C:\Documents and Settings\User\Meus documentos\RDT - Retificação de Dados do Trabalhador - FGTS - v009.dot -> [2010/03/04 18:11:08 | 000,300,544 | ---- | C] ()
RDT CESAR.doc -> C:\Documents and Settings\User\Meus documentos\RDT CESAR.doc -> [2010/03/04 18:11:08 | 000,259,072 | ---- | C] ()
REDARF Roseli M. Santos.doc -> C:\Documents and Settings\User\Meus documentos\REDARF Roseli M. Santos.doc -> [2010/03/04 18:11:08 | 000,120,320 | ---- | C] ()
RDE Retificação Empresa Tonello.doc -> C:\Documents and Settings\User\Meus documentos\RDE Retificação Empresa Tonello.doc -> [2010/03/04 18:11:08 | 000,116,736 | ---- | C] ()
reembolso de inss.doc -> C:\Documents and Settings\User\Meus documentos\reembolso de inss.doc -> [2010/03/04 18:11:08 | 000,066,048 | ---- | C] ()
RECIBO DE SALARIO funcionario.doc -> C:\Documents and Settings\User\Meus documentos\RECIBO DE SALARIO funcionario.doc -> [2010/03/04 18:11:08 | 000,034,816 | ---- | C] ()
Procuracao para Receita Estadual.doc -> C:\Documents and Settings\User\Meus documentos\Procuracao para Receita Estadual.doc -> [2010/03/04 18:11:08 | 000,029,696 | ---- | C] ()
Recibo de Pagamento de Salario.xls -> C:\Documents and Settings\User\Meus documentos\Recibo de Pagamento de Salario.xls -> [2010/03/04 18:11:08 | 000,025,600 | ---- | C] ()
Procuracao CLIENTE inss receita.doc -> C:\Documents and Settings\User\Meus documentos\Procuracao CLIENTE inss receita.doc -> [2010/03/04 18:11:08 | 000,025,600 | ---- | C] ()
Procuracao para Receita Estadual DISLEITE.doc -> C:\Documents and Settings\User\Meus documentos\Procuracao para Receita Estadual DISLEITE.doc -> [2010/03/04 18:11:08 | 000,025,088 | ---- | C] ()
Procuracao para Receita Estadual DISLEITE PB.doc -> C:\Documents and Settings\User\Meus documentos\Procuracao para Receita Estadual DISLEITE PB.doc -> [2010/03/04 18:11:08 | 000,025,088 | ---- | C] ()
Procuracao CLIENTE inss receita2.doc -> C:\Documents and Settings\User\Meus documentos\Procuracao CLIENTE inss receita2.doc -> [2010/03/04 18:11:08 | 000,025,088 | ---- | C] ()
Procuração para o INSS Realeza Alimentos.doc -> C:\Documents and Settings\User\Meus documentos\Procuração para o INSS Realeza Alimentos.doc -> [2010/03/04 18:11:08 | 000,021,504 | ---- | C] ()
PROCURAÇÃO MARLI BARRO.doc -> C:\Documents and Settings\User\Meus documentos\PROCURAÇÃO MARLI BARRO.doc -> [2010/03/04 18:11:08 | 000,021,504 | ---- | C] ()
PROCURAÇÃO INSS Ildete.doc -> C:\Documents and Settings\User\Meus documentos\PROCURAÇÃO INSS Ildete.doc -> [2010/03/04 18:11:08 | 000,021,504 | ---- | C] ()
PROCURAÇÃO de clientes para a Zinha.doc -> C:\Documents and Settings\User\Meus documentos\PROCURAÇÃO de clientes para a Zinha.doc -> [2010/03/04 18:11:08 | 000,021,504 | ---- | C] ()
Procuração INSS Transcurioni.doc -> C:\Documents and Settings\User\Meus documentos\Procuração INSS Transcurioni.doc -> [2010/03/04 18:11:08 | 000,020,992 | ---- | C] ()
RAIS 2008 EMPRESAS INDIVIDUAIS.doc -> C:\Documents and Settings\User\Meus documentos\RAIS 2008 EMPRESAS INDIVIDUAIS.doc -> [2010/03/04 18:11:08 | 000,020,480 | ---- | C] ()
Receitas Jamir.doc -> C:\Documents and Settings\User\Meus documentos\Receitas Jamir.doc -> [2010/03/04 18:11:08 | 000,019,456 | ---- | C] ()
NPF 0892006 Cadastrao icms.pdf -> C:\Documents and Settings\User\Meus documentos\NPF 0892006 Cadastrao icms.pdf -> [2010/03/04 18:11:07 | 000,144,610 | ---- | C] ()
Papel Timbrado Ilmo Miguel Backes.doc -> C:\Documents and Settings\User\Meus documentos\Papel Timbrado Ilmo Miguel Backes.doc -> [2010/03/04 18:11:07 | 000,123,392 | ---- | C] ()
Pedido de Negativa Receita Federal.doc -> C:\Documents and Settings\User\Meus documentos\Pedido de Negativa Receita Federal.doc -> [2010/03/04 18:11:07 | 000,105,472 | ---- | C] ()
PIS fun Valdomiro.doc -> C:\Documents and Settings\User\Meus documentos\PIS fun Valdomiro.doc -> [2010/03/04 18:11:07 | 000,076,800 | ---- | C] ()
Norma Fiscal Baixa de Empresas.pdf -> C:\Documents and Settings\User\Meus documentos\Norma Fiscal Baixa de Empresas.pdf -> [2010/03/04 18:11:07 | 000,068,025 | ---- | C] ()
passos para a RAIS 2006.doc -> C:\Documents and Settings\User\Meus documentos\passos para a RAIS 2006.doc -> [2010/03/04 18:11:07 | 000,067,072 | ---- | C] ()
Pedido de Regularização PIS.dot -> C:\Documents and Settings\User\Meus documentos\Pedido de Regularização PIS.dot -> [2010/03/04 18:11:07 | 000,059,392 | ---- | C] ()
Papel timbrado diogo dewes de aguiar.doc -> C:\Documents and Settings\User\Meus documentos\Papel timbrado diogo dewes de aguiar.doc -> [2010/03/04 18:11:07 | 000,049,152 | ---- | C] ()
PIS Tabela Pgto 2009 2010.doc -> C:\Documents and Settings\User\Meus documentos\PIS Tabela Pgto 2009 2010.doc -> [2010/03/04 18:11:07 | 000,045,056 | ---- | C] ()
PASCOA.doc -> C:\Documents and Settings\User\Meus documentos\PASCOA.doc -> [2010/03/04 18:11:07 | 000,045,056 | ---- | C] ()
ORÇAMENTO REALMAQ.doc -> C:\Documents and Settings\User\Meus documentos\ORÇAMENTO REALMAQ.doc -> [2010/03/04 18:11:07 | 000,043,520 | ---- | C] ()
PIS Tabela 2007 2008.doc -> C:\Documents and Settings\User\Meus documentos\PIS Tabela 2007 2008.doc -> [2010/03/04 18:11:07 | 000,039,936 | ---- | C] ()
Papel Timbrado - ESCRITORIO.doc -> C:\Documents and Settings\User\Meus documentos\Papel Timbrado - ESCRITORIO.doc -> [2010/03/04 18:11:07 | 000,038,912 | ---- | C] ()
Pesquisa situacao fiscal previdenciario.doc -> C:\Documents and Settings\User\Meus documentos\Pesquisa situacao fiscal previdenciario.doc -> [2010/03/04 18:11:07 | 000,036,352 | ---- | C] ()
Pedido baixa ISS no mes Empresas.doc -> C:\Documents and Settings\User\Meus documentos\Pedido baixa ISS no mes Empresas.doc -> [2010/03/04 18:11:07 | 000,035,328 | ---- | C] ()
PIS Resolução e Calculo para recebimento do.doc -> C:\Documents and Settings\User\Meus documentos\PIS Resolução e Calculo para recebimento do.doc -> [2010/03/04 18:11:07 | 000,031,744 | ---- | C] ()
PREVISÃO DE FATURAMENTO PARA CAIXA.doc -> C:\Documents and Settings\User\Meus documentos\PREVISÃO DE FATURAMENTO PARA CAIXA.doc -> [2010/03/04 18:11:07 | 000,030,208 | ---- | C] ()
Pedido Baixa de Alvaras Escritorio.doc -> C:\Documents and Settings\User\Meus documentos\Pedido Baixa de Alvaras Escritorio.doc -> [2010/03/04 18:11:07 | 000,028,672 | ---- | C] ()
Notas Fiscais e Series.doc -> C:\Documents and Settings\User\Meus documentos\Notas Fiscais e Series.doc -> [2010/03/04 18:11:07 | 000,028,672 | ---- | C] ()
P de Fachinello Prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\P de Fachinello Prefeitura.doc -> [2010/03/04 18:11:07 | 000,026,624 | ---- | C] ()
Pedido negativa Prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\Pedido negativa Prefeitura.doc -> [2010/03/04 18:11:07 | 000,025,600 | ---- | C] ()
PEDIDO DE ALVARA - Prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\PEDIDO DE ALVARA - Prefeitura.doc -> [2010/03/04 18:11:07 | 000,024,576 | ---- | C] ()
NOVO REQUERIMENTO.doc -> C:\Documents and Settings\User\Meus documentos\NOVO REQUERIMENTO.doc -> [2010/03/04 18:11:07 | 000,023,040 | ---- | C] ()
Pedido de baixa meses sem movimento ISS.doc -> C:\Documents and Settings\User\Meus documentos\Pedido de baixa meses sem movimento ISS.doc -> [2010/03/04 18:11:07 | 000,021,504 | ---- | C] ()
Pedido de baixa de Alvara.doc -> C:\Documents and Settings\User\Meus documentos\Pedido de baixa de Alvara.doc -> [2010/03/04 18:11:07 | 000,021,504 | ---- | C] ()
Pedido baixa Alvara empresa sem movimento.doc -> C:\Documents and Settings\User\Meus documentos\Pedido baixa Alvara empresa sem movimento.doc -> [2010/03/04 18:11:07 | 000,021,504 | ---- | C] ()
Pedido de Alteração de nome Prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\Pedido de Alteração de nome Prefeitura.doc -> [2010/03/04 18:11:07 | 000,020,992 | ---- | C] ()
Opção de Faturamento Copel Tonello.doc -> C:\Documents and Settings\User\Meus documentos\Opção de Faturamento Copel Tonello.doc -> [2010/03/04 18:11:07 | 000,019,968 | ---- | C] ()
OFICIO Prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\OFICIO Prefeitura.doc -> [2010/03/04 18:11:07 | 000,019,968 | ---- | C] ()
PLANILHA DA DISLEITE PATO BRANCO.xls -> C:\Documents and Settings\User\Meus documentos\PLANILHA DA DISLEITE PATO BRANCO.xls -> [2010/03/04 18:11:07 | 000,016,384 | ---- | C] ()
Manual_DASN2008_1.0[1].pdf -> C:\Documents and Settings\User\Meus documentos\Manual_DASN2008_1.0[1].pdf -> [2010/03/04 18:11:06 | 001,770,498 | ---- | C] ()
Manual Preenchimento PGDAS vs7-1.pdf -> C:\Documents and Settings\User\Meus documentos\Manual Preenchimento PGDAS vs7-1.pdf -> [2010/03/04 18:11:06 | 000,521,818 | ---- | C] ()
Manual do PPP.doc -> C:\Documents and Settings\User\Meus documentos\Manual do PPP.doc -> [2010/03/04 18:11:06 | 000,206,336 | ---- | C] ()
Mod. 31.005 v014 - RDE - Retificação de Dados do Empregador - FGTS.dot -> C:\Documents and Settings\User\Meus documentos\Mod. 31.005 v014 - RDE - Retificação de Dados do Empregador - FGTS.dot -> [2010/03/04 18:11:06 | 000,129,024 | ---- | C] ()
LIVROS 2003.xls -> C:\Documents and Settings\User\Meus documentos\LIVROS 2003.xls -> [2010/03/04 18:11:06 | 000,098,816 | ---- | C] ()
Natureza Juridica.doc -> C:\Documents and Settings\User\Meus documentos\Natureza Juridica.doc -> [2010/03/04 18:11:06 | 000,079,360 | ---- | C] ()
MOdelo de Estatuto.doc -> C:\Documents and Settings\User\Meus documentos\MOdelo de Estatuto.doc -> [2010/03/04 18:11:06 | 000,058,368 | ---- | C] ()
Manual do NetMeeting.doc -> C:\Documents and Settings\User\Meus documentos\Manual do NetMeeting.doc -> [2010/03/04 18:11:06 | 000,058,368 | ---- | C] ()
LIVROS.xls -> C:\Documents and Settings\User\Meus documentos\LIVROS.xls -> [2010/03/04 18:11:06 | 000,045,568 | ---- | C] ()
Modelo CONTRATO DE COMODATO DE VEÍCULO.doc -> C:\Documents and Settings\User\Meus documentos\Modelo CONTRATO DE COMODATO DE VEÍCULO.doc -> [2010/03/04 18:11:06 | 000,023,552 | ---- | C] ()
MODELO DE CADASTRO.xls -> C:\Documents and Settings\User\Meus documentos\MODELO DE CADASTRO.xls -> [2010/03/04 18:11:06 | 000,017,408 | ---- | C] ()
LIVROS PARA ENCADERNAR.xls -> C:\Documents and Settings\User\Meus documentos\LIVROS PARA ENCADERNAR.xls -> [2010/03/04 18:11:06 | 000,016,384 | ---- | C] ()
met -> C:\Documents and Settings\User\Meus documentos\met -> [2010/03/04 18:11:06 | 000,003,308 | ---- | C] ()
Minhas Pastas de Compartilhamento.lnk -> C:\Documents and Settings\User\Meus documentos\Minhas Pastas de Compartilhamento.lnk -> [2010/03/04 18:11:06 | 000,000,992 | ---- | C] ()
KIT_DOCUMENTOS_V37_03_11_2009.xls -> C:\Documents and Settings\User\Meus documentos\KIT_DOCUMENTOS_V37_03_11_2009.xls -> [2010/03/04 18:11:05 | 003,210,240 | ---- | C] ()
LETRAS.doc -> C:\Documents and Settings\User\Meus documentos\LETRAS.doc -> [2010/03/04 18:11:05 | 000,172,032 | ---- | C] ()
Liturgia das Bodas de Ouro livro.doc -> C:\Documents and Settings\User\Meus documentos\Liturgia das Bodas de Ouro livro.doc -> [2010/03/04 18:11:05 | 000,069,120 | ---- | C] ()
LISTA TELEFONICA.xls -> C:\Documents and Settings\User\Meus documentos\LISTA TELEFONICA.xls -> [2010/03/04 18:11:05 | 000,050,688 | ---- | C] ()
LISTA DOS DISQUETES DA CONECTIVIDADE.doc -> C:\Documents and Settings\User\Meus documentos\LISTA DOS DISQUETES DA CONECTIVIDADE.doc -> [2010/03/04 18:11:05 | 000,019,968 | ---- | C] ()
ICMS - Ricms-2001.PDF -> C:\Documents and Settings\User\Meus documentos\ICMS - Ricms-2001.PDF -> [2010/03/04 18:11:04 | 005,648,138 | ---- | C] ()
INSTRUÇÃO NORMATIVA RFB 971 2009.doc -> C:\Documents and Settings\User\Meus documentos\INSTRUÇÃO NORMATIVA RFB 971 2009.doc -> [2010/03/04 18:11:04 | 000,930,816 | ---- | C] ()
Jannice Edital pregao medicos 2008_ email.doc -> C:\Documents and Settings\User\Meus documentos\Jannice Edital pregao medicos 2008_ email.doc -> [2010/03/04 18:11:04 | 000,232,960 | ---- | C] ()
IRPJ Lucro Presumido 10032007.doc -> C:\Documents and Settings\User\Meus documentos\IRPJ Lucro Presumido 10032007.doc -> [2010/03/04 18:11:04 | 000,210,944 | ---- | C] ()
INTRODUÇÃO Substituição Tributaria.doc -> C:\Documents and Settings\User\Meus documentos\INTRODUÇÃO Substituição Tributaria.doc -> [2010/03/04 18:11:04 | 000,133,632 | ---- | C] ()
jornal 3.- mar.cdr -> C:\Documents and Settings\User\Meus documentos\jornal 3.- mar.cdr -> [2010/03/04 18:11:04 | 000,084,836 | ---- | C] ()
Ilmo - Solicitação de pesquisa de agrgado1.doc -> C:\Documents and Settings\User\Meus documentos\Ilmo - Solicitação de pesquisa de agrgado1.doc -> [2010/03/04 18:11:04 | 000,081,408 | ---- | C] ()
ILMO - Solicitação de pesquisa agregado jOSE .doc -> C:\Documents and Settings\User\Meus documentos\ILMO - Solicitação de pesquisa agregado jOSE .doc -> [2010/03/04 18:11:04 | 000,081,408 | ---- | C] ()
INSS Aposentadoria.doc -> C:\Documents and Settings\User\Meus documentos\INSS Aposentadoria.doc -> [2010/03/04 18:11:04 | 000,075,264 | ---- | C] ()
Jannice Anexos pregao medicos 2008 jannice.doc -> C:\Documents and Settings\User\Meus documentos\Jannice Anexos pregao medicos 2008 jannice.doc -> [2010/03/04 18:11:04 | 000,071,680 | ---- | C] ()
GR TECNORISK Altermir.doc -> C:\Documents and Settings\User\Meus documentos\GR TECNORISK Altermir.doc -> [2010/03/04 18:11:04 | 000,071,680 | ---- | C] ()
ILMO M BACKES FICHA CADASTRO GR TECNORISK Valdir Candido.doc -> C:\Documents and Settings\User\Meus documentos\ILMO M BACKES FICHA CADASTRO GR TECNORISK Valdir Candido.doc -> [2010/03/04 18:11:04 | 000,071,168 | ---- | C] ()
ILMO BACKES FICHA_PARA_CADASTRO_GR_TECNORISK[1][1].doc -> C:\Documents and Settings\User\Meus documentos\ILMO BACKES FICHA_PARA_CADASTRO_GR_TECNORISK[1][1].doc -> [2010/03/04 18:11:04 | 000,070,144 | ---- | C] ()
