Trojan.GameThief.Magania.adxx
Trojan.Downloades.Agent.lss
Rodando o AVG 8.0 (estava com ele até agora pouco.... tinha formatado o pc e ainda não tinha colocado o KIS) ele detectou outro virus, o qual não me recordo o nome (Trojan.Generic12 ou algo assim) e removi para a quarentena.
instalei o kaspersky e o mesmo se comportava de forma estranha/lenta/travando.
decidi passar o AVG novamente e o mesmo encontrou esse Trojan.Generic12 no arquivo avp.exe (o kaspersky!!!!)
agora não consigo remover o virus, nada funciona! alguem me ajuda?
OBS:estou tentando fazer o kaspersky funcionar, qualquer novidade edito.
segue log do Spyware Terminator, antes de eu instalar o kaspersy(eu acho)
QUOTE
Logfile of Spyware Terminator v2.5.1.028 (db:3.002.027.000)
Scan Time: 28/02/2009 13:12:15 length: 1675 s
Platform: VISTA (6.0.0.6001)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 89690 (Critical:3)
Filter: No System items, No Safe items, No Invalid items
Running Processes
nvvsvc.exe [NVIDIA Corporation] : C:\Windows\system32\nvvsvc.exe
SeaPort.exe [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
VideoAcceleratorService.exe [Speedbit Ltd.] : C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
aaCenter.exe : C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
VideoAcceleratorEngine.exe [Speedbit Ltd.] : C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
smax4pnp.exe [Analog Devices, Inc.] : C:\Program Files\Analog Devices\Core\smax4pnp.exe
taskmgr.exe : C:\Windows\taskmgr.exe
msnmsgr.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
GoogleToolbarNotifier.exe [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
wltuser.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - [BitComet] : C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
Toolbars
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, msnmsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, swg : [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RivaTunerStartupDaemon : : C:\Program Files\RIVATUNER V2.22\RIVATUNERWRAPPER.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SoundMAXPnP : [Analog Devices, Inc.] : C:\Program Files\Analog Devices\Core\smax4pnp.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft App : : C:\Windows\SYSTEM\spoolsv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gerenciador de Tarefas do Windows : : C:\Windows\taskmgr.exe
Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - [Alexander Roshal] : C:\Program Files\WinRAR\rarext.dll
Microsoft Office OneNote Namespace Extension for Windows Desktop Search - {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Analog Devices, Inc.] : C:\Windows\system32\drivers\ADIHdAud.sys
23 - : C:\Windows\system32\drivers\AsIO.sys
23 - : C:\Windows\system32\DRIVERS\ASACPI.sys
23 - [NVIDIA Corporation] : C:\Windows\system32\DRIVERS\nvlddmkm.sys
23 - [NVIDIA Corporation] : C:\Windows\system32\nvvsvc.exe
23 - : C:\Program Files\RivaTuner v2.22\RivaTuner32.sys
23 - [Realtek Corporation] : C:\Windows\system32\DRIVERS\Rtlh86.sys
23 - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [Crawler.com] : C:\Windows\system32\drivers\sp_rsdrv2.sys
Threat Files
<Trojan.GameThief.Magania.adxx> : C:\Program Files\WinRAR\Default.SFX
