adriano_010
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by adriano_010
-
-
Hello thanks for reading this i think im still infected by a virus because evertime i try too update my virusscanners avg 2012, norton 2012 and malwarebytes anti-malware i cant update too a newer update its gets blocked by something is what a think. With malwarebytes i get this code when i try too update: PROGRAM_ERROR_UPDATING (0, 0, I/O error) so i typed it in in google and read a couple of links and i came across this one: http://forums.malwarebytes.org/index.php?showtopic=103021 and i think that i got the same problem only i have internet so i should be able too update but i cant update. I hope that someone can help me out i have readed the steps to take too make this topic so i included :
- DDS.txt
- Attach.txt
- DDS.txt
I think im still infected by a virus
in Resolved Malware Removal Logs
Posted
hi thanks for your help by the way i have oninstalled the requested programs but i have a question i have oninstalled utorrent for now but i have too use it later for downloading torrents so i have too install it later on i hope this is not a problem?
I have a fresh jrt log and a fresh dds log and thanks for your help im waiting for your response maniac.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.5.5 (11.27.2012:2)
OS: Windows 7 Home Premium x64
Ran by Adilson Adriano Cruz on di 27-11-2012 at 13:03:37,59
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\abouturls\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] "hkey_current_user\software\conduit"
Successfully deleted: [Registry Key] "hkey_current_user\software\softonic"
Successfully deleted: [Registry Key] "hkey_local_machine\software\conduit"
~~~ Files
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Adilson Adriano Cruz\AppData\Roaming\mozilla\firefox\profiles\8c0wfocf.default\user.js
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 27-11-2012 at 13:08:35,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Adilson Adriano Cruz at 13:11:31 on 2012-11-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.5883.4003 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
G:\Samsung\Programs\Steam\Steam.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
G:\Samsung\Programs\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\explorer.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\RunDll32.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
uRun: [DS3 Tool] C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe -mini
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "G:\Samsung\Programs\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [steam] "G:\Samsung\Programs\Steam\steam.exe" -silent
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [PWRISOVM.EXE] G:\Samsung\Programs\PowerISO\PWRISOVM.EXE -startup
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
mRun: [Korean IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
mRun: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRunOnce: [b Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: &Verzenden naar OneNote - G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{015696A2-0A3A-4194-8346-B6123FC9C16D} : DHCPNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{A1D663C9-8492-48B8-B28E-EA8FB99818FA} : DHCPNameServer = 213.46.228.196 62.179.104.196
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
x64-Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
x64-Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\
FF - prefs.js: browser.startup.homepage - www.voetbalzone.nl
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Adilson Adriano Cruz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\player\npts.dll
FF - plugin: C:\Windows\System32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: G:\Samsung\Programs\Itunes\Mozilla Plugins\npitunes.dll
FF - plugin: G:\Windows7\Dingen\Programma's\Veetle\Player\npvlc.dll
FF - plugin: G:\Windows7\Dingen\Programma's\Veetle\plugins\npVeetle.dll
FF - ExtSQL: 2012-11-07 20:23; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-18 14:36; magicplayer@torrentstream.org; C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
FF - ExtSQL: !HIDDEN! 2011-06-20 00:48; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-11-1 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-16 202752]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-11-8 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-8 95760]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-24 32880]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2011-10-24 117520]
R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-1 38456]
S2 .1296206901;1296206901;C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe --> C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-11-1 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-1 39464]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-1 239136]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-1 295424]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-29 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-11-27 12:09:10 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8DC2AC3A-8317-4BB7-8991-C7AC5CD3A09B}\mpengine.dll
2012-11-27 12:03:34 -------- d-----w- C:\Windows\ERUNT
2012-11-27 12:03:13 -------- d-----w- C:\JRT
2012-11-27 11:18:49 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{FAC46DF1-7F75-498B-827E-E6D32A0B8BD6}
2012-11-26 19:17:06 9125352 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-26 10:05:03 -------- d-----w- C:\Program Files\CCleaner
2012-11-26 01:03:46 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3CFAA306-91F6-4DBB-B41F-7E3415C1A296}
2012-11-26 00:31:49 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{D81EABD7-3DAD-4D2F-8621-D0720F533C24}
2012-11-25 10:42:27 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{4C3A9282-23E1-410E-99D3-7A9066E12B39}
2012-11-25 10:39:08 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{8BF508F2-2D28-4538-8FC0-8E78A83B29BE}
2012-11-25 02:09:54 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3CBAF8C7-6F2E-4364-B69C-4071237B94DF}
2012-11-24 14:35:27 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3D52F71A-72F7-48A7-8ADD-B6939CACABF8}
2012-11-24 00:22:38 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{61D2213D-41F9-40E2-B66B-03D6F8DC53DF}
2012-11-23 11:09:59 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{49B5EDB6-CCDF-48AD-9880-DC9369A10D44}
2012-11-22 20:46:13 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{68F8E90E-019D-4841-A5C3-8BC496B57062}
2012-11-22 09:10:56 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{64D8DD3C-8FCD-4A3D-840C-D1C5ADD3124A}
2012-11-20 08:12:29 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{59885D1A-9571-4525-A2C3-FF3FB3E3F79C}
2012-11-19 09:55:44 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3D2F3195-C47F-4F35-87F6-45BECDB0FC7D}
2012-11-18 20:17:59 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{7E00D6B0-22F7-4AC3-872D-CB7140677CBF}
2012-11-18 13:24:33 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{CA95AC94-9017-44C1-8255-EDBF5DAE894B}
2012-11-18 12:57:22 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\.Torrent Stream
2012-11-18 12:55:45 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream
2012-11-18 12:44:24 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\PCStreams3
2012-11-18 12:44:24 -------- d-----w- C:\ProgramData\PCStreams