IMPOSTO DE RENDA RETIDO NA FONTE.doc -> C:\Documents and Settings\User\Meus documentos\IMPOSTO DE RENDA RETIDO NA FONTE.doc -> [2010/03/04 18:11:04 | 000,032,256 | ---- | C] ()
ILMO MILGUEL BACKES - RELAÇÃO DE EMPREGADOS.doc -> C:\Documents and Settings\User\Meus documentos\ILMO MILGUEL BACKES - RELAÇÃO DE EMPREGADOS.doc -> [2010/03/04 18:11:04 | 000,028,160 | ---- | C] ()
INSTRUMENTO PARTICULAR DE CONFISSÃO DE DÍVIDA.doc -> C:\Documents and Settings\User\Meus documentos\INSTRUMENTO PARTICULAR DE CONFISSÃO DE DÍVIDA.doc -> [2010/03/04 18:11:04 | 000,026,112 | ---- | C] ()
Ilmo backes procuraçãopara doc carros.doc -> C:\Documents and Settings\User\Meus documentos\Ilmo backes procuraçãopara doc carros.doc -> [2010/03/04 18:11:04 | 000,025,600 | ---- | C] ()
ILMO - CONTRATO PRESTACAO DE SERVIÇOS-VEICULOS.doc -> C:\Documents and Settings\User\Meus documentos\ILMO - CONTRATO PRESTACAO DE SERVIÇOS-VEICULOS.doc -> [2010/03/04 18:11:04 | 000,025,600 | ---- | C] ()
Ilmo - CONTRATO PRESTACAO DE SERVIÇOS-VEICULOS1.doc -> C:\Documents and Settings\User\Meus documentos\Ilmo - CONTRATO PRESTACAO DE SERVIÇOS-VEICULOS1.doc -> [2010/03/04 18:11:04 | 000,025,088 | ---- | C] ()
Isabel Allende.doc -> C:\Documents and Settings\User\Meus documentos\Isabel Allende.doc -> [2010/03/04 18:11:04 | 000,020,480 | ---- | C] ()
ILMO MILGUEL BACKES Banco safra.doc -> C:\Documents and Settings\User\Meus documentos\ILMO MILGUEL BACKES Banco safra.doc -> [2010/03/04 18:11:04 | 000,019,968 | ---- | C] ()
Impostos Disleite.xls -> C:\Documents and Settings\User\Meus documentos\Impostos Disleite.xls -> [2010/03/04 18:11:04 | 000,014,336 | ---- | C] ()
khv -> C:\Documents and Settings\User\Meus documentos\khv -> [2010/03/04 18:11:04 | 000,000,000 | RHS- | C] ()
FICHA Pessoa Jurídica.xls -> C:\Documents and Settings\User\Meus documentos\FICHA Pessoa Jurídica.xls -> [2010/03/04 18:11:03 | 000,248,320 | ---- | C] ()
Form ANTT TRANSPORTES RNTRC.rar -> C:\Documents and Settings\User\Meus documentos\Form ANTT TRANSPORTES RNTRC.rar -> [2010/03/04 18:11:03 | 000,238,232 | ---- | C] ()
FICHA Pessoa Fisica VW2.xls -> C:\Documents and Settings\User\Meus documentos\FICHA Pessoa Fisica VW2.xls -> [2010/03/04 18:11:03 | 000,164,352 | ---- | C] ()
FCN_Folha_2.doc -> C:\Documents and Settings\User\Meus documentos\FCN_Folha_2.doc -> [2010/03/04 18:11:03 | 000,098,304 | ---- | C] ()
FCN_Folha_1.doc -> C:\Documents and Settings\User\Meus documentos\FCN_Folha_1.doc -> [2010/03/04 18:11:03 | 000,078,336 | ---- | C] ()
Etiquetas disquete conectividade.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas disquete conectividade.doc -> [2010/03/04 18:11:03 | 000,077,312 | ---- | C] ()
FICHA DE INSCRIÇÃO AO PLANO DE SAÚDE.doc -> C:\Documents and Settings\User\Meus documentos\FICHA DE INSCRIÇÃO AO PLANO DE SAÚDE.doc -> [2010/03/04 18:11:03 | 000,075,776 | ---- | C] ()
Etiquetas para disquete.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas para disquete.doc -> [2010/03/04 18:11:03 | 000,074,752 | ---- | C] ()
Etiquetas do Escritorio para Livros Fiscais.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas do Escritorio para Livros Fiscais.doc -> [2010/03/04 18:11:03 | 000,070,144 | ---- | C] ()
Etiquetas do Escritorio.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas do Escritorio.doc -> [2010/03/04 18:11:03 | 000,058,368 | ---- | C] ()
Etiquetas do Escritorio para Livros.doc -> C:\Documents and Settings\User\Meus documentos\Etiquetas do Escritorio para Livros.doc -> [2010/03/04 18:11:03 | 000,058,368 | ---- | C] ()
Estágio - Relato 3 - Mar 04.doc -> C:\Documents and Settings\User\Meus documentos\Estágio - Relato 3 - Mar 04.doc -> [2010/03/04 18:11:03 | 000,036,864 | ---- | C] ()
Esclarecimentos Simples Nacional ICMS PR.doc -> C:\Documents and Settings\User\Meus documentos\Esclarecimentos Simples Nacional ICMS PR.doc -> [2010/03/04 18:11:03 | 000,030,720 | ---- | C] ()
ETIQUETA2.doc -> C:\Documents and Settings\User\Meus documentos\ETIQUETA2.doc -> [2010/03/04 18:11:03 | 000,024,576 | ---- | C] ()
Etiqueta Livro Inventario e Empregados.doc -> C:\Documents and Settings\User\Meus documentos\Etiqueta Livro Inventario e Empregados.doc -> [2010/03/04 18:11:03 | 000,024,576 | ---- | C] ()
FATURAMENTO DISLEITE.doc -> C:\Documents and Settings\User\Meus documentos\FATURAMENTO DISLEITE.doc -> [2010/03/04 18:11:03 | 000,023,552 | ---- | C] ()
ETIQUETA.doc -> C:\Documents and Settings\User\Meus documentos\ETIQUETA.doc -> [2010/03/04 18:11:03 | 000,022,016 | ---- | C] ()
Exemplo Carta Comercial.doc -> C:\Documents and Settings\User\Meus documentos\Exemplo Carta Comercial.doc -> [2010/03/04 18:11:03 | 000,020,992 | ---- | C] ()
ENQUADRAMENTO NO SIMPLES.doc -> C:\Documents and Settings\User\Meus documentos\ENQUADRAMENTO NO SIMPLES.doc -> [2010/03/04 18:11:03 | 000,020,992 | ---- | C] ()
ENDEREÇO DOMINGOS.doc -> C:\Documents and Settings\User\Meus documentos\ENDEREÇO DOMINGOS.doc -> [2010/03/04 18:11:03 | 000,019,456 | ---- | C] ()
Funcionários Gilda Biasin.xls -> C:\Documents and Settings\User\Meus documentos\Funcionários Gilda Biasin.xls -> [2010/03/04 18:11:03 | 000,018,432 | ---- | C] ()
Dicas Precisa.doc -> C:\Documents and Settings\User\Meus documentos\Dicas Precisa.doc -> [2010/03/04 18:11:02 | 010,528,768 | ---- | C] ()
DUC - Doc Unico de Cadastro Embutidos.pdf -> C:\Documents and Settings\User\Meus documentos\DUC - Doc Unico de Cadastro Embutidos.pdf -> [2010/03/04 18:11:02 | 000,203,742 | ---- | C] ()
DUC - Doc Unico de Cadastro.pdf -> C:\Documents and Settings\User\Meus documentos\DUC - Doc Unico de Cadastro.pdf -> [2010/03/04 18:11:02 | 000,203,042 | ---- | C] ()
EDITAL TP 07 2008 jannice.doc -> C:\Documents and Settings\User\Meus documentos\EDITAL TP 07 2008 jannice.doc -> [2010/03/04 18:11:02 | 000,062,976 | ---- | C] ()
Empresa Codigos de alvara e iss.doc -> C:\Documents and Settings\User\Meus documentos\Empresa Codigos de alvara e iss.doc -> [2010/03/04 18:11:02 | 000,053,248 | ---- | C] ()
Documento de Cadastro no PIS1.xls -> C:\Documents and Settings\User\Meus documentos\Documento de Cadastro no PIS1.xls -> [2010/03/04 18:11:02 | 000,052,736 | ---- | C] ()
DIREITO DO TRABALHO Contrato de Experiencia.doc -> C:\Documents and Settings\User\Meus documentos\DIREITO DO TRABALHO Contrato de Experiencia.doc -> [2010/03/04 18:11:02 | 000,045,568 | ---- | C] ()
DISLEITE ESTOQUE.xls -> C:\Documents and Settings\User\Meus documentos\DISLEITE ESTOQUE.xls -> [2010/03/04 18:11:02 | 000,044,544 | ---- | C] ()
EDITAL DE LICITAÇÃO CARTA CONVITE 025.doc -> C:\Documents and Settings\User\Meus documentos\EDITAL DE LICITAÇÃO CARTA CONVITE 025.doc -> [2010/03/04 18:11:02 | 000,039,936 | ---- | C] ()
Do Direito a Ferias e da sua Duração.doc -> C:\Documents and Settings\User\Meus documentos\Do Direito a Ferias e da sua Duração.doc -> [2010/03/04 18:11:02 | 000,038,400 | ---- | C] ()
Direitos do Empregado Domestico.doc -> C:\Documents and Settings\User\Meus documentos\Direitos do Empregado Domestico.doc -> [2010/03/04 18:11:02 | 000,023,552 | ---- | C] ()
documento prefeitura.doc -> C:\Documents and Settings\User\Meus documentos\documento prefeitura.doc -> [2010/03/04 18:11:02 | 000,022,016 | ---- | C] ()
DISTRATO DE CONTRATO DE LOCAÇÃO RESIDENCIAL.doc -> C:\Documents and Settings\User\Meus documentos\DISTRATO DE CONTRATO DE LOCAÇÃO RESIDENCIAL.doc -> [2010/03/04 18:11:02 | 000,022,016 | ---- | C] ()
Empresa Enquadramento.doc -> C:\Documents and Settings\User\Meus documentos\Empresa Enquadramento.doc -> [2010/03/04 18:11:02 | 000,021,504 | ---- | C] ()
DISTRATO DE CONTRATO DE LOCAÇÃO COMERCIAL.doc -> C:\Documents and Settings\User\Meus documentos\DISTRATO DE CONTRATO DE LOCAÇÃO COMERCIAL.doc -> [2010/03/04 18:11:02 | 000,021,504 | ---- | C] ()
DUC Alterações cnae.doc -> C:\Documents and Settings\User\Meus documentos\DUC Alterações cnae.doc -> [2010/03/04 18:11:02 | 000,020,480 | ---- | C] ()
DUC Alterações.doc -> C:\Documents and Settings\User\Meus documentos\DUC Alterações.doc -> [2010/03/04 18:11:02 | 000,019,968 | ---- | C] ()
dispensa de ecf.doc -> C:\Documents and Settings\User\Meus documentos\dispensa de ecf.doc -> [2010/03/04 18:11:02 | 000,011,264 | ---- | C] ()
C¢pia de teste de equivalencia.doc -> C:\Documents and Settings\User\Meus documentos\C¢pia de teste de equivalencia.doc -> [2010/03/04 18:11:01 | 000,288,256 | ---- | C] ()
CONTRATOS PRONTOS.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATOS PRONTOS.doc -> [2010/03/04 18:11:01 | 000,133,120 | ---- | C] ()
CLIENTES.xls -> C:\Documents and Settings\User\Meus documentos\CLIENTES.xls -> [2010/03/04 18:11:01 | 000,093,696 | ---- | C] ()
Contribuições INSS.pdf -> C:\Documents and Settings\User\Meus documentos\Contribuições INSS.pdf -> [2010/03/04 18:11:01 | 000,074,905 | ---- | C] ()
DCC Documento.pdf -> C:\Documents and Settings\User\Meus documentos\DCC Documento.pdf -> [2010/03/04 18:11:01 | 000,039,909 | ---- | C] ()
contrato sociaL GG FLORENTINO.doc -> C:\Documents and Settings\User\Meus documentos\contrato sociaL GG FLORENTINO.doc -> [2010/03/04 18:11:01 | 000,037,888 | ---- | C] ()
DECLARAÇÕES DE IMPOSTO DE RENDA.xls -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÕES DE IMPOSTO DE RENDA.xls -> [2010/03/04 18:11:01 | 000,036,352 | ---- | C] ()
CURRICULUM VITAE LUCI ROGGIA.doc -> C:\Documents and Settings\User\Meus documentos\CURRICULUM VITAE LUCI ROGGIA.doc -> [2010/03/04 18:11:01 | 000,034,816 | ---- | C] ()
Cópia de Relação de faturamento Banco do Brasil.doc -> C:\Documents and Settings\User\Meus documentos\Cópia de Relação de faturamento Banco do Brasil.doc -> [2010/03/04 18:11:01 | 000,030,208 | ---- | C] ()
Contrato de Aluguel.doc -> C:\Documents and Settings\User\Meus documentos\Contrato de Aluguel.doc -> [2010/03/04 18:11:01 | 000,026,112 | ---- | C] ()
DECLARACAO DE OPTANTE PELO SIMPLES.doc -> C:\Documents and Settings\User\Meus documentos\DECLARACAO DE OPTANTE PELO SIMPLES.doc -> [2010/03/04 18:11:01 | 000,024,576 | ---- | C] ()
CURRICULUM VITAE Modelo.doc -> C:\Documents and Settings\User\Meus documentos\CURRICULUM VITAE Modelo.doc -> [2010/03/04 18:11:01 | 000,024,576 | ---- | C] ()
DECLARAÇAO DE RENDIMENTOS.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇAO DE RENDIMENTOS.doc -> [2010/03/04 18:11:01 | 000,024,064 | ---- | C] ()
CONTRATO DE EXPERIÊNCIA.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE EXPERIÊNCIA.doc -> [2010/03/04 18:11:01 | 000,023,552 | ---- | C] ()
CONTRATO DE COMODATO DE VEÍCULO.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMODATO DE VEÍCULO.doc -> [2010/03/04 18:11:01 | 000,023,552 | ---- | C] ()
CONTRATO DE COMODATO DE VEÍCULO TONELLO.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMODATO DE VEÍCULO TONELLO.doc -> [2010/03/04 18:11:01 | 000,023,552 | ---- | C] ()
CONTRATO DE PARCERIA AGRICOLA.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE PARCERIA AGRICOLA.doc -> [2010/03/04 18:11:01 | 000,023,040 | ---- | C] ()
Contrato de Compra e venda.doc -> C:\Documents and Settings\User\Meus documentos\Contrato de Compra e venda.doc -> [2010/03/04 18:11:01 | 000,023,040 | ---- | C] ()
CONTRATO DE COMPRA E VENDA DARLAN.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMPRA E VENDA DARLAN.doc -> [2010/03/04 18:11:01 | 000,023,040 | ---- | C] ()
CONTRATODECOMODATODEVEÍCULO.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATODECOMODATODEVEÍCULO.doc -> [2010/03/04 18:11:01 | 000,022,528 | ---- | C] ()
CONTRATO DE COMPRA E VEND1 TERRENO NERI.doc -> C:\Documents and Settings\User\Meus documentos\CONTRATO DE COMPRA E VEND1 TERRENO NERI.doc -> [2010/03/04 18:11:01 | 000,022,528 | ---- | C] ()
Da Contribuição dos Segurados Contribuinte Individual e Facultativo.doc -> C:\Documents and Settings\User\Meus documentos\Da Contribuição dos Segurados Contribuinte Individual e Facultativo.doc -> [2010/03/04 18:11:01 | 000,022,016 | ---- | C] ()
DECLARAÇAO DE RENDIMENTOS DA EMPRESA.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇAO DE RENDIMENTOS DA EMPRESA.doc -> [2010/03/04 18:11:01 | 000,020,992 | ---- | C] ()
DECLARAÇÃ do ADEMAR.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃ do ADEMAR.doc -> [2010/03/04 18:11:01 | 000,020,992 | ---- | C] ()
DECLARAÇÃO DUPLA RESPONSABILIDADE.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃO DUPLA RESPONSABILIDADE.doc -> [2010/03/04 18:11:01 | 000,020,480 | ---- | C] ()
DECLARAÇÃO DE FILHOS - Lucí.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃO DE FILHOS - Lucí.doc -> [2010/03/04 18:11:01 | 000,020,480 | ---- | C] ()
DECLARAÇÃO VENDA.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃO VENDA.doc -> [2010/03/04 18:11:01 | 000,019,968 | ---- | C] ()
DECLARAÇÃO disleite jorge vargas.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃO disleite jorge vargas.doc -> [2010/03/04 18:11:01 | 000,019,968 | ---- | C] ()
DECLARAÇÃO DE RENDIMENTOS tonello.doc -> C:\Documents and Settings\User\Meus documentos\DECLARAÇÃO DE RENDIMENTOS tonello.doc -> [2010/03/04 18:11:01 | 000,019,968 | ---- | C] ()
COMPRAS DISLEITE.xls -> C:\Documents and Settings\User\Meus documentos\COMPRAS DISLEITE.xls -> [2010/03/04 18:11:01 | 000,016,384 | ---- | C] ()
DESPESAS GRANJA PROGRESSO.xls -> C:\Documents and Settings\User\Meus documentos\DESPESAS GRANJA PROGRESSO.xls -> [2010/03/04 18:11:01 | 000,015,360 | ---- | C] ()
debitos disleite.xls -> C:\Documents and Settings\User\Meus documentos\debitos disleite.xls -> [2010/03/04 18:11:01 | 000,015,360 | ---- | C] ()
CBO 2002 Livro 3.pdf -> C:\Documents and Settings\User\Meus documentos\CBO 2002 Livro 3.pdf -> [2010/03/04 18:11:00 | 001,559,030 | ---- | C] ()
CBO 2002 LISTA.PDF -> C:\Documents and Settings\User\Meus documentos\CBO 2002 LISTA.PDF -> [2010/03/04 18:11:00 | 000,522,939 | ---- | C] ()