<Trojan.Downloader.Agent.lss> : C:\Users\MasterVorax\Downloads\PowerHEXSetup.exe
<Trojan.Downloader.Agent.lss> : C:\Windows.old\Documents and Settings\MasterVorax\Downloads\PowerHEXSetup.exe
Advanced Files Report
%PROGRAMFILES%\SpeedBit Video Accelerator\sblsp.dll [Speedbit Ltd.] [sblsp] MD5=BB58FB56A6F54F5D31012595B91A5469 SIZE=231008
%PROGRAMFILES%\SpeedBit Video Accelerator\ConfigDB.dll [Speedbit Ltd.] [ConfigDB] MD5=08DBE154EA139110E0561DB2AEEDE667 SIZE=194144
%PROGRAMFILES%\SpeedBit Video Accelerator\Accelerator.dll [Speedbit Ltd.] [Speedbit Accelerator] MD5=93A72BF6B8C4B5C638049A9FCB5FB3DB SIZE=1554024
%PROGRAMFILES%\SpeedBit Video Accelerator\CommPipe.dll [Speedbit Ltd.] [CommPipe] MD5=959E931A49D4CD683F45877E3B12DB21 SIZE=276072
%PROGRAMFILES%\SpeedBit Video Accelerator\Collector.dll [Speedbit Ltd.] [Speedbit Collector] MD5=37D182FB6572BFEC1154A8CA95BD8263 SIZE=206440
%SYSDIR%\nvvsvc.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 181.22] MD5=B98BF2D4BD41B61BD0C2DEF6FB89EF71 SIZE=207392
%SYSDIR%\AEADIAPO.dll [Andrea Electronics Corporation] [Capture LFX Filters (32-bit)] MD5=D22CFAC2C2E74CE080356EAAFDF8F3C0 SIZE=119808
%SYSDIR%\NVSVC.DLL [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 181.22] MD5=EA553D3334A841436F49A26D6F8A75BD SIZE=641568
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=B6D485AA871E93B3A08602906149E71D SIZE=663552
%PROGRAMFILES%\AVG\AVG8\avgamnot.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=7AE5DD84DB8787FF42E33AA48C8CB55D SIZE=270616
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corp.] [Microsoft Search Enhancement Pack] MD5=D358E077A0A05D9B12DA22D137EE8464 SIZE=226656
%PROGRAMFILES%\SpeedBit Video Accelerator\VideoAcceleratorService.exe [Speedbit Ltd.] [SpeedBit Video Accelerator Service] MD5=4BE6B4D0DB1E5A8167066C9E2F4F2764 SIZE=288368
%SYSDIR%\nvd3dum.dll [NVIDIA Corporation] [NVIDIA Windows Vista WDDM driver] MD5=2AF7D390F49A0C26D6EF2F2F0D0A85D8 SIZE=6070272
%PROGRAMFILES%\ASUS\AASP\1.00.32\aaCenter.exe MD5=9B8FEBDB9D6D2A19A985C45F9FD7D83D SIZE=603648
%SYSDIR%\AsIO.dll [AsIO Dynamic Link Library] MD5=212F87EE837B4E35E43A93BBFC44E7A7 SIZE=24576
%PROGRAMFILES%\ASUS\AASP\1.00.32\PowerDll.dll MD5=5BCCC840813C6D10062DCBB0C08A7394 SIZE=204851
%PROGRAMFILES%\ASUS\AASP\1.00.32\cpuutil.dll MD5=321E8C768F9A77D056A8DE8BBF74CAAA SIZE=102400
%PROGRAMFILES%\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe [Speedbit Ltd.] [SpeedBit Stream Accelerator Engine] MD5=BA893C5AB87CF065F1E2CB2937D8FE57 SIZE=124536
%PROGRAMFILES%\Analog Devices\Core\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=9E587980BA48F6157C939CAB0D4C152E SIZE=462848
%PROGRAMFILES%\Google\GoogleToolbarNotifier\1.2.911.3380\res_pt-BR.dll [Google Inc.] [GoogleToolbarNotifier] MD5=223A8AEBB8ABA2A3812425E5C2CA16C6 SIZE=47616
%PROGRAMFILES%\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\PNRComponent.dll [Softomate] [Softomate PNRComponent] MD5=64AC9FB5653FBDEE928ABD20D02FE217 SIZE=225280
%PROGRAMFILES%\AVG\AVG8\Firefox\components\avgssff.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=22FC736FB16896E9B71D7CBB3EE4F9AB SIZE=1045784