2012-11-18 12:39:34 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Downloaded Installations
2012-11-18 11:17:18 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{5A65E800-447D-4F9F-A239-D04307663A22}
2012-11-16 14:44:54 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3B9C356C-BC67-4315-B7C3-B9CCCDD4BE15}
2012-11-16 02:09:35 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
2012-11-16 02:09:34 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 02:09:34 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 02:09:34 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 01:52:02 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 01:52:02 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 01:51:59 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 01:51:59 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 01:51:55 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 01:51:54 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 01:51:54 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 00:51:54 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{8F710E87-9BED-4745-B6CA-673E75479012}
2012-11-15 21:54:03 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{35C63A98-F4E4-4D99-904D-9F5112D7F7F2}
2012-11-15 09:35:13 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{61835BB5-6ED6-4849-B6A8-375B8E9D876D}
2012-11-14 10:01:13 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{EBE9D1FB-7A9A-4689-B569-CB7DFC38B17C}
2012-11-13 18:25:04 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{5CBC0DC7-803C-463D-9D5A-B5CF3D7E1AC4}
2012-11-12 23:10:11 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{1B4AE37B-4523-4554-BDBD-C23BCC42A9F1}
2012-11-12 08:03:43 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{A3C37335-562B-468A-BB1B-C3B496C6C0D4}
2012-11-11 10:46:26 -------- d-----w- C:\N360_BACKUP
2012-11-11 10:34:39 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{0F5B53BD-0F34-4526-A225-5F9106651E49}
2012-11-10 10:06:18 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{28DCEED7-7449-484C-8BD8-ECB0BA95A5A2}
2012-11-09 14:36:34 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{03C59BBB-8307-4EA4-BCA3-CAE77DD869B2}
2012-11-09 08:05:12 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{3EC1AA7A-660D-4152-86B2-5234F7BCF974}
2012-11-08 21:40:35 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-11-08 21:39:42 -------- d-----w- C:\ProgramData\AMD
2012-11-08 21:39:31 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2012-11-08 21:39:14 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-11-08 21:36:42 95760 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2012-11-08 21:36:07 -------- d-----w- C:\Program Files\ATI Technologies
2012-11-08 21:05:11 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{62CC476A-8B20-4F69-A51B-527A24A3A67F}\gapaengine.dll
2012-11-08 21:02:27 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-11-08 21:02:19 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-11-08 18:22:42 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{6F877F06-9353-4492-AC29-42DBF1A961F2}
2012-11-08 08:20:01 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-11-08 08:20:01 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-11-08 08:20:00 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-11-08 08:20:00 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-11-08 08:19:53 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-11-07 19:00:59 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\AVG
2012-11-07 18:59:21 -------- d-----w- C:\ProgramData\AVG
2012-11-07 18:59:12 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2012-11-07 14:55:28 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\AVG2012
2012-11-07 14:32:54 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Malwarebytes
2012-11-07 14:31:15 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-07 14:31:11 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-07 14:15:18 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-11-07 14:15:18 -------- d-----w- C:\ProgramData\AVG2012
2012-11-07 14:11:05 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-11-07 14:11:05 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-11-07 14:06:06 -------- d-----w- C:\ProgramData\MFAData
2012-11-07 12:48:30 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{CC636BFF-84CE-461D-9733-17A1201D6417}
2012-11-07 11:57:22 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-07 11:57:17 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-11-07 11:57:15 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-11-07 11:57:15 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-11-07 11:57:15 2560480 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-11-07 11:57:15 192600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-11-07 11:57:15 124384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-11-07 11:57:15 115168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-11-07 11:56:11 -------- d-----w- C:\Windows\System32\SPReview
2012-11-07 11:55:07 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-07 11:52:40 -------- d-----w- C:\Windows\System32\EventProviders
2012-11-07 11:50:25 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{2409C9F9-2F4A-4115-8052-56284B245F46}
2012-11-06 23:54:28 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-11-06 23:51:37 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-11-06 23:23:42 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{22F2EBED-6F86-4C73-8CBE-6D4B094D49DB}
2012-11-06 23:21:40 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{9B0F3653-B927-427D-811B-75957DC5EB10}
2012-11-06 23:18:11 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{A4488F32-3415-453C-B308-6918C153109D}
2012-11-06 07:20:18 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{1CC720D4-2FB4-4D8B-AC6B-0DA688610EA4}
2012-11-03 23:13:35 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{33175B26-BDDE-4FD2-AF98-8D3BC617DBBC}
2012-11-03 09:28:33 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{1E8CF8B5-863C-42D5-8FDC-94C56ED7628F}
2012-11-01 20:17:36 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{F3CADA4D-A29E-4C84-BAB1-2D572DAA039A}
2012-10-31 23:12:40 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{DA951459-6487-4147-A068-A285CC18C1F0}
2012-10-31 10:59:01 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2012-10-31 10:16:20 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{F65D9BB5-3431-40B1-8720-22ECBCA0352B}
2012-10-30 08:45:59 4991496 ----a-w- C:\Windows\System32\D3DX9_38.dll
2012-10-30 08:01:25 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{C4017E34-D57D-4C23-B128-DE94978A3DD2}
2012-10-29 08:01:41 -------- d-----w- C:\Users\Adilson Adriano Cruz\AppData\Local\{7C00DFAE-BD07-46BE-B6F3-42CD32F20FA4}
.
==================== Find3M ====================
.
2012-11-07 13:50:36 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-07 13:50:36 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-07 12:19:18 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-11-07 12:19:18 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-23 16:50:42 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-23 16:50:42 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 21:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-30 21:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 13:12:15,08 ===============