CID Codigo Internacional de Doenças.pdf -> C:\Documents and Settings\User\Meus documentos\CID Codigo Internacional de Doenças.pdf -> [2010/03/04 18:11:00 | 000,419,812 | ---- | C] ()
Circular_CAIXA_413_2007 FGTS.pdf -> C:\Documents and Settings\User\Meus documentos\Circular_CAIXA_413_2007 FGTS.pdf -> [2010/03/04 18:11:00 | 000,170,862 | ---- | C] ()
Carta de Referência.doc -> C:\Documents and Settings\User\Meus documentos\Carta de Referência.doc -> [2010/03/04 18:11:00 | 000,023,552 | ---- | C] ()
Carta para Copel.doc -> C:\Documents and Settings\User\Meus documentos\Carta para Copel.doc -> [2010/03/04 18:11:00 | 000,019,456 | ---- | C] ()
APROVADA_RESOLUCAO_QUE_TRATA_DO_MEI.doc -> C:\Documents and Settings\User\Meus documentos\APROVADA_RESOLUCAO_QUE_TRATA_DO_MEI.doc -> [2010/03/04 18:10:59 | 000,302,080 | ---- | C] ()
APOSTILA CONTABILIDADE PARA NAO CONTABILISTAS II.doc -> C:\Documents and Settings\User\Meus documentos\APOSTILA CONTABILIDADE PARA NAO CONTABILISTAS II.doc -> [2010/03/04 18:10:59 | 000,205,824 | ---- | C] ()
CALC_EXTRAS(pub).xls -> C:\Documents and Settings\User\Meus documentos\CALC_EXTRAS(pub).xls -> [2010/03/04 18:10:59 | 000,162,304 | ---- | C] ()
avisoprevioempregador.doc -> C:\Documents and Settings\User\Meus documentos\avisoprevioempregador.doc -> [2010/03/04 18:10:59 | 000,059,904 | ---- | C] ()
CARTA DE ANUENCIA P DIOGO.doc -> C:\Documents and Settings\User\Meus documentos\CARTA DE ANUENCIA P DIOGO.doc -> [2010/03/04 18:10:59 | 000,049,664 | ---- | C] ()
CARTA DE ANUENCIA COM Papel timbrado diogo.doc -> C:\Documents and Settings\User\Meus documentos\CARTA DE ANUENCIA COM Papel timbrado diogo.doc -> [2010/03/04 18:10:59 | 000,049,664 | ---- | C] ()
CARTA DE CORREÇÃO NF.xls -> C:\Documents and Settings\User\Meus documentos\CARTA DE CORREÇÃO NF.xls -> [2010/03/04 18:10:59 | 000,025,088 | ---- | C] ()
AVISO PRÉVIO DO EMPREGADOR.doc -> C:\Documents and Settings\User\Meus documentos\AVISO PRÉVIO DO EMPREGADOR.doc -> [2010/03/04 18:10:59 | 000,024,064 | ---- | C] ()
CARTA DE ANUÊNCIA Realeza Alimentos.doc -> C:\Documents and Settings\User\Meus documentos\CARTA DE ANUÊNCIA Realeza Alimentos.doc -> [2010/03/04 18:10:59 | 000,022,528 | ---- | C] ()
AVISO PRÉVIO.doc -> C:\Documents and Settings\User\Meus documentos\AVISO PRÉVIO.doc -> [2010/03/04 18:10:59 | 000,022,016 | ---- | C] ()
Carta de Habita-se.doc -> C:\Documents and Settings\User\Meus documentos\Carta de Habita-se.doc -> [2010/03/04 18:10:59 | 000,020,480 | ---- | C] ()
Carta Copel Tonello.doc -> C:\Documents and Settings\User\Meus documentos\Carta Copel Tonello.doc -> [2010/03/04 18:10:59 | 000,020,480 | ---- | C] ()
Autorização para INSS.doc -> C:\Documents and Settings\User\Meus documentos\Autorização para INSS.doc -> [2010/03/04 18:10:59 | 000,020,480 | ---- | C] ()
Aviso Previo Trabalho_prn.pdf -> C:\Documents and Settings\User\Meus documentos\Aviso Previo Trabalho_prn.pdf -> [2010/03/04 18:10:59 | 000,019,598 | ---- | C] ()
Anivesário dos clientes.xls -> C:\Documents and Settings\User\Meus documentos\Anivesário dos clientes.xls -> [2010/03/04 18:10:59 | 000,018,432 | ---- | C] ()
Blocos Emitidos Jamir Dal Agnol.xls -> C:\Documents and Settings\User\Meus documentos\Blocos Emitidos Jamir Dal Agnol.xls -> [2010/03/04 18:10:59 | 000,016,896 | ---- | C] ()
Calculo de extras.xls -> C:\Documents and Settings\User\Meus documentos\Calculo de extras.xls -> [2010/03/04 18:10:59 | 000,015,360 | ---- | C] ()
2gmgsmt.sf2 -> C:\WINDOWS\System32\drivers\2gmgsmt.sf2 -> [2010/03/04 18:06:13 | 002,104,298 | ---- | C] ()
Nova aliquota INSS 01 2008.doc -> C:\Documents and Settings\User\Meus documentos\Nova aliquota INSS 01 2008.doc -> [2010/03/04 17:26:20 | 000,027,136 | ---- | C] ()
PDOXUSRS.NET -> C:\PDOXUSRS.NET -> [2010/03/04 17:24:57 | 000,013,030 | ---- | C] ()
LX-300 -> C:\LX-300 -> [2010/03/04 17:24:57 | 000,005,336 | ---- | C] ()
CONFIG.003 -> C:\CONFIG.003 -> [2010/03/04 17:24:57 | 000,003,031 | ---- | C] ()
CONFIG.002 -> C:\CONFIG.002 -> [2010/03/04 17:24:57 | 000,002,982 | ---- | C] ()
CONFIG.001 -> C:\CONFIG.001 -> [2010/03/04 17:24:57 | 000,000,123 | ---- | C] ()
IMP.BAT -> C:\IMP.BAT -> [2010/03/04 17:24:57 | 000,000,027 | ---- | C] ()
DataHora.cns -> C:\DataHora.cns -> [2010/03/04 17:24:57 | 000,000,027 | ---- | C] ()
ads_err.dbf -> C:\ads_err.dbf -> [2010/03/04 17:24:56 | 000,650,947 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/03/04 17:24:56 | 000,261,920 | ---- | C] ()
cc_20091013_104612.reg -> C:\cc_20091013_104612.reg -> [2010/03/04 17:24:56 | 000,037,374 | ---- | C] ()
Centro de controle do Avira AntiVir.lnk -> C:\Documents and Settings\All Users\Desktop\Centro de controle do Avira AntiVir.lnk -> [2010/03/04 16:49:31 | 000,001,779 | ---- | C] ()
Nero StartSmart.lnk -> C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk -> [2010/03/04 16:41:54 | 000,002,464 | ---- | C] ()
.rnd -> C:\Documents and Settings\User\.rnd -> [2010/03/04 16:41:04 | 000,001,024 | ---- | C] ()
ac3filter.acm -> C:\WINDOWS\System32\ac3filter.acm -> [2010/03/04 16:30:56 | 000,421,888 | ---- | C] ()
MsftWdf_user_01_00_00.Wdf -> C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2010/03/04 16:26:10 | 000,000,000 | -H-- | C] ()
mixerdef.ini -> C:\WINDOWS\mixerdef.ini -> [2010/03/04 16:07:34 | 000,000,025 | ---- | C] ()
cmijack.ini -> C:\WINDOWS\cmijack.ini -> [2010/03/04 16:04:30 | 000,039,279 | ---- | C] ()
cmijack.dat -> C:\WINDOWS\cmijack.dat -> [2010/03/04 16:04:30 | 000,039,279 | ---- | C] ()
cmaudio.dat -> C:\WINDOWS\cmaudio.dat -> [2010/03/04 16:04:30 | 000,023,041 | ---- | C] ()
CMISETUP.INI -> C:\WINDOWS\CMISETUP.INI -> [2010/03/04 16:04:30 | 000,000,092 | ---- | C] ()
CMCDPLAY.INI -> C:\WINDOWS\CMCDPLAY.INI -> [2010/03/04 16:04:30 | 000,000,026 | ---- | C] ()
nvdisp.nvu -> C:\WINDOWS\System32\nvdisp.nvu -> [2010/03/04 15:48:16 | 000,025,695 | ---- | C] ()
msssc.dll -> C:\WINDOWS\System32\msssc.dll -> [2010/03/04 15:47:41 | 000,000,044 | ---- | C] ()
IconCache.db -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\IconCache.db -> [2010/03/04 15:35:27 | 004,797,058 | -H-- | C] ()
GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT -> [2010/03/04 15:02:11 | 000,068,480 | ---- | C] ()
ntuser.ini -> C:\Documents and Settings\User\ntuser.ini -> [2010/03/04 14:58:25 | 000,000,210 | -HS- | C] ()
NTUSER.DAT -> C:\Documents and Settings\User\NTUSER.DAT -> [2010/03/04 14:58:23 | 003,407,872 | -H-- | C] ()
NTUSER.DAT.LOG -> C:\Documents and Settings\User\NTUSER.DAT -> [2010/03/04 14:58:23 | 000,001,024 | -H-- | C] ()
desktop.ini -> C:\Documents and Settings\User\Dados de aplicativos\desktop.ini -> [2010/03/04 14:58:23 | 000,000,062 | -HS- | C] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/03/04 14:46:46 | 000,000,006 | -H-- | C] ()
REGLOCS.OLD -> C:\WINDOWS\REGLOCS.OLD -> [2010/03/04 14:41:52 | 000,008,192 | ---- | C] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/03/04 14:40:30 | 000,002,048 | --S- | C] ()
xjis.nls -> C:\WINDOWS\System32\dllcache\xjis.nls -> [2010/03/04 14:40:21 | 000,028,288 | ---- | C] ()
prcp.nls -> C:\WINDOWS\System32\dllcache\prcp.nls -> [2010/03/04 14:39:46 | 000,083,748 | ---- | C] ()
prc.nls -> C:\WINDOWS\System32\dllcache\prc.nls -> [2010/03/04 14:39:46 | 000,083,748 | ---- | C] ()
pintlcsa.dll -> C:\WINDOWS\System32\dllcache\pintlcsa.dll -> [2010/03/04 14:39:45 | 000,175,104 | ---- | C] ()
ksc.nls -> C:\WINDOWS\System32\dllcache\ksc.nls -> [2010/03/04 14:39:24 | 000,047,066 | ---- | C] ()
korwbrkr.lex -> C:\WINDOWS\System32\dllcache\korwbrkr.lex -> [2010/03/04 14:39:23 | 001,158,818 | ---- | C] ()
imscinst.exe -> C:\WINDOWS\System32\dllcache\imscinst.exe -> [2010/03/04 14:39:16 | 000,059,392 | ---- | C] ()
imjpinst.exe -> C:\WINDOWS\System32\dllcache\imjpinst.exe -> [2010/03/04 14:39:15 | 000,196,665 | ---- | C] ()
imekr.lex -> C:\WINDOWS\System32\dllcache\imekr.lex -> [2010/03/04 14:39:13 | 000,134,339 | ---- | C] ()
hwxjpn.dll -> C:\WINDOWS\System32\dllcache\hwxjpn.dll -> [2010/03/04 14:39:03 | 013,463,552 | ---- | C] ()
hanja.lex -> C:\WINDOWS\System32\dllcache\hanja.lex -> [2010/03/04 14:38:58 | 000,108,827 | ---- | C] ()
fpencode.dll -> C:\WINDOWS\System32\dllcache\fpencode.dll -> [2010/03/04 14:38:54 | 000,094,208 | ---- | C] ()
chtskf.dll -> C:\WINDOWS\System32\dllcache\chtskf.dll -> [2010/03/04 14:38:40 | 000,173,568 | ---- | C] ()
c_864.nls -> C:\WINDOWS\System32\dllcache\c_864.nls -> [2010/03/04 14:38:37 | 000,066,594 | ---- | C] ()
c_862.nls -> C:\WINDOWS\System32\dllcache\c_862.nls -> [2010/03/04 14:38:37 | 000,066,594 | ---- | C] ()
c_858.nls -> C:\WINDOWS\System32\dllcache\c_858.nls -> [2010/03/04 14:38:37 | 000,066,594 | ---- | C] ()
c_870.nls -> C:\WINDOWS\System32\dllcache\c_870.nls -> [2010/03/04 14:38:37 | 000,066,082 | ---- | C] ()
c_20949.nls -> C:\WINDOWS\System32\dllcache\c_20949.nls -> [2010/03/04 14:38:36 | 000,177,698 | ---- | C] ()
c_20936.nls -> C:\WINDOWS\System32\dllcache\c_20936.nls -> [2010/03/04 14:38:36 | 000,173,602 | ---- | C] ()
c_720.nls -> C:\WINDOWS\System32\dllcache\c_720.nls -> [2010/03/04 14:38:36 | 000,066,594 | ---- | C] ()
c_708.nls -> C:\WINDOWS\System32\dllcache\c_708.nls -> [2010/03/04 14:38:36 | 000,066,082 | ---- | C] ()
c_28596.nls -> C:\WINDOWS\System32\dllcache\c_28596.nls -> [2010/03/04 14:38:36 | 000,066,082 | ---- | C] ()
c_21027.nls -> C:\WINDOWS\System32\dllcache\c_21027.nls -> [2010/03/04 14:38:36 | 000,066,082 | ---- | C] ()
c_21025.nls -> C:\WINDOWS\System32\dllcache\c_21025.nls -> [2010/03/04 14:38:36 | 000,066,082 | ---- | C] ()
c_20932.nls -> C:\WINDOWS\System32\dllcache\c_20932.nls -> [2010/03/04 14:38:35 | 000,180,770 | ---- | C] ()
c_20924.nls -> C:\WINDOWS\System32\dllcache\c_20924.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20880.nls -> C:\WINDOWS\System32\dllcache\c_20880.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20871.nls -> C:\WINDOWS\System32\dllcache\c_20871.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20838.nls -> C:\WINDOWS\System32\dllcache\c_20838.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20833.nls -> C:\WINDOWS\System32\dllcache\c_20833.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20424.nls -> C:\WINDOWS\System32\dllcache\c_20424.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20423.nls -> C:\WINDOWS\System32\dllcache\c_20423.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20420.nls -> C:\WINDOWS\System32\dllcache\c_20420.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20297.nls -> C:\WINDOWS\System32\dllcache\c_20297.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20290.nls -> C:\WINDOWS\System32\dllcache\c_20290.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20285.nls -> C:\WINDOWS\System32\dllcache\c_20285.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20284.nls -> C:\WINDOWS\System32\dllcache\c_20284.nls -> [2010/03/04 14:38:35 | 000,066,082 | ---- | C] ()
c_20005.nls -> C:\WINDOWS\System32\dllcache\c_20005.nls -> [2010/03/04 14:38:34 | 000,187,938 | ---- | C] ()
c_20003.nls -> C:\WINDOWS\System32\dllcache\c_20003.nls -> [2010/03/04 14:38:34 | 000,185,378 | ---- | C] ()
c_20004.nls -> C:\WINDOWS\System32\dllcache\c_20004.nls -> [2010/03/04 14:38:34 | 000,180,258 | ---- | C] ()
c_20280.nls -> C:\WINDOWS\System32\dllcache\c_20280.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20278.nls -> C:\WINDOWS\System32\dllcache\c_20278.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20277.nls -> C:\WINDOWS\System32\dllcache\c_20277.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20273.nls -> C:\WINDOWS\System32\dllcache\c_20273.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20269.nls -> C:\WINDOWS\System32\dllcache\c_20269.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20108.nls -> C:\WINDOWS\System32\dllcache\c_20108.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20107.nls -> C:\WINDOWS\System32\dllcache\c_20107.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20106.nls -> C:\WINDOWS\System32\dllcache\c_20106.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_20105.nls -> C:\WINDOWS\System32\dllcache\c_20105.nls -> [2010/03/04 14:38:34 | 000,066,082 | ---- | C] ()
c_1361.nls -> C:\WINDOWS\System32\dllcache\c_1361.nls -> [2010/03/04 14:38:33 | 000,189,986 | ---- | C] ()
c_20001.nls -> C:\WINDOWS\System32\dllcache\c_20001.nls -> [2010/03/04 14:38:33 | 000,186,402 | ---- | C] ()
c_20000.nls -> C:\WINDOWS\System32\dllcache\c_20000.nls -> [2010/03/04 14:38:33 | 000,180,258 | ---- | C] ()
c_20002.nls -> C:\WINDOWS\System32\dllcache\c_20002.nls -> [2010/03/04 14:38:33 | 000,173,602 | ---- | C] ()
c_1149.nls -> C:\WINDOWS\System32\dllcache\c_1149.nls -> [2010/03/04 14:38:33 | 000,066,082 | ---- | C] ()
c_1148.nls -> C:\WINDOWS\System32\dllcache\c_1148.nls -> [2010/03/04 14:38:33 | 000,066,082 | ---- | C] ()
c_1147.nls -> C:\WINDOWS\System32\dllcache\c_1147.nls -> [2010/03/04 14:38:33 | 000,066,082 | ---- | C] ()
c_1146.nls -> C:\WINDOWS\System32\dllcache\c_1146.nls -> [2010/03/04 14:38:33 | 000,066,082 | ---- | C] ()
c_1145.nls -> C:\WINDOWS\System32\dllcache\c_1145.nls -> [2010/03/04 14:38:33 | 000,066,082 | ---- | C] ()
c_10008.nls -> C:\WINDOWS\System32\dllcache\c_10008.nls -> [2010/03/04 14:38:32 | 000,173,602 | ---- | C] ()