%SYSDIR%\Macromed\Flash\NPSWF32.dll [Adobe Systems, Inc.] [Shockwave Flash] MD5=58F41CA8F9C2014709F9547B2B81A468 SIZE=3695008
%PROGRAMFILES%\Windows Live\Toolbar\wltuser.exe [Microsoft Corporation] [Windows Live Toolbar] MD5=731F05B5C01B3CA9B813561C0B90E722 SIZE=224632
%PROGRAMFILES%\WinRAR\rarext.dll [Alexander Roshal] [WinRAR] MD5=D6FB20EEB79D277B6AD8EFCEDB0AD010 SIZE=132608
%PROGRAMFILES%\Microsoft Office\Office12\ONFILTER.DLL [Microsoft Corporation] [Microsoft Office OneNote] MD5=23CD837C3E94BAF99C0B327C660D1DA6 SIZE=74800
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=59A5278FE5651900DBD5762E604E7545 SIZE=791392
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=3B52BE4CAC867A0A7E402AB00712D2D0 SIZE=231304
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=38E8F4ADC13A4634E6EB73AA384B793A SIZE=43912
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live® Galeria de Fotos] MD5=A50FE7EFAA0569722B75086CF5E87518 SIZE=139128
%SYSDIR%\drivers\ADIHdAud.sys [Analog Devices, Inc.] [SoundMAX Digital HD Audio Driver] MD5=B01A51996A3251023A5FD19FC88F5057 SIZE=318464
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\drivers\AsIO.sys MD5=663F2FB92608073824EE3106886120F3 SIZE=12664
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\DRIVERS\ASACPI.sys [ATK0110 ACPI Utility] MD5=DCDAAB8697A47894A554050CE18D0B56 SIZE=7680
%SYSDIR%\DRIVERS\nvlddmkm.sys [NVIDIA Corporation] [NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 181.22] MD5=0013F8CF1322487FB247EAE56EF0ED90 SIZE=7740320
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%PROGRAMFILES%\RivaTuner v2.22\RivaTuner32.sys MD5=C0C8909BE3ECC9DF8089112BF9BE954E SIZE=9088
%SYSDIR%\svchost.exe -k rpcss
%SYSDIR%\DRIVERS\Rtlh86.sys [Realtek Corporation] [Realtek 8101/8168/8169 PCI/PCIe Adapters] MD5=283392AF1860ECDB5E0F8EBD7F3D72DF SIZE=44544
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\svchost.exe -k imgsvc
%SystemDiskRoot%\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm
%SYSDIR%\svchost.exe -k WerSvcGroup
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=4BE65CE9440542F617CDA4ECF8867FBF SIZE=62304
%COMMONFILES%\Microsoft Shared\GRPHFLT\CGMIMP32.FLT [Microsoft Corporation] [2007 Microsoft Office system] MD5=24D97CCF0CC953880C69A7E3F4187021 SIZE=290688
%COMMONFILES%\Microsoft Shared\MODI\12.0\BINDER.DLL [ScanSoft, Inc.] [ScanSoft API] MD5=623BFFC21F6258855673B751CC81E2DA SIZE=22936
%COMMONFILES%\Microsoft Shared\MODI\12.0\FORM.DLL [Tsinghua/Wintone and ScanSoft, Inc.] [Asian OCR for ScanSoft API] MD5=51B3711D0BC33C6BD9AD3461DC7551C4 SIZE=78728
%COMMONFILES%\Microsoft Shared\MODI\12.0\REVERSE.DLL [Tsinghua/Wintone and ScanSoft, Inc.] [Asian OCR for ScanSoft API] MD5=4EFF9C4F83DFCC7D902C588AF2CB4349 SIZE=22416
%COMMONFILES%\Microsoft Shared\MODI\12.0\THOCR.PSP [ScanSoft, Inc.] [ScanSoft API] MD5=FDD07C0A5B579645EFECBC304D9DA32B SIZE=190464
%COMMONFILES%\Microsoft Shared\OFFICE12\ACECORE.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=77B7089D98E0CFABBB2EE56B8579CF18 SIZE=1754536
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEES.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=9584476B8082C208B6206D9B5B810538 SIZE=193992
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODDBS.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=63D501D1AAF0B91BF66CF7DD203AC5D3 SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODEXL.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=6014430D5B1406BE794AA8FD6EE756C9 SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODTXT.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=E41A3724A30C92353FD9151A8F687DEC SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEPDE.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=3569A008EF6EA8A713E37C2AE508FFAF SIZE=394688
%COMMONFILES%\Microsoft Shared\OFFICE12\ACER2X.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=C9EA14E222E1193AD172838EE493D601 SIZE=263616
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEREP.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=9C82A5B565FFEB99F98F85370BF13124 SIZE=554440
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEWDAT.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=B574E857BA27BD814D4B1DCD76A8375B SIZE=826232
%COMMONFILES%\Microsoft Shared\OFFICE12\MSSH.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=7F8223AE42E47C9EAD7B1EDEE3806DEE SIZE=43832
%COMMONFILES%\Microsoft Shared\OFFICE12\MSSOAP30.DLL [Microsoft Corporation] [Microsoft Office Soap SDK] MD5=8E72F01D9B2C5F120486B3A8C5491D93 SIZE=507768
%COMMONFILES%\Microsoft Shared\OFFICE12\WISC30.DLL [Microsoft Corporation] [Microsoft Office Soap SDK 3.0] MD5=9E8A7DABAF456A67798929A4C4F06218 SIZE=123720
%COMMONFILES%\Microsoft Shared\PROOF\MSHY3ES.DLL [Spanish Hyphenation Engine] MD5=E6B933E95B55D65A64FB8AFF60FD42E9 SIZE=919696
%COMMONFILES%\Microsoft Shared\Smart Tag\FPERSON.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=F1D0AF8645A1B9AB82470F409F42CE6E SIZE=149816
%COMMONFILES%\System\Ole DB\msmgdsrv.dll [Microsoft Corporation] [Microsoft SQL Server Analysis Services] MD5=30982CC1E54A6D33C84010415289007F SIZE=6040432
%PROGRAMFILES%\Microsoft Office\Office12\CDLMSO.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=BA9EC8513C365E999FA1E9F823D2FA68 SIZE=402784
%PROGRAMFILES%\Microsoft Office\Office12\GREN50.OLB [Microsoft Corporation] [Microsoft Graph] MD5=998732254D8D7E19EB75083657756635 SIZE=57344
%PROGRAMFILES%\Microsoft Office\Office12\MSODCW.DLL [Microsoft Corporation] [Microsoft Office Disk Cleanup Wizard] MD5=AED71BD7CFE150290A53B8E3B6F3E0D1 SIZE=431456
%PROGRAMFILES%\Microsoft Office\Office12\NAME.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=1C7A4288196FE72EF9AB885CF047C67C SIZE=68464
%PROGRAMFILES%\Microsoft Office\Office12\OIS.EXE [Microsoft Corporation] [Microsoft Office Picture Manager] MD5=34331352E23FE6219F517C1709E63C61 SIZE=277384
%PROGRAMFILES%\Microsoft Office\Office12\VPREVIEW.EXE [Microsoft Corporation] [2007 Microsoft Office system] MD5=16110CC8422078F4707895CAAB470BFE SIZE=33080
%PROGRAMFILES%\Microsoft Office\Office12\VVIEWDWG.DLL [Microsoft Corporation] [Microsoft® Office Visio® 2007] MD5=46C669646C7BE721D1C73D08FC70772A SIZE=1846160
%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE [Microsoft Corporation] [2007 Microsoft Office system] MD5=511B945AB54355021ED0FE76E049FD8B SIZE=347488
%PROGRAMFILES%\Microsoft Office\Office12\XLCALL32.DLL [Microsoft Corporation] [Microsoft Office Excel] MD5=F1446D85469492DEEC3D4E91C7028911 SIZE=13368