c_1144.nls -> C:\WINDOWS\System32\dllcache\c_1144.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_1143.nls -> C:\WINDOWS\System32\dllcache\c_1143.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_1142.nls -> C:\WINDOWS\System32\dllcache\c_1142.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_1141.nls -> C:\WINDOWS\System32\dllcache\c_1141.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_1140.nls -> C:\WINDOWS\System32\dllcache\c_1140.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_1047.nls -> C:\WINDOWS\System32\dllcache\c_1047.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_10021.nls -> C:\WINDOWS\System32\dllcache\c_10021.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_10005.nls -> C:\WINDOWS\System32\dllcache\c_10005.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_10004.nls -> C:\WINDOWS\System32\dllcache\c_10004.nls -> [2010/03/04 14:38:32 | 000,066,082 | ---- | C] ()
c_10002.nls -> C:\WINDOWS\System32\dllcache\c_10002.nls -> [2010/03/04 14:38:31 | 000,195,618 | ---- | C] ()
c_10003.nls -> C:\WINDOWS\System32\dllcache\c_10003.nls -> [2010/03/04 14:38:31 | 000,177,698 | ---- | C] ()
c_10001.nls -> C:\WINDOWS\System32\dllcache\c_10001.nls -> [2010/03/04 14:38:31 | 000,162,850 | ---- | C] ()
bopomofo.nls -> C:\WINDOWS\System32\dllcache\bopomofo.nls -> [2010/03/04 14:38:31 | 000,082,172 | ---- | C] ()
big5.nls -> C:\WINDOWS\System32\dllcache\big5.nls -> [2010/03/04 14:38:30 | 000,066,728 | ---- | C] ()
CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010/03/04 14:37:42 | 000,002,969 | ---- | C] ()
autoexec.bat -> C:\autoexec.bat -> [2010/03/04 14:37:42 | 000,000,196 | ---- | C] ()
MSDOS.SYS -> C:\MSDOS.SYS -> [2010/03/04 14:37:42 | 000,000,000 | RHS- | C] ()
IO.SYS -> C:\IO.SYS -> [2010/03/04 14:37:42 | 000,000,000 | RHS- | C] ()
CONFIG.SYS -> C:\CONFIG.SYS -> [2010/03/04 14:37:42 | 000,000,000 | ---- | C] ()
nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [2010/03/04 14:37:32 | 000,023,392 | ---- | C] ()
amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [2010/03/04 14:37:32 | 000,016,832 | ---- | C] ()
WMSysPr9.prx -> C:\WINDOWS\WMSysPr9.prx -> [2010/03/04 14:37:31 | 000,316,640 | ---- | C] ()
WindowsLogon.manifest -> C:\WINDOWS\System32\WindowsLogon.manifest -> [2010/03/04 14:36:00 | 000,000,488 | RH-- | C] ()
logonui.exe.manifest -> C:\WINDOWS\System32\logonui.exe.manifest -> [2010/03/04 14:36:00 | 000,000,488 | RH-- | C] ()
wuaucpl.cpl.manifest -> C:\WINDOWS\System32\wuaucpl.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
WindowsShell.Manifest -> C:\WINDOWS\WindowsShell.Manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
sapi.cpl.manifest -> C:\WINDOWS\System32\sapi.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
nwc.cpl.manifest -> C:\WINDOWS\System32\nwc.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
ncpa.cpl.manifest -> C:\WINDOWS\System32\ncpa.cpl.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
cdplayer.exe.manifest -> C:\WINDOWS\System32\cdplayer.exe.manifest -> [2010/03/04 14:35:53 | 000,000,749 | RH-- | C] ()
nls302en.lex -> C:\WINDOWS\System32\dllcache\nls302en.lex -> [2010/03/04 14:35:34 | 004,399,505 | ---- | C] ()
winnt256.bmp -> C:\WINDOWS\winnt256.bmp -> [2010/03/04 14:35:22 | 000,048,680 | -HS- | C] ()
winnt.bmp -> C:\WINDOWS\winnt.bmp -> [2010/03/04 14:35:22 | 000,048,680 | -HS- | C] ()
srframe.mmf -> C:\WINDOWS\System32\dllcache\srframe.mmf -> [2010/03/04 14:35:18 | 000,000,984 | ---- | C] ()
msinfo.dll -> C:\WINDOWS\System32\dllcache\msinfo.dll -> [2010/03/04 14:34:48 | 000,381,440 | ---- | C] ()
emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2010/03/04 14:34:00 | 000,021,844 | ---- | C] ()
subrange.uce -> C:\WINDOWS\System32\subrange.uce -> [2010/03/04 14:33:10 | 000,093,702 | ---- | C] ()
Bolhas de sabão.bmp -> C:\WINDOWS\Bolhas de sabão.bmp -> [2010/03/04 14:33:10 | 000,065,978 | ---- | C] ()
Bruma.bmp -> C:\WINDOWS\Bruma.bmp -> [2010/03/04 14:33:10 | 000,065,954 | ---- | C] ()
Deserto.bmp -> C:\WINDOWS\Deserto.bmp -> [2010/03/04 14:33:10 | 000,065,832 | ---- | C] ()
Leques.bmp -> C:\WINDOWS\Leques.bmp -> [2010/03/04 14:33:10 | 000,026,680 | ---- | C] ()
Areia.bmp -> C:\WINDOWS\Areia.bmp -> [2010/03/04 14:33:10 | 000,026,582 | ---- | C] ()
Rododentro.bmp -> C:\WINDOWS\Rododentro.bmp -> [2010/03/04 14:33:10 | 000,017,362 | ---- | C] ()
Pescaria.bmp -> C:\WINDOWS\Pescaria.bmp -> [2010/03/04 14:33:10 | 000,017,336 | ---- | C] ()
Cafezinho.bmp -> C:\WINDOWS\Cafezinho.bmp -> [2010/03/04 14:33:10 | 000,017,062 | ---- | C] ()
Seda.bmp -> C:\WINDOWS\Seda.bmp -> [2010/03/04 14:33:10 | 000,016,730 | ---- | C] ()
Tapete.bmp -> C:\WINDOWS\Tapete.bmp -> [2010/03/04 14:33:10 | 000,009,522 | ---- | C] ()
Renda azul 16.bmp -> C:\WINDOWS\Renda azul 16.bmp -> [2010/03/04 14:33:10 | 000,001,272 | ---- | C] ()
ideograf.uce -> C:\WINDOWS\System32\ideograf.uce -> [2010/03/04 14:33:09 | 000,060,458 | ---- | C] ()
gb2312.uce -> C:\WINDOWS\System32\gb2312.uce -> [2010/03/04 14:33:09 | 000,024,006 | ---- | C] ()
bopomofo.uce -> C:\WINDOWS\System32\bopomofo.uce -> [2010/03/04 14:33:09 | 000,022,984 | ---- | C] ()
shiftjis.uce -> C:\WINDOWS\System32\shiftjis.uce -> [2010/03/04 14:33:09 | 000,016,740 | ---- | C] ()
korean.uce -> C:\WINDOWS\System32\korean.uce -> [2010/03/04 14:33:09 | 000,012,876 | ---- | C] ()
kanji_2.uce -> C:\WINDOWS\System32\kanji_2.uce -> [2010/03/04 14:33:09 | 000,008,484 | ---- | C] ()
kanji_1.uce -> C:\WINDOWS\System32\kanji_1.uce -> [2010/03/04 14:33:09 | 000,006,948 | ---- | C] ()
tslabels.h -> C:\WINDOWS\System32\tslabels.h -> [2010/03/04 14:33:08 | 000,003,286 | ---- | C] ()
usrlogon.cmd -> C:\WINDOWS\System32\usrlogon.cmd -> [2010/03/04 14:33:08 | 000,001,221 | ---- | C] ()
msdtcprf.h -> C:\WINDOWS\System32\msdtcprf.h -> [2010/03/04 14:33:07 | 000,000,768 | ---- | C] ()
wmimgmt.msc -> C:\WINDOWS\System32\wmimgmt.msc -> [2010/03/04 14:33:03 | 000,063,488 | ---- | C] ()
pid.PNF -> C:\WINDOWS\System32\pid.PNF -> [2010/03/04 11:30:44 | 000,004,444 | ---- | C] ()
sam.spd -> C:\WINDOWS\System32\dllcache\sam.spd -> [2010/03/04 11:24:09 | 001,685,606 | ---- | C] ()
sam.sdf -> C:\WINDOWS\System32\dllcache\sam.sdf -> [2010/03/04 11:24:09 | 000,000,888 | ---- | C] ()
ltts1033.lxa -> C:\WINDOWS\System32\dllcache\ltts1033.lxa -> [2010/03/04 11:24:08 | 000,643,717 | ---- | C] ()
r1033tts.lxa -> C:\WINDOWS\System32\dllcache\r1033tts.lxa -> [2010/03/04 11:24:08 | 000,605,050 | ---- | C] ()
c_28603.nls -> C:\WINDOWS\System32\dllcache\c_28603.nls -> [2010/03/04 11:24:05 | 000,066,082 | ---- | C] ()
c_28603.nls -> C:\WINDOWS\System32\c_28603.nls -> [2010/03/04 11:24:05 | 000,066,082 | ---- | C] ()
c_857.nls -> C:\WINDOWS\System32\dllcache\c_857.nls -> [2010/03/04 11:24:04 | 000,066,594 | ---- | C] ()
c_857.nls -> C:\WINDOWS\System32\c_857.nls -> [2010/03/04 11:24:04 | 000,066,594 | ---- | C] ()
c_28599.nls -> C:\WINDOWS\System32\dllcache\c_28599.nls -> [2010/03/04 11:24:04 | 000,066,082 | ---- | C] ()
c_28599.nls -> C:\WINDOWS\System32\c_28599.nls -> [2010/03/04 11:24:04 | 000,066,082 | ---- | C] ()
c_10081.nls -> C:\WINDOWS\System32\dllcache\c_10081.nls -> [2010/03/04 11:24:04 | 000,066,082 | ---- | C] ()
c_10081.nls -> C:\WINDOWS\System32\c_10081.nls -> [2010/03/04 11:24:04 | 000,066,082 | ---- | C] ()
c_28595.nls -> C:\WINDOWS\System32\dllcache\c_28595.nls -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
C_28595.NLS -> C:\WINDOWS\System32\C_28595.NLS -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
c_10017.nls -> C:\WINDOWS\System32\dllcache\c_10017.nls -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
c_10017.nls -> C:\WINDOWS\System32\c_10017.nls -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
c_10007.nls -> C:\WINDOWS\System32\dllcache\c_10007.nls -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
c_10007.nls -> C:\WINDOWS\System32\c_10007.nls -> [2010/03/04 11:24:03 | 000,066,082 | ---- | C] ()
c_869.nls -> C:\WINDOWS\System32\dllcache\c_869.nls -> [2010/03/04 11:24:01 | 000,066,594 | ---- | C] ()
c_869.nls -> C:\WINDOWS\System32\c_869.nls -> [2010/03/04 11:24:01 | 000,066,594 | ---- | C] ()
c_737.nls -> C:\WINDOWS\System32\dllcache\c_737.nls -> [2010/03/04 11:24:01 | 000,066,594 | ---- | C] ()
c_737.nls -> C:\WINDOWS\System32\c_737.nls -> [2010/03/04 11:24:01 | 000,066,594 | ---- | C] ()
c_875.nls -> C:\WINDOWS\System32\dllcache\c_875.nls -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
c_875.nls -> C:\WINDOWS\System32\c_875.nls -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
c_28597.nls -> C:\WINDOWS\System32\dllcache\c_28597.nls -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
C_28597.NLS -> C:\WINDOWS\System32\C_28597.NLS -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
c_10006.nls -> C:\WINDOWS\System32\dllcache\c_10006.nls -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
c_10006.nls -> C:\WINDOWS\System32\c_10006.nls -> [2010/03/04 11:24:01 | 000,066,082 | ---- | C] ()
c_866.nls -> C:\WINDOWS\System32\dllcache\c_866.nls -> [2010/03/04 11:24:00 | 000,066,594 | ---- | C] ()
c_866.nls -> C:\WINDOWS\System32\c_866.nls -> [2010/03/04 11:24:00 | 000,066,594 | ---- | C] ()
c_855.nls -> C:\WINDOWS\System32\dllcache\c_855.nls -> [2010/03/04 11:24:00 | 000,066,594 | ---- | C] ()
c_855.nls -> C:\WINDOWS\System32\c_855.nls -> [2010/03/04 11:24:00 | 000,066,594 | ---- | C] ()
c_28594.nls -> C:\WINDOWS\System32\dllcache\c_28594.nls -> [2010/03/04 11:24:00 | 000,066,082 | ---- | C] ()
C_28594.NLS -> C:\WINDOWS\System32\C_28594.NLS -> [2010/03/04 11:24:00 | 000,066,082 | ---- | C] ()
c_852.nls -> C:\WINDOWS\System32\dllcache\c_852.nls -> [2010/03/04 11:23:59 | 000,066,594 | ---- | C] ()
c_852.nls -> C:\WINDOWS\System32\c_852.nls -> [2010/03/04 11:23:59 | 000,066,594 | ---- | C] ()
c_10082.nls -> C:\WINDOWS\System32\dllcache\c_10082.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_10082.nls -> C:\WINDOWS\System32\c_10082.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_10029.nls -> C:\WINDOWS\System32\dllcache\c_10029.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_10029.nls -> C:\WINDOWS\System32\c_10029.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_10010.nls -> C:\WINDOWS\System32\dllcache\c_10010.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_10010.nls -> C:\WINDOWS\System32\c_10010.nls -> [2010/03/04 11:23:59 | 000,066,082 | ---- | C] ()
c_20127.nls -> C:\WINDOWS\System32\dllcache\c_20127.nls -> [2010/03/04 11:23:58 | 000,066,082 | ---- | C] ()
c_20127.nls -> C:\WINDOWS\System32\c_20127.nls -> [2010/03/04 11:23:58 | 000,066,082 | ---- | C] ()
AUTOEXEC.NT -> C:\WINDOWS\System32\AUTOEXEC.NT -> [2010/03/04 11:23:55 | 000,000,515 | ---- | C] ()
desktop.ini -> C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini -> [2010/03/04 11:23:45 | 000,000,062 | -HS- | C] ()
MAPIMIG.CAT -> C:\WINDOWS\System32\dllcache\MAPIMIG.CAT -> [2010/03/04 11:23:44 | 000,399,670 | ---- | C] ()
netfx.cat -> C:\WINDOWS\System32\dllcache\netfx.cat -> [2010/03/04 11:23:44 | 000,144,484 | ---- | C] ()
tabletpc.cat -> C:\WINDOWS\System32\dllcache\tabletpc.cat -> [2010/03/04 11:23:44 | 000,105,628 | ---- | C] ()
MW770.CAT -> C:\WINDOWS\System32\dllcache\MW770.CAT -> [2010/03/04 11:23:44 | 000,037,509 | ---- | C] ()
mediactr.cat -> C:\WINDOWS\System32\dllcache\mediactr.cat -> [2010/03/04 11:23:44 | 000,034,747 | ---- | C] ()
FP4.CAT -> C:\WINDOWS\System32\dllcache\FP4.CAT -> [2010/03/04 11:23:44 | 000,033,765 | ---- | C] ()
IMS.CAT -> C:\WINDOWS\System32\dllcache\IMS.CAT -> [2010/03/04 11:23:44 | 000,016,825 | ---- | C] ()
HPCRDP.CAT -> C:\WINDOWS\System32\dllcache\HPCRDP.CAT -> [2010/03/04 11:23:44 | 000,013,497 | ---- | C] ()
MSMSGS.CAT -> C:\WINDOWS\System32\dllcache\MSMSGS.CAT -> [2010/03/04 11:23:44 | 000,012,363 | ---- | C] ()
MSTSWEB.CAT -> C:\WINDOWS\System32\dllcache\MSTSWEB.CAT -> [2010/03/04 11:23:44 | 000,010,027 | ---- | C] ()
IASNT4.CAT -> C:\WINDOWS\System32\dllcache\IASNT4.CAT -> [2010/03/04 11:23:44 | 000,008,599 | ---- | C] ()
OEMBIOS.CAT -> C:\WINDOWS\System32\dllcache\OEMBIOS.CAT -> [2010/03/04 11:23:44 | 000,007,382 | ---- | C] ()
wmerrenu.cat -> C:\WINDOWS\System32\dllcache\wmerrenu.cat -> [2010/03/04 11:23:44 | 000,007,334 | ---- | C] ()
NT5.CAT -> C:\WINDOWS\System32\dllcache\NT5.CAT -> [2010/03/04 11:23:43 | 002,038,809 | ---- | C] ()
SP3.CAT -> C:\WINDOWS\System32\dllcache\SP3.CAT -> [2010/03/04 11:23:43 | 001,233,746 | ---- | C] ()
NTPRINT.CAT -> C:\WINDOWS\System32\dllcache\NTPRINT.CAT -> [2010/03/04 11:23:43 | 001,088,840 | ---- | C] ()
NT5IIS.CAT -> C:\WINDOWS\System32\dllcache\NT5IIS.CAT -> [2010/03/04 11:23:43 | 000,809,104 | ---- | C] ()
NT5INF.CAT -> C:\WINDOWS\System32\dllcache\NT5INF.CAT -> [2010/03/04 11:23:43 | 000,634,592 | ---- | C] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/03/04 11:22:59 | 000,263,824 | ---- | C] ()
boot.ini -> C:\boot.ini -> [2010/03/04 11:21:48 | 000,000,211 | -HS- | C] ()
$winnt$.inf -> C:\WINDOWS\System32\$winnt$.inf -> [2010/03/04 11:21:44 | 000,000,261 | ---- | C] ()
libavcodec.dll -> C:\WINDOWS\System32\libavcodec.dll -> [2008/12/19 12:15:58 | 004,338,246 | ---- | C] ()
ff_x264.dll -> C:\WINDOWS\System32\ff_x264.dll -> [2008/12/17 14:41:18 | 000,884,237 | ---- | C] ()
ff_wmv9.dll -> C:\WINDOWS\System32\ff_wmv9.dll -> [2008/12/17 14:22:58 | 000,093,184 | ---- | C] ()
ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2008/12/17 14:22:48 | 000,057,344 | ---- | C] ()
ff_theora.dll -> C:\WINDOWS\System32\ff_theora.dll -> [2008/12/17 14:17:34 | 000,239,247 | ---- | C] ()
libmplayer.dll -> C:\WINDOWS\System32\libmplayer.dll -> [2008/12/17 13:59:54 | 000,560,802 | ---- | C] ()
ff_vfw.dll.manifest -> C:\WINDOWS\System32\ff_vfw.dll.manifest -> [2008/12/11 08:27:02 | 000,000,547 | ---- | C] ()
ff_mpeg2enc.dll -> C:\WINDOWS\System32\ff_mpeg2enc.dll -> [2004/10/03 14:50:54 | 000,129,024 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:76ECB5BA_Bb.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:76ECB5BA_Cef.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:76ECB5BA_Scd.gbp
@Alternate Data Stream - 354 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
< End of report >