%PROGRAMFILES%\Microsoft Office\Office12\nlsdata0000.dll [Microsoft Corporation] [Natural Language Components] MD5=4BE858FC7835BEFE6A5A6AB669805016 SIZE=1512304
%PROGRAMFILES%\Microsoft Works\ltkrn13n.dll [LEAD Technologies, Inc.] [LEADTOOLS® DLL for Win32] MD5=9F55BFD2C68DDD94F261B4E7A177042B SIZE=468568
End of Report
Scan Time: 28/02/2009 13:12:15 length: 1675 s
Platform: VISTA (6.0.0.6001)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 89690 (Critical:3)
Filter: No System items, No Safe items, No Invalid items
Running Processes
nvvsvc.exe [NVIDIA Corporation] : C:\Windows\system32\nvvsvc.exe
SeaPort.exe [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
VideoAcceleratorService.exe [Speedbit Ltd.] : C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
aaCenter.exe : C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
VideoAcceleratorEngine.exe [Speedbit Ltd.] : C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
smax4pnp.exe [Analog Devices, Inc.] : C:\Program Files\Analog Devices\Core\smax4pnp.exe
taskmgr.exe : C:\Windows\taskmgr.exe
msnmsgr.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
GoogleToolbarNotifier.exe [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
wltuser.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - [BitComet] : C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
Toolbars
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, msnmsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, swg : [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RivaTunerStartupDaemon : : C:\Program Files\RIVATUNER V2.22\RIVATUNERWRAPPER.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SoundMAXPnP : [Analog Devices, Inc.] : C:\Program Files\Analog Devices\Core\smax4pnp.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft App : : C:\Windows\SYSTEM\spoolsv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gerenciador de Tarefas do Windows : : C:\Windows\taskmgr.exe
Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - [Alexander Roshal] : C:\Program Files\WinRAR\rarext.dll
Microsoft Office OneNote Namespace Extension for Windows Desktop Search - {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Analog Devices, Inc.] : C:\Windows\system32\drivers\ADIHdAud.sys
23 - : C:\Windows\system32\drivers\AsIO.sys
23 - : C:\Windows\system32\DRIVERS\ASACPI.sys
23 - [NVIDIA Corporation] : C:\Windows\system32\DRIVERS\nvlddmkm.sys
23 - [NVIDIA Corporation] : C:\Windows\system32\nvvsvc.exe
23 - : C:\Program Files\RivaTuner v2.22\RivaTuner32.sys
23 - [Realtek Corporation] : C:\Windows\system32\DRIVERS\Rtlh86.sys
23 - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [Crawler.com] : C:\Windows\system32\drivers\sp_rsdrv2.sys
Threat Files
<Trojan.GameThief.Magania.adxx> : C:\Program Files\WinRAR\Default.SFX
<Trojan.Downloader.Agent.lss> : C:\Users\MasterVorax\Downloads\PowerHEXSetup.exe
<Trojan.Downloader.Agent.lss> : C:\Windows.old\Documents and Settings\MasterVorax\Downloads\PowerHEXSetup.exe
Advanced Files Report
%PROGRAMFILES%\SpeedBit Video Accelerator\sblsp.dll [Speedbit Ltd.] [sblsp] MD5=BB58FB56A6F54F5D31012595B91A5469 SIZE=231008