jazeusa · 11/05/2010

thi@go disse:
É mais ou menos por aí, vc tem que trocar a senha do msn num computador não infectado senão não adianta muita coisa, seu micro continua infectado e provavelmente vai apresentar esses sintomas novamente. Acredito que vc esteja infactado por um keylogger, poste um log do Hijackthis que o Mr. Wolf explica melhor isso pra vc pois a solução não é só trocar a senha e pronto.

Putz pior que troquei a senha no PC teoricamente infectado fazem 3 meses e ainda está tudo normal, mas vou seguir sua dica e postar um log para o Mr. Wolf...Vlw

Mr.Wolf · 11/05/2010

Boa tarde pessoal!

Megadeeth, a infecção por um Vírus de Boot ocorre como qualquer outra. Não tem um jeito específico. E nao, o LogMeIn não tem nada a ver com isso.

______________________________

Opa Gustavo L, como vai?

Seu computador está bem infectado realmente. O processo Pdegoa.exe é um trojan downloader.

Siga abaixo:

1ª Etapa

Vá em Painel de Controle > Adicionar ou Remover Programas. Encontre e desinstale os seguintes componentes: Ask.com e RelevantKnowledge (caso este esteja presente).

2ª Etapa

Baixe o DeFogger e salve no desktop. Execute o aplicativo e clique em Disable > Yes. Isso irá desativar, temporariamente, os emuladores de CD que você possui na máquina, pois é necessário para o bom funcionamento da ferramenta que iremos utilizar a seguir.

- Faça o download do ComboFix e salve-o na área de trabalho;

● Desative temporariamente o seu antivirus para não detectar a ferramenta como vírus;
● Duplo clique no ícone combofix.exe para iniciar o scan;
● Leia o contrato que aparecerá e clique em Sim para continuar;
● Abrirá uma janela do Console de Recuperação, clique em Não;
● Aguarde enquanto o ComboFix faz o scan;
● Se ocorrer algum problema durante o scan, reinicie seu computador em Modo de Segurança e repita o procedimento;
● Não clique na janela do ComboFix e procure não utilizar o teclado também, para não atrapalhar a varredura da ferramenta;
● Se quiser sair ou parar o ComboFix, tecle N;
● Quando terminar seu micro será reiniciado. Após o reinicio, a ferramenta executará novamente, aguarde;
● Será gerado um log em C:\ComboFix.txt.

Cole este log em sua próxima resposta.

_________________________

cg150mt, não há indícios de infecção no log do OTS.

Mas, estes problemas que você está enfrentando com o PC, quando trata-se de vírus, geralmente é causado pelo Parite. E o mesmo não aparece em nenhum log porque contamina somente arquivos legítimos.

Vamos fazer uma verificação online. Com o navegador Internet Explorer, acesse o ESET Online Scanner e siga este tutorial para realizar o scan no site.

Ao término, poste o log que será criado em C:\Arquivos de programas\EsetOnlineScanner\log.

Antyon · 11/05/2010

Mr.Wolf disse:
Opa Gustavo L, como vai?

Seu computador está bem infectado realmente. O processo Pdegoa.exe é um trojan downloader.

Siga abaixo:

1ª Etapa

Vá em Painel de Controle > Adicionar ou Remover Programas. Encontre e desinstale os seguintes componentes: Ask.com e RelevantKnowledge (caso este esteja presente).

2ª Etapa

Baixe o DeFogger e salve no desktop. Execute o aplicativo e clique em Disable > Yes. Isso irá desativar, temporariamente, os emuladores de CD que você possui na máquina, pois é necessário para o bom funcionamento da ferramenta que iremos utilizar a seguir.

- Faça o download do ComboFix e salve-o na área de trabalho;

● Desative temporariamente o seu antivirus para não detectar a ferramenta como vírus;
● Duplo clique no ícone combofix.exe para iniciar o scan;
● Leia o contrato que aparecerá e clique em Sim para continuar;
● Abrirá uma janela do Console de Recuperação, clique em Não;
● Aguarde enquanto o ComboFix faz o scan;
● Se ocorrer algum problema durante o scan, reinicie seu computador em Modo de Segurança e repita o procedimento;
● Não clique na janela do ComboFix e procure não utilizar o teclado também, para não atrapalhar a varredura da ferramenta;
● Se quiser sair ou parar o ComboFix, tecle N;
● Quando terminar seu micro será reiniciado. Após o reinicio, a ferramenta executará novamente, aguarde;
● Será gerado um log em C:\ComboFix.txt.

Cole este log em sua próxima resposta.

_________________________

Olá Mr.Wolf,

Aqui está o Log:

ComboFix 10-05-10.05 - Tio Zaca Da uma doze 11/05/2010 17:07:56.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2047.1443 [GMT -3:00]
Executando de: c:\documents and settings\Tio Zaca Da uma doze\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Desktopicon
c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Desktopicon\eBayShortcuts.exe
c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Desktopicon\mc.ico
c:\windows\msnimport.exe
c:\windows\Pdegoa.exe
c:\windows\system32\BReWErS.dll
c:\windows\system32\csrcs.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_abp470n5
-------\Service_SSHNAS

(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-11 to 2010-05-11 ))))))))))))))))))))))))))))
.

2010-05-11 15:30 . 2009-05-18 16:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-11 15:30 . 2008-04-17 15:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\iPod
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\iTunes
2010-05-11 15:29 . 2010-05-11 15:29 -------- d-----w- c:\arquivos de programas\QuickTime
2010-05-11 15:29 . 2010-05-11 15:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer
2010-05-11 15:28 . 2010-05-11 15:28 -------- d-----w- c:\arquivos de programas\Apple Software Update
2010-05-11 15:27 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple
2010-05-11 15:27 . 2010-05-11 15:27 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple
2010-05-11 02:42 . 2010-05-11 02:42 -------- d-----w- c:\arquivos de programas\Trend Micro
2010-05-09 23:09 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-07 17:58 . 2010-05-07 17:58 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Packet Tracer 5.2
2010-05-07 17:58 . 2010-05-07 17:58 -------- d-----w- c:\arquivos de programas\Packet Tracer 5.2
2010-04-30 12:22 . 2010-04-30 12:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MySQL
2010-04-30 12:22 . 2010-04-30 12:22 -------- d-----w- c:\arquivos de programas\MySQL