%PROGRAMFILES%\SpeedBit Video Accelerator\ConfigDB.dll [Speedbit Ltd.] [ConfigDB] MD5=08DBE154EA139110E0561DB2AEEDE667 SIZE=194144
%PROGRAMFILES%\SpeedBit Video Accelerator\Accelerator.dll [Speedbit Ltd.] [Speedbit Accelerator] MD5=93A72BF6B8C4B5C638049A9FCB5FB3DB SIZE=1554024
%PROGRAMFILES%\SpeedBit Video Accelerator\CommPipe.dll [Speedbit Ltd.] [CommPipe] MD5=959E931A49D4CD683F45877E3B12DB21 SIZE=276072
%PROGRAMFILES%\SpeedBit Video Accelerator\Collector.dll [Speedbit Ltd.] [Speedbit Collector] MD5=37D182FB6572BFEC1154A8CA95BD8263 SIZE=206440
%SYSDIR%\nvvsvc.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 181.22] MD5=B98BF2D4BD41B61BD0C2DEF6FB89EF71 SIZE=207392
%SYSDIR%\AEADIAPO.dll [Andrea Electronics Corporation] [Capture LFX Filters (32-bit)] MD5=D22CFAC2C2E74CE080356EAAFDF8F3C0 SIZE=119808
%SYSDIR%\NVSVC.DLL [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 181.22] MD5=EA553D3334A841436F49A26D6F8A75BD SIZE=641568
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=B6D485AA871E93B3A08602906149E71D SIZE=663552
%PROGRAMFILES%\AVG\AVG8\avgamnot.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=7AE5DD84DB8787FF42E33AA48C8CB55D SIZE=270616
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corp.] [Microsoft Search Enhancement Pack] MD5=D358E077A0A05D9B12DA22D137EE8464 SIZE=226656
%PROGRAMFILES%\SpeedBit Video Accelerator\VideoAcceleratorService.exe [Speedbit Ltd.] [SpeedBit Video Accelerator Service] MD5=4BE6B4D0DB1E5A8167066C9E2F4F2764 SIZE=288368
%SYSDIR%\nvd3dum.dll [NVIDIA Corporation] [NVIDIA Windows Vista WDDM driver] MD5=2AF7D390F49A0C26D6EF2F2F0D0A85D8 SIZE=6070272
%PROGRAMFILES%\ASUS\AASP\1.00.32\aaCenter.exe MD5=9B8FEBDB9D6D2A19A985C45F9FD7D83D SIZE=603648
%SYSDIR%\AsIO.dll [AsIO Dynamic Link Library] MD5=212F87EE837B4E35E43A93BBFC44E7A7 SIZE=24576
%PROGRAMFILES%\ASUS\AASP\1.00.32\PowerDll.dll MD5=5BCCC840813C6D10062DCBB0C08A7394 SIZE=204851
%PROGRAMFILES%\ASUS\AASP\1.00.32\cpuutil.dll MD5=321E8C768F9A77D056A8DE8BBF74CAAA SIZE=102400
%PROGRAMFILES%\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe [Speedbit Ltd.] [SpeedBit Stream Accelerator Engine] MD5=BA893C5AB87CF065F1E2CB2937D8FE57 SIZE=124536
%PROGRAMFILES%\Analog Devices\Core\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=9E587980BA48F6157C939CAB0D4C152E SIZE=462848
%PROGRAMFILES%\Google\GoogleToolbarNotifier\1.2.911.3380\res_pt-BR.dll [Google Inc.] [GoogleToolbarNotifier] MD5=223A8AEBB8ABA2A3812425E5C2CA16C6 SIZE=47616
%PROGRAMFILES%\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\PNRComponent.dll [Softomate] [Softomate PNRComponent] MD5=64AC9FB5653FBDEE928ABD20D02FE217 SIZE=225280
%PROGRAMFILES%\AVG\AVG8\Firefox\components\avgssff.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=22FC736FB16896E9B71D7CBB3EE4F9AB SIZE=1045784
%SYSDIR%\Macromed\Flash\NPSWF32.dll [Adobe Systems, Inc.] [Shockwave Flash] MD5=58F41CA8F9C2014709F9547B2B81A468 SIZE=3695008
%PROGRAMFILES%\Windows Live\Toolbar\wltuser.exe [Microsoft Corporation] [Windows Live Toolbar] MD5=731F05B5C01B3CA9B813561C0B90E722 SIZE=224632
%PROGRAMFILES%\WinRAR\rarext.dll [Alexander Roshal] [WinRAR] MD5=D6FB20EEB79D277B6AD8EFCEDB0AD010 SIZE=132608
%PROGRAMFILES%\Microsoft Office\Office12\ONFILTER.DLL [Microsoft Corporation] [Microsoft Office OneNote] MD5=23CD837C3E94BAF99C0B327C660D1DA6 SIZE=74800
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=59A5278FE5651900DBD5762E604E7545 SIZE=791392
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=3B52BE4CAC867A0A7E402AB00712D2D0 SIZE=231304
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=38E8F4ADC13A4634E6EB73AA384B793A SIZE=43912
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live® Galeria de Fotos] MD5=A50FE7EFAA0569722B75086CF5E87518 SIZE=139128
%SYSDIR%\drivers\ADIHdAud.sys [Analog Devices, Inc.] [SoundMAX Digital HD Audio Driver] MD5=B01A51996A3251023A5FD19FC88F5057 SIZE=318464
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\drivers\AsIO.sys MD5=663F2FB92608073824EE3106886120F3 SIZE=12664
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\DRIVERS\ASACPI.sys [ATK0110 ACPI Utility] MD5=DCDAAB8697A47894A554050CE18D0B56 SIZE=7680
%SYSDIR%\DRIVERS\nvlddmkm.sys [NVIDIA Corporation] [NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 181.22] MD5=0013F8CF1322487FB247EAE56EF0ED90 SIZE=7740320
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%PROGRAMFILES%\RivaTuner v2.22\RivaTuner32.sys MD5=C0C8909BE3ECC9DF8089112BF9BE954E SIZE=9088
%SYSDIR%\svchost.exe -k rpcss
%SYSDIR%\DRIVERS\Rtlh86.sys [Realtek Corporation] [Realtek 8101/8168/8169 PCI/PCIe Adapters] MD5=283392AF1860ECDB5E0F8EBD7F3D72DF SIZE=44544
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\svchost.exe -k imgsvc
%SystemDiskRoot%\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm
%SYSDIR%\svchost.exe -k WerSvcGroup
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=4BE65CE9440542F617CDA4ECF8867FBF SIZE=62304
%COMMONFILES%\Microsoft Shared\GRPHFLT\CGMIMP32.FLT [Microsoft Corporation] [2007 Microsoft Office system] MD5=24D97CCF0CC953880C69A7E3F4187021 SIZE=290688
%COMMONFILES%\Microsoft Shared\MODI\12.0\BINDER.DLL [ScanSoft, Inc.] [ScanSoft API] MD5=623BFFC21F6258855673B751CC81E2DA SIZE=22936
%COMMONFILES%\Microsoft Shared\MODI\12.0\FORM.DLL [Tsinghua/Wintone and ScanSoft, Inc.] [Asian OCR for ScanSoft API] MD5=51B3711D0BC33C6BD9AD3461DC7551C4 SIZE=78728
%COMMONFILES%\Microsoft Shared\MODI\12.0\REVERSE.DLL [Tsinghua/Wintone and ScanSoft, Inc.] [Asian OCR for ScanSoft API] MD5=4EFF9C4F83DFCC7D902C588AF2CB4349 SIZE=22416
%COMMONFILES%\Microsoft Shared\MODI\12.0\THOCR.PSP [ScanSoft, Inc.] [ScanSoft API] MD5=FDD07C0A5B579645EFECBC304D9DA32B SIZE=190464
%COMMONFILES%\Microsoft Shared\OFFICE12\ACECORE.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=77B7089D98E0CFABBB2EE56B8579CF18 SIZE=1754536
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEES.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=9584476B8082C208B6206D9B5B810538 SIZE=193992
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODDBS.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=63D501D1AAF0B91BF66CF7DD203AC5D3 SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODEXL.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=6014430D5B1406BE794AA8FD6EE756C9 SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEODTXT.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=E41A3724A30C92353FD9151A8F687DEC SIZE=17800