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-11 20:07 . 2009-05-24 02:24 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Winamp
2010-05-11 15:37 . 2010-02-23 18:02 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Apple Computer
2010-05-11 15:28 . 2009-07-27 17:56 -------- d-----w- c:\arquivos de programas\Bonjour
2010-05-09 23:09 . 2009-08-05 21:57 -------- d-----w- c:\arquivos de programas\Java
2010-05-09 14:04 . 2009-04-19 01:25 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-03 17:41 . 2010-01-27 00:25 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-04-29 14:20 . 2010-03-15 15:17 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-28 18:45 . 2010-04-28 18:45 73000 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-24 14:01 . 2009-04-19 16:03 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\uTorrent
2010-04-22 18:36 . 2009-05-24 19:46 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-04-14 02:50 . 2010-04-14 02:50 8854 ----a-r- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2010-04-14 02:50 . 2010-04-14 02:50 40960 ----a-r- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2010-04-14 02:50 . 2010-04-14 02:50 40960 ----a-r- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2010-04-14 02:50 . 2009-06-14 16:44 -------- d-----w- c:\arquivos de programas\Project64 1.6
2010-04-12 16:37 . 2010-03-01 02:22 -------- d-----w- c:\arquivos de programas\Google
2010-04-09 21:14 . 2009-04-18 18:43 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-04-09 21:14 . 2009-04-18 18:44 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-04-08 16:20 . 2010-04-08 16:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 16:20 . 2010-04-08 16:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-08 10:54 . 2010-01-26 10:38 -------- d-----w- c:\arquivos de programas\Sun
2010-04-03 18:08 . 2010-04-03 18:08 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-04-03 17:15 . 2010-04-03 17:04 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\TeamViewer
2010-04-03 17:04 . 2010-04-03 17:04 -------- d-----w- c:\arquivos de programas\TeamViewer
2010-04-03 13:10 . 2010-04-03 13:10 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
2010-04-01 15:04 . 2009-05-24 02:24 -------- d-----w- c:\arquivos de programas\Winamp
2010-04-01 15:04 . 2010-04-01 15:04 -------- d-----w- c:\arquivos de programas\Winamp Detect
2010-03-31 20:53 . 2010-03-31 20:53 -------- d-----w- c:\arquivos de programas\ManyCam 2.4
2010-03-31 20:53 . 2010-03-31 20:53 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\ManyCam
2010-03-31 20:49 . 2010-03-31 20:46 -------- d-----w- c:\arquivos de programas\Fake Webcam
2010-03-30 12:51 . 2010-03-30 12:51 -------- d-----w- c:\arquivos de programas\LogMeIn Hamachi
2010-03-25 23:06 . 2010-04-06 19:42 123856 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-03-25 23:06 . 2010-04-06 19:41 41680 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-03-25 13:56 . 2010-03-25 20:45 131360 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll
2010-03-25 01:56 . 2010-02-25 15:33 -------- d-----w- c:\arquivos de programas\NetBeans 6.8
2010-03-22 02:08 . 2010-03-22 02:08 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Ubisoft
2010-03-22 02:08 . 2010-03-22 02:08 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Ubisoft
2010-03-22 02:03 . 2010-03-22 02:03 -------- d-----w- c:\arquivos de programas\Ubisoft
2010-03-22 01:59 . 2009-07-19 17:08 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Skype
2010-03-21 19:07 . 2009-07-19 17:12 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\skypePM
2010-03-18 14:01 . 2010-03-18 14:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Skype
2010-03-18 14:01 . 2009-07-19 17:08 -------- d-----r- c:\arquivos de programas\Skype
2010-03-15 14:18 . 2010-03-15 14:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-15 14:18 . 2010-03-15 14:11 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Lavasoft
2010-03-15 14:11 . 2010-03-15 14:11 -------- d-----w- c:\arquivos de programas\Lavasoft
2010-03-15 14:11 . 2010-03-15 14:11 -------- dc-h--w- c:\documents and settings\All Users\Dados de aplicativos\{52AC600B-5800-407E-99FF-83CD0669760B}
2010-03-15 00:10 . 2010-03-14 23:46 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Common Share
2010-03-15 00:08 . 2010-03-15 00:03 -------- d-----w- c:\arquivos de programas\Ultra Mobile 3GP Video Converter
2010-03-14 23:33 . 2010-03-14 23:33 -------- d-----w- c:\arquivos de programas\DownloadToolz
2010-03-05 11:58 . 2010-03-05 11:58 503808 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6cd84e5b-n\msvcp71.dll
2010-03-05 11:58 . 2010-03-05 11:58 499712 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6cd84e5b-n\jmc.dll
2010-03-05 11:58 . 2010-03-05 11:58 348160 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6cd84e5b-n\msvcr71.dll
2010-03-05 11:58 . 2010-03-05 11:58 61440 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-61863e88-n\decora-sse.dll
2010-03-05 11:58 . 2010-03-05 11:58 12800 ----a-w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-61863e88-n\decora-d3d.dll
2010-02-15 14:41 . 2001-09-28 12:00 86924 ----a-w- c:\windows\system32\perfc016.dat
2010-02-15 14:41 . 2001-09-28 12:00 486292 ----a-w- c:\windows\system32\perfh016.dat
2010-02-14 21:17 . 2010-02-14 21:17 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-06-22 06:53 . 2009-06-20 19:40 20650016 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{14f0d511-36a2-41ca-ae01-ba4f87282c97}"= "c:\arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll" [2008-09-17 1275176]

[HKEY_CLASSES_ROOT\clsid\{14f0d511-36a2-41ca-ae01-ba4f87282c97}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{8613efdf-b530-4b1d-b970-b09f99977813}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840]
"ManyCam"="c:\arquivos de programas\ManyCam 2.4\ManyCam.exe" [2010-03-03 1824040]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\arquivos de programas\Winamp\winampa.exe" [2010-01-13 37888]
"OrderReminder"="c:\arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-07-21 98304]
"RivaTunerStartupDaemon"="c:\arquivos de programas\RivaTuner v2.24\RivaTuner.exe" [2009-02-25 2781184]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-08-13 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SoundMAXPnP"="c:\arquivos de programas\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"LogMeIn Hamachi Ui"="c:\arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-04-28 142120]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Tio Zaca Da uma doze\Menu Iniciar\Programas\Inicializar\
Adobe Gamma.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Microsoft Office.lnk - c:\arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0rmslt.nt\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Tio Zaca Da uma doze^Menu Iniciar^Programas^Inicializar^Xfire.lnk]
path=c:\documents and settings\Tio Zaca Da uma doze\Menu Iniciar\Programas\Inicializar\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 18:10 271360 ----a-w- c:\arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\EA Games\\Battlefield 2\\BF2.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Steam\\steamapps\\gonstavo\\team fortress 2\\hl2.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"d:\\Steam\\steamapps\\digulopes\\counter-strike source\\hl2.exe"=
"c:\\Arquivos de programas\\Valve\\hl.exe"=
"c:\\Arquivos de programas\\Xfire\\Xfire.exe"=
"d:\\Steam\\steamapps\\gonstavo\\counter-strike\\hl.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office10\\OSA.EXE"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"e:\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"d:\\Steam\\Steam.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"d:\\Steam\\steamapps\\common\\killingfloor\\System\\KillingFloor.exe"=
"d:\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/03/2010 11:18 64288]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [09/12/2008 20:10 24636]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\arquivos de programas\LogMeIn Hamachi\hamachi-2.exe [30/03/2010 11:16 1107336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe [05/02/2010 06:03 1285864]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 07:06 21632]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe" --> c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [28/02/2010 23:22 135664]
S3 utezoda5;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\utezoda5.sys --> c:\windows\system32\Drivers\utezoda5.sys [?]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/04/2009 16:04 721904]
.
Conteúdo da pasta 'Tarefas Agendadas'

2010-05-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\arquivos de programas\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-05 14:18]

2010-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2009-10-22 14:50]

2010-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-03-01 02:22]

2010-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-03-01 02:22]
.
.
------- Scan Suplementar -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &SHOUTcast Search - c:\documents and settings\All Users\Dados de aplicativos\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download All by FlashGet - c:\arquivos de programas\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\arquivos de programas\FlashGet\jc_link.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {DF73D593-46FE-447A-94D5-B7975EC72875} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\arquivos de programas\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
FF - component: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll
FF - plugin: c:\arquivos de programas\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\justintvpublisher@justin.tv\platform\WINNT_x86-msvc\plugins\npjustintvpublish.dll

---- FIREFOX POLICIES ----

FF - user.js: browser.sessionstore.resume_from_crash - false
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORFÃOS REMOVIDOS - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-myweather - c:\arquivos de programas\MyFreeWeather\myweather.exe
HKCU-Run-Secret Drive - c:\arquivos de programas\Eterlogic.com\SecretDrive\SecretDrive.exe
HKCU-Run-Active Desktop Calendar - c:\arquivos de programas\XemiComputers\Active Desktop Calendar\ADC.exe
HKLM-Run-avgnt - c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
HKLM-Run-DrvIcon - c:\arquivos de programas\Vista Drive Icon\DrvIcon.exe
HKLM-Run-Emurayden PSX Emulator - (no file)
HKLM-Run-BINA PRO - c:\arquivos de programas\BINA PRO\BINAPRO500.exe
MSConfigStartUp-RGSC - d:\rockstar games\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-Vista Rainbar - c:\arquivos de programas\Vista Rainbar\launcher.exe
MSConfigStartUp-ViStart - c:\arquivos de programas\ViStart\ViStart.exe
MSConfigStartUp-VisualTooltip - c:\arquivos de programas\VisualTooltip\VisualToolTip.exe
AddRemove-Emurayden PSX Emulator v2.2 - c:\program files\Emurayden PSX Emulator v2.2\Uninstall.exe
AddRemove-F.E.A.R. 2 - Project Origin_is1 - c:\games\FEAR 2 Project Origin\unins000.exe
AddRemove-HijackThis - c:\documents and settings\Tio Zaca Da uma doze\Desktop\HijackThis.exe
AddRemove-mIRC - c:\arquivos de programas\The 7 Deadly Sins\mirc.exe
AddRemove-{76493547-1b0c-450e-a713-e51c3d1e0f29} - c:\arquivos de programas\Arquivos comuns\Nero\Nero ProductInstaller 4\SetupX.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-11 17:17
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-527237240-1957994488-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AD77666B-FA90-77A8-11AD-BCCEC2EC1BFA}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(3692)
c:\windows\system32\WPDShServiceObj.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_por-br.nlr
c:\arquivos de programas\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\arquivos de programas\Bonjour\mDNSResponder.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\arquivos de programas\iPod\bin\iPodService.exe
c:\arquivos de programas\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-05-11 17:25:38 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-05-11 20:25

Pré-execução: 19 pasta(s) 26.124.582.912 bytes disponíveis
Pós execução: 20 pasta(s) 33.257.046.016 bytes disponíveis

- - End Of File - - 56AB45B5DA21019A03B6B197BE7BAD74

110 · 12/05/2010

Ola Mr.Wolf, um amigo meu acabou entrando num link que mandaram para ele no msn agora os msn fica mandando mensagens automaticamente com o mesmo link.

Log do Hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:35:53, on 11/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Eset\nod32krn.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Arquivos de programas\TP-LINK\TWCU\TWCU.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Eset\nod32kui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\WinXP\Dados de aplicativos\egun.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Download Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Download Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TWCU] "C:\Arquivos de programas\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [4shared Update] "C:\Arquivos de programas\4shared Desktop\checkUpdate.exe"
O4 - HKLM\..\Run: [Windows System Guard] C:\Documents and Settings\WinXP\Dados de aplicativos\egun.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [4shared Desktop] "C:\Arquivos de programas\4shared Desktop\desktop.exe" "startup"
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm
O8 - Extra context menu item: &Download using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266711878921
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 8699 bytes

cg150mt · 12/05/2010

Mr.Wolf disse:
Boa tarde pessoal!
cg150mt, não há indícios de infecção no log do OTS.

Mas, estes problemas que você está enfrentando com o PC, quando trata-se de vírus, geralmente é causado pelo Parite. E o mesmo não aparece em nenhum log porque contamina somente arquivos legítimos.

Vamos fazer uma verificação online. Com o navegador Internet Explorer, acesse o ESET Online Scanner e siga este tutorial para realizar o scan no site.

Ao término, poste o log que será criado em C:\Arquivos de programas\EsetOnlineScanner\log.

Então Mr. Wolf
Aqui esta o log do ESET Online Scaner, sendo que acusou um arquivo sendo virus ...o que fazer agora...blza

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=5ac6bedd4b9a074eb45b11244d356f96
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-05-12 03:10:40
# local_time=2010-05-12 12:10:40 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775125 100 94 0 45392284 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=36296
# found=1
# cleaned=1
# scan_time=3303
C:\Documents and Settings\User\Configurações locais\Temp\NERO14416\Toolbar.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

[/URL] Uploaded with ImageShack.us[/IMG]

Mr.Wolf · 12/05/2010

Boa tarde pessoal!

Gustavo L, ainda temos trabalho a fazer. Os resquícios do trojan ainda estão presentes no computador.

Siga abaixo:

Selecione e copie este texto abaixo. Cole no Bloco de Notas e salve-o no desktop como CFScript.txt

Código:

Snapshot::
Driver::
utezoda5

File::
c:\windows\system32\Drivers\utezoda5.sys

SysRst::

Registry-clean::

Arraste o CFScript para o ComboFix como na imagem aqui abaixo e aguarde a execução automática da ferramenta:

● Se for solicitado à você, pressione Enter para iniciar o processo de remoção;
● Não use o mouse nem o teclado quando o ComboFix estiver rodando;
● Quando terminar, será gerado um novo log que estará em C:\ComboFix.txt;
● Talvez seu computador seja reiniciado automaticamente. Caso não ocorra, reinicie-o manualmente.

Na sua próxima resposta, cole o ComboFix.txt e um novo log do HijackThis.

_______________________

Opa 110, sugiro que seu amigo fique, por enquanto, sem acessar ao MSN. E diga-o para posteriormente alterar sua senha.

Siga abaixo:

- Faça o download do Toolbar S&D e salve-o no desktop;

- Dê um duplo clique no ícone ToolBarSD.exe que está no desktop;
- Ao abrir a janela da ferramenta, tecle P + Enter;
- Tecle 2 + Enter e aguarde;
- Ao término, um novo log estará em C:\TB.txt.

Cole-o em sua próxima resposta.

- Faça o download do SDFix e salve no desktop;

● Dê um duplo clique no SDFix.exe e a ferramenta será instalada em C:\SDFix. Mas não o execute ainda;
● Reinicie seu computador em Modo de Segurança;
● Entre na pasta do SDFix que foi instalada no seu computador e dê um duplo clique no arquivo RunThis.bat;
● Tecle Y para que a ferramenta inicie o processo de remoção;
● Quando tudo terminar, você verá um aviso dizendo para apertar qualquer tecla para continuar. Faça isso. Seu computador será reiniciado automaticamente;
● Após reiniciar, a ferramenta ainda será executada novamente, irá terminar o seu trabalho e a palavra Finished irá aparecer. Pressione qualquer tecla novamente;
● Uma janela com o relatório do SDFix irá aparecer;
● O log abrirá automaticamente para você. Estará salvo na pasta do SDFix com o nome Report.txt;

Faça um novo log do HijackThis e cole na sua próxima resposta, juntamente com o log do SDFix e do ToolbarSD.

_______________________

Amigo cg150mt, o arquivo detectado, e já removido, pelo ESET, não tem ligação com o Parite. Entretanto, foi identificado na pasta temporária do Windows; bastava limpá-la que o arquivo era removido.

O arquivo, porém, era uma toolbar maliciosa mas de baixo risco, o que indubitavelmente não era a causadora do problema com seu computador.

Pode excluir a pasta C:\Arquivos de programas\EsetOnlineScanner.

defante · 12/05/2010

Mr. esse site aki é confiável?

www.frajolla.com.br

É de Tools de Orkut!

cg150mt · 12/05/2010

Mr.Wolf disse:
Boa tarde pessoal!

Amigo cg150mt, o arquivo detectado, e já removido, pelo ESET, não tem ligação com o Parite. Entretanto, foi identificado na pasta temporária do Windows; bastava limpá-la que o arquivo era removido.

O arquivo, porém, era uma toolbar maliciosa mas de baixo risco, o que indubitavelmente não era a causadora do problema com seu computador.

Pode excluir a pasta C:\Arquivos de programas\EsetOnlineScanner.

Valeu amigo Mr. Wolf... já fico melhor em saber que dessa noticia.....
abraç

juniorain · 12/05/2010

Olá, eu cheguei até aqui depois de procurar sobre um arquivo chamado "digest32.dll", um anti-vírus que eu baixei detectou ele aqui mas não fez nada porque exigia chave de ativação, agora não sei o que fazer. O Problema é que meu computador vem apresentando problemas, ele dificilmente inicia, ele vai através de todo processo de iniciação e quando chega no loading do windows vista ele reinicia sozinho, se por um milagre ele consegue iniciar daí ele não reinicia mais, às vezes vem uma tela azul antes de reiniciar. Por isso agora eu to tentando todo tipo de software pra tentar solucionar o problema sem ter que tomar alguma atitude mais drástica. Outro arquivo que enche o saco é um tal de "KlD.exe" que inicia com o PC, eu fiz o que diz no começo do tópico se alguém souber de alguma coisa que eu possa fazer por favor me ajude.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:49:03, on 12/05/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HooTech\NetMeter\HooNetMeter.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Windows\system32\conime.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Microsoft Updates] avi2.23.exe
O4 - HKLM\..\Run: [Microsoft Manager 1] C:\Windows\KlD.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Windows System Update] C:\Windows\TEMP\CSRSS.EXE
O4 - HKLM\..\Run: [Windows Updater] C:\Windows\TEMP\System.exe
O4 - HKLM\..\Run: [Language_Shortcut] C:\Windows\TEMP\IEXPLORE.EXE
O4 - HKLM\..\Run: [SYSTRAY_UPDATE] C:\Windows\TEMP\systray.exe
O4 - HKLM\..\Run: [RUNDLL32] C:\Windows\TEMP\rundll32.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [NetMeter] C:\Program Files\HooTech\NetMeter\HooNetMeter.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')
O4 - Global Startup: Folding@home.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F19F8EC-9AA4-4E96-B491-7E712296B266}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 9090 bytes

Ferps · 12/05/2010

Mr.Wolf, tem como vc da 1 olhada no meu log? Obg.