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEPDE.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=3569A008EF6EA8A713E37C2AE508FFAF SIZE=394688
%COMMONFILES%\Microsoft Shared\OFFICE12\ACER2X.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=C9EA14E222E1193AD172838EE493D601 SIZE=263616
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEREP.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=9C82A5B565FFEB99F98F85370BF13124 SIZE=554440
%COMMONFILES%\Microsoft Shared\OFFICE12\ACEWDAT.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=B574E857BA27BD814D4B1DCD76A8375B SIZE=826232
%COMMONFILES%\Microsoft Shared\OFFICE12\MSSH.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=7F8223AE42E47C9EAD7B1EDEE3806DEE SIZE=43832
%COMMONFILES%\Microsoft Shared\OFFICE12\MSSOAP30.DLL [Microsoft Corporation] [Microsoft Office Soap SDK] MD5=8E72F01D9B2C5F120486B3A8C5491D93 SIZE=507768
%COMMONFILES%\Microsoft Shared\OFFICE12\WISC30.DLL [Microsoft Corporation] [Microsoft Office Soap SDK 3.0] MD5=9E8A7DABAF456A67798929A4C4F06218 SIZE=123720
%COMMONFILES%\Microsoft Shared\PROOF\MSHY3ES.DLL [Spanish Hyphenation Engine] MD5=E6B933E95B55D65A64FB8AFF60FD42E9 SIZE=919696
%COMMONFILES%\Microsoft Shared\Smart Tag\FPERSON.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=F1D0AF8645A1B9AB82470F409F42CE6E SIZE=149816
%COMMONFILES%\System\Ole DB\msmgdsrv.dll [Microsoft Corporation] [Microsoft SQL Server Analysis Services] MD5=30982CC1E54A6D33C84010415289007F SIZE=6040432
%PROGRAMFILES%\Microsoft Office\Office12\CDLMSO.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=BA9EC8513C365E999FA1E9F823D2FA68 SIZE=402784
%PROGRAMFILES%\Microsoft Office\Office12\GREN50.OLB [Microsoft Corporation] [Microsoft Graph] MD5=998732254D8D7E19EB75083657756635 SIZE=57344
%PROGRAMFILES%\Microsoft Office\Office12\MSODCW.DLL [Microsoft Corporation] [Microsoft Office Disk Cleanup Wizard] MD5=AED71BD7CFE150290A53B8E3B6F3E0D1 SIZE=431456
%PROGRAMFILES%\Microsoft Office\Office12\NAME.DLL [Microsoft Corporation] [2007 Microsoft Office system] MD5=1C7A4288196FE72EF9AB885CF047C67C SIZE=68464
%PROGRAMFILES%\Microsoft Office\Office12\OIS.EXE [Microsoft Corporation] [Microsoft Office Picture Manager] MD5=34331352E23FE6219F517C1709E63C61 SIZE=277384
%PROGRAMFILES%\Microsoft Office\Office12\VPREVIEW.EXE [Microsoft Corporation] [2007 Microsoft Office system] MD5=16110CC8422078F4707895CAAB470BFE SIZE=33080
%PROGRAMFILES%\Microsoft Office\Office12\VVIEWDWG.DLL [Microsoft Corporation] [Microsoft® Office Visio® 2007] MD5=46C669646C7BE721D1C73D08FC70772A SIZE=1846160
%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE [Microsoft Corporation] [2007 Microsoft Office system] MD5=511B945AB54355021ED0FE76E049FD8B SIZE=347488
%PROGRAMFILES%\Microsoft Office\Office12\XLCALL32.DLL [Microsoft Corporation] [Microsoft Office Excel] MD5=F1446D85469492DEEC3D4E91C7028911 SIZE=13368
%PROGRAMFILES%\Microsoft Office\Office12\nlsdata0000.dll [Microsoft Corporation] [Natural Language Components] MD5=4BE858FC7835BEFE6A5A6AB669805016 SIZE=1512304
%PROGRAMFILES%\Microsoft Works\ltkrn13n.dll [LEAD Technologies, Inc.] [LEADTOOLS® DLL for Win32] MD5=9F55BFD2C68DDD94F261B4E7A177042B SIZE=468568
End of Report