Ps¹ Meu pc fica abrindo varias telas da calculadora sem parar do nada :s.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:34:03, on 12/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Teamspeak2_RC2\TeamSpeak.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Asprate\Tibia MULTI-ip changer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Teamspeak2_RC2\TeamSpeak.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\tibia 8.54\Tibia\Tibia.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\calc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Arquivos de programas\DVDVideoSoft\tbDVDV.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\\userinit.exe,userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7FE393D6-2A55-4BCF-9588-78A89F9A49FF} - c:\windows\system32\lbycdxv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Arquivos de programas\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Arquivos de programas\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ccleaner] "C:\Arquivos de programas\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O17 - HKLM\System\CCS\Services\Tcpip\..\{8CBE0016-319E-45D1-BF51-CDB4AFB448F8}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: c:\windows\elf_key.dll
O20 - Winlogon Notify: LogonInit - logonInit.dll (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 6510 bytes

didifpg · 13/05/2010

Olá Mr. Wolf...
to desesperado aqui em casa e acredito que só voce poderá me ajudar....
Criei no meu computador uma nova conta de usuário com o nome de convidado 1, e deixei outra conta como ADMINISTRADOR, que tranquei todsa as pastas.
Porém, hoje a hora que fui ligar o meu computador, ele entra direto no usuário convidado 1 e não me da a opção de troca de usuário. Já procurei no painel de controle/contas de usuário.. mais não está lá o usuário Administrador. Ei sei que não apaguei a conta... e TODOS meus arquivos estão salvos naquele usuário.
POR FAVOR... ME AJUDEEEE OU ME ENCAMINHE PARA ALGUEM QUE PODE ME AJUDAR!!!
TO DESESPERADOOOOO!!!!
aBRAÇOS

thi@go · 13/05/2010

didifpg disse:
Olá Mr. Wolf...
to desesperado aqui em casa e acredito que só voce poderá me ajudar....
Criei no meu computador uma nova conta de usuário com o nome de convidado 1, e deixei outra conta como ADMINISTRADOR, que tranquei todsa as pastas.
Porém, hoje a hora que fui ligar o meu computador, ele entra direto no usuário convidado 1 e não me da a opção de troca de usuário. Já procurei no painel de controle/contas de usuário.. mais não está lá o usuário Administrador. Ei sei que não apaguei a conta... e TODOS meus arquivos estão salvos naquele usuário.
POR FAVOR... ME AJUDEEEE OU ME ENCAMINHE PARA ALGUEM QUE PODE ME AJUDAR!!!
TO DESESPERADOOOOO!!!!
aBRAÇOS

Tenta ir no Painel de controle>Contas de usuário, vc troca o modo de como os usuários fazer logon e tira a tela de boas vindas, reinicia o micro e na janela de logon vc pode tentar logar com o usuário e senha do admin.

Antyon · 13/05/2010

Mr.Wolf disse:
Boa tarde pessoal!

Gustavo L, ainda temos trabalho a fazer. Os resquícios do trojan ainda estão presentes no computador.

Siga abaixo:

Selecione e copie este texto abaixo. Cole no Bloco de Notas e salve-o no desktop como CFScript.txt

Código:

Snapshot:: Driver:: utezoda5 File:: c:\windows\system32\Drivers\utezoda5.sys SysRst:: Registry-clean::

Arraste o CFScript para o ComboFix como na imagem aqui abaixo e aguarde a execução automática da ferramenta:

● Se for solicitado à você, pressione Enter para iniciar o processo de remoção;
● Não use o mouse nem o teclado quando o ComboFix estiver rodando;
● Quando terminar, será gerado um novo log que estará em C:\ComboFix.txt;
● Talvez seu computador seja reiniciado automaticamente. Caso não ocorra, reinicie-o manualmente.

Na sua próxima resposta, cole o ComboFix.txt e um novo log do HijackThis.

_______________________

Aqui estão

ComboFix:

ComboFix 10-05-12.04 - Tio Zaca Da uma doze 13/05/2010 8:12.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2047.1319 [GMT -3:00]
Executando de: c:\documents and settings\Tio Zaca Da uma doze\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Tio Zaca Da uma doze\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Criado um novo ponto de restauração

FILE ::
"c:\windows\system32\Drivers\utezoda5.sys"
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_UTEZODA5
-------\Service_utezoda5

(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-13 to 2010-05-13 ))))))))))))))))))))))))))))
.

2010-05-11 15:30 . 2009-05-18 16:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-11 15:30 . 2008-04-17 15:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\iPod
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-11 15:30 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\iTunes
2010-05-11 15:29 . 2010-05-11 15:29 -------- d-----w- c:\arquivos de programas\QuickTime
2010-05-11 15:29 . 2010-05-11 15:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer
2010-05-11 15:28 . 2010-05-11 15:28 -------- d-----w- c:\arquivos de programas\Apple Software Update
2010-05-11 15:27 . 2010-05-11 15:30 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple
2010-05-11 15:27 . 2010-05-11 15:27 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple
2010-05-11 02:42 . 2010-05-11 02:42 -------- d-----w- c:\arquivos de programas\Trend Micro
2010-05-09 23:09 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-07 17:58 . 2010-05-07 17:58 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Packet Tracer 5.2
2010-05-07 17:58 . 2010-05-07 17:58 -------- d-----w- c:\arquivos de programas\Packet Tracer 5.2
2010-04-30 12:22 . 2010-04-30 12:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MySQL
2010-04-30 12:22 . 2010-04-30 12:22 -------- d-----w- c:\arquivos de programas\MySQL

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-12 20:44 . 2009-05-24 02:24 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Winamp
2010-05-11 15:37 . 2010-02-23 18:02 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Apple Computer
2010-05-11 15:28 . 2009-07-27 17:56 -------- d-----w- c:\arquivos de programas\Bonjour
2010-05-09 23:09 . 2009-08-05 21:57 -------- d-----w- c:\arquivos de programas\Java
2010-05-09 14:04 . 2009-04-19 01:25 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-03 17:41 . 2010-01-27 00:25 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-04-29 14:20 . 2010-03-15 15:17 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-24 14:01 . 2009-04-19 16:03 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\uTorrent
2010-04-22 18:36 . 2009-05-24 19:46 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-04-14 02:50 . 2009-06-14 16:44 -------- d-----w- c:\arquivos de programas\Project64 1.6
2010-04-12 16:37 . 2010-03-01 02:22 -------- d-----w- c:\arquivos de programas\Google
2010-04-09 21:14 . 2009-04-18 18:43 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-04-09 21:14 . 2009-04-18 18:44 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-04-08 16:20 . 2010-04-08 16:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 16:20 . 2010-04-08 16:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-08 10:54 . 2010-01-26 10:38 -------- d-----w- c:\arquivos de programas\Sun
2010-04-03 18:08 . 2010-04-03 18:08 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-04-03 17:15 . 2010-04-03 17:04 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\TeamViewer
2010-04-03 17:04 . 2010-04-03 17:04 -------- d-----w- c:\arquivos de programas\TeamViewer
2010-04-03 13:10 . 2010-04-03 13:10 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
2010-04-01 15:04 . 2009-05-24 02:24 -------- d-----w- c:\arquivos de programas\Winamp
2010-04-01 15:04 . 2010-04-01 15:04 -------- d-----w- c:\arquivos de programas\Winamp Detect
2010-03-31 20:53 . 2010-03-31 20:53 -------- d-----w- c:\arquivos de programas\ManyCam 2.4
2010-03-31 20:53 . 2010-03-31 20:53 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\ManyCam
2010-03-31 20:49 . 2010-03-31 20:46 -------- d-----w- c:\arquivos de programas\Fake Webcam
2010-03-30 12:51 . 2010-03-30 12:51 -------- d-----w- c:\arquivos de programas\LogMeIn Hamachi
2010-03-25 23:06 . 2010-04-06 19:42 123856 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-03-25 23:06 . 2010-04-06 19:41 41680 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-03-25 01:56 . 2010-02-25 15:33 -------- d-----w- c:\arquivos de programas\NetBeans 6.8
2010-03-22 02:08 . 2010-03-22 02:08 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Ubisoft
2010-03-22 02:08 . 2010-03-22 02:08 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Ubisoft
2010-03-22 02:03 . 2010-03-22 02:03 -------- d-----w- c:\arquivos de programas\Ubisoft
2010-03-22 01:59 . 2009-07-19 17:08 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Skype
2010-03-21 19:07 . 2009-07-19 17:12 -------- d-----w- c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\skypePM
2010-03-18 14:01 . 2010-03-18 14:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Skype
2010-03-18 14:01 . 2009-07-19 17:08 -------- d-----r- c:\arquivos de programas\Skype
2010-03-15 14:18 . 2010-03-15 14:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-15 14:18 . 2010-03-15 14:11 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Lavasoft
2010-03-15 14:11 . 2010-03-15 14:11 -------- d-----w- c:\arquivos de programas\Lavasoft
2010-03-15 14:11 . 2010-03-15 14:11 -------- dc-h--w- c:\documents and settings\All Users\Dados de aplicativos\{52AC600B-5800-407E-99FF-83CD0669760B}
2010-03-15 00:10 . 2010-03-14 23:46 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Common Share
2010-03-15 00:08 . 2010-03-15 00:03 -------- d-----w- c:\arquivos de programas\Ultra Mobile 3GP Video Converter
2010-03-14 23:33 . 2010-03-14 23:33 -------- d-----w- c:\arquivos de programas\DownloadToolz
2010-02-15 14:41 . 2001-09-28 12:00 86924 ----a-w- c:\windows\system32\perfc016.dat
2010-02-15 14:41 . 2001-09-28 12:00 486292 ----a-w- c:\windows\system32\perfh016.dat
2010-02-14 21:17 . 2010-02-14 21:17 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-06-22 06:53 . 2009-06-20 19:40 20650016 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((((((((((((( System Restore )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\aaw7boot.cmd
15/03/2010 12:17 2400 \RP371\A0082405.cmd
11/05/2010 00:38 608 \RP428\A0088141.cmd

03/04/2010 21:14 251296 c:\arquivos de programas\Adobe\Reader 9.0\Reader\A3DUtility.exe
16/04/2010 07:37 0 \RP405\A0086134.exe

04/04/2010 00:59 783872 c:\arquivos de programas\Adobe\Reader 9.0\Reader\ACE.dll
16/04/2010 07:37 0 \RP405\A0086135.dll

03/04/2010 21:49 280024 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroBroker.exe
16/04/2010 07:37 0 \RP405\A0086153.exe

04/04/2010 01:03 20452792 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroRd32.dll
16/04/2010 07:37 0 \RP405\A0086136.dll

04/04/2010 02:57 349616 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroRd32.exe
16/04/2010 07:37 0 \RP405\A0086137.exe

03/04/2010 20:48 15800 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
16/04/2010 07:37 0 \RP405\A0086138.exe

03/04/2010 21:03 120240 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroRdIF.dll
16/04/2010 07:37 0 \RP405\A0086139.dll

04/04/2010 00:57 27048 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe
16/04/2010 07:37 0 \RP405\A0086140.exe

03/04/2010 22:13 542168 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe
16/04/2010 07:37 0 \RP405\A0086151.exe

04/04/2010 00:41 5713920 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AGM.dll
16/04/2010 07:37 0 \RP405\A0086141.dll

03/04/2010 20:43 103864 c:\arquivos de programas\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
16/04/2010 07:37 0 \RP405\A0086132.dll

03/04/2010 20:43 103864 c:\arquivos de programas\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
16/04/2010 07:37 0 \RP405\A0086133.dll

04/04/2010 02:13 2433024 c:\arquivos de programas\Adobe\Reader 9.0\Reader\CoolType.dll
16/04/2010 07:37 0 \RP405\A0086142.dll

04/04/2010 01:03 99776 c:\arquivos de programas\Adobe\Reader 9.0\Reader\Eula.exe
16/04/2010 07:37 0 \RP405\A0086152.exe

16/03/2010 15:26 684032 c:\arquivos de programas\Adobe\Reader 9.0\Reader\JP2KLib.dll
16/04/2010 07:37 0 \RP405\A0086143.dll

03/04/2010 22:13 79280 c:\arquivos de programas\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll
16/04/2010 07:37 0 \RP405\A0086144.dll

03/04/2010 22:13 116168 c:\arquivos de programas\Adobe\Reader 9.0\Reader\PDFPrevHndlrShim.exe
16/04/2010 07:37 0 \RP405\A0086145.exe

04/04/2010 02:42 36272 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
16/04/2010 07:37 0 \RP405\A0086146.exe

03/04/2010 20:38 2405784 c:\arquivos de programas\Adobe\Reader 9.0\Reader\rt3d.dll
16/04/2010 07:37 0 \RP405\A0086149.dll

03/04/2010 22:13 16832 c:\arquivos de programas\Adobe\Reader 9.0\Reader\ViewerPS.dll
16/04/2010 07:37 0 \RP405\A0086147.dll

26/02/2010 07:28 628912 c:\arquivos de programas\Apoio\Visualg Versão 2\unins000.exe
18/04/2009 16:00 628912 \RP351\A0080997.exe

24/03/2005 11:56 1172992 c:\arquivos de programas\Apoio\Visualg Versão 2\visualg.exe
24/03/2005 11:56 1172992 \RP351\A0080995.exe

03/04/2010 20:36 61888 c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
16/04/2010 07:37 0 \RP405\A0086129.dll

03/04/2010 20:36 75200 c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
16/04/2010 07:37 0 \RP405\A0086150.dll

03/04/2010 20:22 660912 c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroPDF.dll
16/04/2010 07:37 0 \RP405\A0086130.dll

03/04/2010 20:45 378264 c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\pdfshell.dll
16/04/2010 07:37 0 \RP405\A0086131.dll

24/03/2010 15:17 326056 c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AcrobatUpdater.exe
11/12/2009 15:57 326056 \RP405\A0086126.exe

24/03/2010 15:17 952768 c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
11/12/2009 15:57 948672 \RP405\A0086125.exe

24/03/2010 15:17 70584 c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeExtractFiles.dll
11/12/2009 15:57 70584 \RP405\A0086128.dll

24/03/2010 15:17 326056 c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\ReaderUpdater.exe
11/12/2009 15:57 326056 \RP405\A0086127.exe

c:\arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\ctor.dll
05/09/2001 20:18 77824 \RP400\A0085493.dll

c:\arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\IKernel.exe
24/02/2004 03:13 614532 \RP400\A0085489.exe

c:\arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\iuser.dll
05/09/2001 20:14 176128 \RP400\A0085491.dll

c:\arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\objectps.dll
05/09/2001 20:13 32768 \RP400\A0085492.dll

c:\arquivos de programas\Arquivos comuns\InstallShield\IScript\iscript.dll
05/09/2001 20:18 225280 \RP400\A0085490.dll

c:\arquivos de programas\Cheat Engine\CEHook.dll
28/05/2008 02:13 515584 \RP380\A0083102.dll

c:\arquivos de programas\Cheat Engine\ceregreset.exe
11/01/2009 07:34 89088 \RP380\A0083096.exe

c:\arquivos de programas\Cheat Engine\Cheat Engine.exe
30/01/2009 23:53 3176960 \RP380\A0083103.exe

c:\arquivos de programas\Cheat Engine\dbk32.dll
26/12/2008 22:11 120832 \RP380\A0083094.dll

c:\arquivos de programas\Cheat Engine\dbk32.sys
27/01/2009 18:43 36096 \RP380\A0083093.sys

c:\arquivos de programas\Cheat Engine\dxhook.dll
23/11/2008 03:54 431616 \RP380\A0083100.dll

c:\arquivos de programas\Cheat Engine\EmptyDLL.exe
27/12/2007 05:45 13824 \RP380\A0083091.exe

c:\arquivos de programas\Cheat Engine\EmptyProcess.exe
27/12/2007 05:46 39424 \RP380\A0083092.exe

c:\arquivos de programas\Cheat Engine\Kernelmoduleunloader.exe
27/12/2007 05:47 46080 \RP380\A0083095.exe

c:\arquivos de programas\Cheat Engine\Plugins\DebugEventLog\DebugEventLog.dll
14/01/2009 04:14 476160 \RP380\A0083079.dll

c:\arquivos de programas\Cheat Engine\Plugins\example-c\example-c.dll
14/01/2009 04:12 65536 \RP380\A0083086.dll

c:\arquivos de programas\Cheat Engine\Plugins\example-delphi\exampleplugin.dll
14/01/2009 04:14 367616 \RP380\A0083085.dll

c:\arquivos de programas\Cheat Engine\Plugins\example packet editor\inject\cepe.dll
14/01/2009 04:14 532992 \RP380\A0083082.dll

c:\arquivos de programas\Cheat Engine\Plugins\example packet editor\packeteditor.dll
14/01/2009 21:48 369664 \RP380\A0083083.dll

c:\arquivos de programas\Cheat Engine\pscan.dll
16/01/2009 06:50 548864 \RP380\A0083099.dll

c:\arquivos de programas\Cheat Engine\speedhack.dll
23/08/2008 03:22 88064 \RP380\A0083101.dll

c:\arquivos de programas\Cheat Engine\stealth.dll
27/12/2007 05:46 96256 \RP380\A0083088.dll

c:\arquivos de programas\Cheat Engine\Systemcallretriever.exe
27/12/2007 20:29 573440 \RP380\A0083090.exe

c:\arquivos de programas\Cheat Engine\systemcallsignal.exe
15/03/2008 13:21 16384 \RP380\A0083089.exe

c:\arquivos de programas\Cheat Engine\Tutorial.exe
14/01/2009 21:03 470016 \RP380\A0083087.exe

c:\arquivos de programas\Cheat Engine\ucc12.dll
27/12/2007 05:54 618496 \RP380\A0083076.dll

c:\arquivos de programas\Cheat Engine\undercdll.dll
27/12/2007 05:55 90112 \RP380\A0083075.dll

c:\arquivos de programas\Cheat Engine\unins000.exe
24/05/2009 22:20 691481 \RP380\A0083104.exe

c:\arquivos de programas\Cool MP4 To 3GP Converter\Cool MP4 To 3GP Converter.exe
14/06/2009 17:43 159232 \RP380\A0083106.exe

c:\arquivos de programas\Cool MP4 To 3GP Converter\ffmpeg.exe
13/01/2009 10:51 9079808 \RP380\A0083105.exe

c:\arquivos de programas\Cool MP4 To 3GP Converter\unins000.exe
08/03/2010 19:01 707354 \RP380\A0083107.exe

c:\arquivos de programas\Google\Update\1.2.183.17\GoogleCrashHandler.exe
28/02/2010 23:22 135664 \RP373\A0082545.exe

c:\arquivos de programas\Google\Update\1.2.183.17\GoogleUpdate.exe
28/02/2010 23:22 135664 \RP373\A0082546.exe

c:\arquivos de programas\Google\Update\1.2.183.17\goopdate.dll
28/02/2010 23:22 683504 \RP373\A0082548.dll

c:\arquivos de programas\Google\Update\1.2.183.17\GoopdateBho.dll
28/02/2010 23:22 138736 \RP373\A0082549.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ar.dll
28/02/2010 23:22 25584 \RP373\A0082550.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_bg.dll
28/02/2010 23:22 29168 \RP373\A0082551.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_bn.dll
28/02/2010 23:22 27632 \RP373\A0082552.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ca.dll
28/02/2010 23:22 28656 \RP373\A0082553.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_cs.dll
28/02/2010 23:22 27632 \RP373\A0082554.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_da.dll
28/02/2010 23:22 27632 \RP373\A0082555.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_de.dll
28/02/2010 23:22 29168 \RP373\A0082556.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_el.dll
28/02/2010 23:22 29680 \RP373\A0082557.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_en-GB.dll
28/02/2010 23:22 26608 \RP373\A0082558.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_en.dll
28/02/2010 23:22 26608 \RP373\A0082559.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_es-419.dll
28/02/2010 23:22 28144 \RP373\A0082560.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_es.dll
28/02/2010 23:22 29680 \RP373\A0082561.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_et.dll
28/02/2010 23:22 27632 \RP373\A0082562.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_fa.dll
28/02/2010 23:22 26096 \RP373\A0082563.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_fi.dll
28/02/2010 23:22 27632 \RP373\A0082564.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_fil.dll
28/02/2010 23:22 29168 \RP373\A0082565.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_fr.dll
28/02/2010 23:22 29168 \RP373\A0082566.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_gu.dll
28/02/2010 23:22 27632 \RP373\A0082567.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_hi.dll
28/02/2010 23:22 27632 \RP373\A0082568.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_hr.dll
28/02/2010 23:22 28144 \RP373\A0082569.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_hu.dll
28/02/2010 23:22 28656 \RP373\A0082570.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_id.dll
28/02/2010 23:22 27120 \RP373\A0082571.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_is.dll
28/02/2010 23:22 27120 \RP373\A0082572.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_it.dll
28/02/2010 23:22 28656 \RP373\A0082573.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_iw.dll
28/02/2010 23:22 25072 \RP373\A0082574.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ja.dll
28/02/2010 23:22 23536 \RP373\A0082575.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_kn.dll
28/02/2010 23:22 27120 \RP373\A0082576.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ko.dll
28/02/2010 23:22 23024 \RP373\A0082577.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_lt.dll
28/02/2010 23:22 27120 \RP373\A0082578.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_lv.dll
28/02/2010 23:22 28144 \RP373\A0082579.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ml.dll
28/02/2010 23:22 30192 \RP373\A0082580.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_mr.dll
28/02/2010 23:22 27120 \RP373\A0082581.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ms.dll
28/02/2010 23:22 27632 \RP373\A0082582.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_nl.dll
28/02/2010 23:22 28656 \RP373\A0082583.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_no.dll
28/02/2010 23:22 28144 \RP373\A0082584.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_or.dll
28/02/2010 23:22 28144 \RP373\A0082585.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_pl.dll
28/02/2010 23:22 28656 \RP373\A0082586.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_pt-BR.dll
28/02/2010 23:22 28144 \RP373\A0082587.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_pt-PT.dll
28/02/2010 23:22 28144 \RP373\A0082588.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ro.dll
28/02/2010 23:22 28656 \RP373\A0082589.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ru.dll
28/02/2010 23:22 27120 \RP373\A0082590.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_sk.dll
28/02/2010 23:22 28144 \RP373\A0082591.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_sl.dll
28/02/2010 23:22 28144 \RP373\A0082592.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_sr.dll
28/02/2010 23:22 28144 \RP373\A0082593.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_sv.dll
28/02/2010 23:22 27120 \RP373\A0082594.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ta.dll
28/02/2010 23:22 28656 \RP373\A0082595.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_te.dll
28/02/2010 23:22 28144 \RP373\A0082596.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_th.dll
28/02/2010 23:22 26608 \RP373\A0082597.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_tr.dll
28/02/2010 23:22 28144 \RP373\A0082598.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_uk.dll
28/02/2010 23:22 27632 \RP373\A0082599.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_ur.dll
28/02/2010 23:22 27632 \RP373\A0082600.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_vi.dll
28/02/2010 23:22 27120 \RP373\A0082601.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_zh-CN.dll
28/02/2010 23:22 20976 \RP373\A0082602.dll

c:\arquivos de programas\Google\Update\1.2.183.17\goopdateres_zh-TW.dll
28/02/2010 23:22 20976 \RP373\A0082603.dll

c:\arquivos de programas\Google\Update\1.2.183.17\npGoogleOneClick8.dll
28/02/2010 23:22 220656 \RP373\A0082604.dll

c:\arquivos de programas\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\_Setup.dll
27/04/2007 08:06 332744 \RP352\A0081083.dll

c:\arquivos de programas\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\ISSetup.dll
06/07/2009 12:39 541008 \RP352\A0081082.dll

c:\arquivos de programas\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\setup.exe
06/07/2009 12:39 378192 \RP352\A0081084.exe

c:\arquivos de programas\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\_Setup.dll
08/02/2010 08:10 332744 \RP417\A0087027.dll

c:\arquivos de programas\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\ISSetup.dll
08/02/2010 08:07 535552 \RP417\A0087026.dll

c:\arquivos de programas\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe
08/02/2010 08:10 377480 \RP417\A0087028.exe

c:\arquivos de programas\InstallShield Installation Information\{BF6B8270-CFDB-43B8-ABEC-8FA73A489590}\Setup.exe
11/04/2001 18:28 54784 \RP400\A0085487.exe

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin.dll
10/02/2010 12:09 159744 \RP428\A0088183.dll

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin2.dll
10/02/2010 12:09 159744 \RP428\A0088187.dll

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin3.dll
10/02/2010 12:09 159744 \RP428\A0088191.dll

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin4.dll
10/02/2010 12:09 159744 \RP428\A0088195.dll

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin5.dll
10/02/2010 12:09 159744 \RP428\A0088199.dll

11/05/2010 12:29 159744 c:\arquivos de programas\Internet Explorer\PLUGINS\npqtplugin6.dll
10/02/2010 12:09 159744 \RP428\A0088203.dll

12/04/2010 17:28 1208320 c:\arquivos de programas\Java\jre6\bin\awt.dll
26/01/2010 07:37 1208320 \RP391\A0084428.dll
09/03/2010 04:27 1208320 \RP428\A0087988.dll

12/04/2010 17:28 114688 c:\arquivos de programas\Java\jre6\bin\axbridge.dll
26/01/2010 07:37 114688 \RP391\A0084429.dll
09/03/2010 04:27 114688 \RP428\A0087989.dll

12/04/2010 17:29 2641920 c:\arquivos de programas\Java\jre6\bin\client\jvm.dll
26/01/2010 07:37 2641920 \RP391\A0084472.dll
09/03/2010 04:28 2641920 \RP428\A0088032.dll

12/04/2010 17:28 192512 c:\arquivos de programas\Java\jre6\bin\cmm.dll
26/01/2010 07:37 192512 \RP391\A0084430.dll
09/03/2010 04:27 192512 \RP428\A0087990.dll

12/04/2010 17:28 143360 c:\arquivos de programas\Java\jre6\bin\dcpr.dll
26/01/2010 07:37 143360 \RP391\A0084431.dll
09/03/2010 04:27 143360 \RP428\A0087991.dll

12/04/2010 17:28 77824 c:\arquivos de programas\Java\jre6\bin\deploy.dll
26/01/2010 07:37 77824 \RP391\A0084432.dll
09/03/2010 04:27 77824 \RP428\A0087992.dll

c:\arquivos de programas\Java\jre6\bin\deploytk.dll
26/01/2010 07:37 411368 \RP391\A0084433.dll
09/03/2010 04:28 411368 \RP428\A0087993.dll

12/04/2010 17:28 16896 c:\arquivos de programas\Java\jre6\bin\dt_shmem.dll
26/01/2010 07:37 16896 \RP391\A0084434.dll
09/03/2010 04:27 16896 \RP428\A0087994.dll

12/04/2010 17:28 13312 c:\arquivos de programas\Java\jre6\bin\dt_socket.dll
26/01/2010 07:37 13312 \RP391\A0084435.dll
09/03/2010 04:27 13312 \RP428\A0087995.dll

12/04/2010 17:28 69632 c:\arquivos de programas\Java\jre6\bin\eula.dll
26/01/2010 07:37 69632 \RP391\A0084436.dll
09/03/2010 04:27 69632 \RP428\A0087996.dll

12/04/2010 17:28 339968 c:\arquivos de programas\Java\jre6\bin\fontmanager.dll

.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{14f0d511-36a2-41ca-ae01-ba4f87282c97}"= "c:\arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll" [2008-09-17 1275176]

[HKEY_CLASSES_ROOT\clsid\{14f0d511-36a2-41ca-ae01-ba4f87282c97}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{8613efdf-b530-4b1d-b970-b09f99977813}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840]
"AlcoholAutomount"="c:\arquivos de programas\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\arquivos de programas\Winamp\winampa.exe" [2010-01-13 37888]
"OrderReminder"="c:\arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-07-21 98304]
"RivaTunerStartupDaemon"="c:\arquivos de programas\RivaTuner v2.24\RivaTuner.exe" [2009-02-25 2781184]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-08-13 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SoundMAXPnP"="c:\arquivos de programas\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"LogMeIn Hamachi Ui"="c:\arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-04-28 142120]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Tio Zaca Da uma doze\Menu Iniciar\Programas\Inicializar\
Adobe Gamma.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Microsoft Office.lnk - c:\arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0rmslt.nt\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Tio Zaca Da uma doze^Menu Iniciar^Programas^Inicializar^Xfire.lnk]
path=c:\documents and settings\Tio Zaca Da uma doze\Menu Iniciar\Programas\Inicializar\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 18:10 271360 ----a-w- c:\arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\EA Games\\Battlefield 2\\BF2.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Steam\\steamapps\\gonstavo\\team fortress 2\\hl2.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"d:\\Steam\\steamapps\\digulopes\\counter-strike source\\hl2.exe"=
"c:\\Arquivos de programas\\Valve\\hl.exe"=
"c:\\Arquivos de programas\\Xfire\\Xfire.exe"=
"d:\\Steam\\steamapps\\gonstavo\\counter-strike\\hl.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office10\\OSA.EXE"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"e:\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"d:\\Steam\\Steam.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"d:\\Steam\\steamapps\\common\\killingfloor\\System\\KillingFloor.exe"=
"d:\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/03/2010 11:18 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/04/2009 16:04 721904]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [09/12/2008 20:10 24636]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\arquivos de programas\LogMeIn Hamachi\hamachi-2.exe [30/03/2010 11:16 1107336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe [05/02/2010 06:03 1285864]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 07:06 21632]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe" --> c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [28/02/2010 23:22 135664]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
Conteúdo da pasta 'Tarefas Agendadas'

2010-05-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\arquivos de programas\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-05 14:18]

2010-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2009-10-22 14:50]

2010-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-03-01 02:22]

2010-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-03-01 02:22]
.
.
------- Scan Suplementar -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &SHOUTcast Search - c:\documents and settings\All Users\Dados de aplicativos\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download All by FlashGet - c:\arquivos de programas\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\arquivos de programas\FlashGet\jc_link.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {DF73D593-46FE-447A-94D5-B7975EC72875} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\arquivos de programas\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
FF - component: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll
FF - plugin: c:\arquivos de programas\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\Tio Zaca Da uma doze\Dados de aplicativos\Mozilla\Firefox\Profiles\cnespixf.default\extensions\justintvpublisher@justin.tv\platform\WINNT_x86-msvc\plugins\npjustintvpublish.dll

---- FIREFOX POLICIES ----

FF - user.js: browser.sessionstore.resume_from_crash - false
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-13 08:20
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spsf.sys >>UNKNOWN [0x89E04938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb810cf28
\Driver\ACPI -> ACPI.sys @ 0xb7e66cb8
\Driver\atapi -> atapi.sys @ 0xb7dfbb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7d04bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cf3a0d
SendHandler -> NDIS.sys @ 0xb7d07b40
user & kernel MBR OK

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-527237240-1957994488-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AD77666B-FA90-77A8-11AD-BCCEC2EC1BFA}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(3664)
c:\windows\system32\WPDShServiceObj.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\arquivos de programas\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_por-br.nlr
c:\arquivos de programas\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\arquivos de programas\Bonjour\mDNSResponder.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\arquivos de programas\iPod\bin\iPodService.exe
c:\arquivos de programas\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-05-13 08:26:59 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-05-13 11:26
ComboFix2.txt 2010-05-11 20:25

Pré-execução: 19 pasta(s) 33.736.355.840 bytes disponíveis
Pós execução: 20 pasta(s) 33.702.961.152 bytes disponíveis

- - End Of File - - 0D1519BF4380C40537F155B83DE55D87

Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:03:48, on 13/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Winamp\winampa.exe
C:\Arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWTray.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\ARQUIV~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\ARQUIV~1\FlashGet\getflash.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll
O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Arquivos de programas\SHOUTcast Radio Toolbar\shoutcasttb.dll
O4 - HKLM\..\Run: [OrderReminder] C:\Arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Dados de aplicativos\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240103179468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240143670187
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF73D593-46FE-447A-94D5-B7975EC72875}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{30693CC6-D75D-4988-9967-2E8CA9BA5521}: NameServer = 200.185.6.131,200.185.6.163
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9916 bytes

Remoção de vírus

Malware Removal

Hungry Member

Well-Known Member

Malware Removal

Well-Known Member

✮ ✮ ✮ ✮ ✮

Usuário, Grand Siena Attr

Usuário, Grand Siena Attr

Usuário, Grand Siena Attr

Usuário, Grand Siena Attr

Usuário, Grand Siena Attr

Usuário, Grand Siena Attr

JazM

Malware Removal

✮ ✮ ✮ ✮ ✮

Ou não

Usuário, Grand Siena Attr

Malware Removal

Willian Defante

Usuário, Grand Siena Attr

New Member

Member

Member

Usuário

✮ ✮ ✮ ✮ ✮

Users who are viewing this thread