OTScanIt logfile created on: 29/5/2009 23:40:08
OTScanIt by OldTimer - Version 1.0.19.0 Folder = C:\Documents and Settings\Paty\Desktop\OTScanIt
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000416 | Country: Brazil | Language: PTB | Date Format: d/M/yyyy
1013,88 Mb Total Physical Memory | 684,21 Mb Available Physical Memory | 67,49% Memory free
2,39 Gb Paging File | 2,15 Gb Available in Paging File | 90,16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142,05 Gb Total Space | 116,20 Gb Free Space | 81,80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OSWALDO
Current User Name: Paty
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
[Processes - Non-Microsoft Only]
rs_service.exe -> %ProgramFiles%\Acer\Acer VCM\RS_Service.exe -> Acer Incorporated [Ver = 4, 0, 3001, 8484 | Size = 237568 bytes | Modified Date = 5/2/2009 12:14:56 | Attr = ]
[Win32 Services - Non-Microsoft Only]
(RS_Service) Raw Socket Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Acer\Acer VCM\RS_Service.exe -> Acer Incorporated [Ver = 4, 0, 3001, 8484 | Size = 237568 bytes | Modified Date = 5/2/2009 12:14:56 | Attr = ]
[Driver Services - Non-Microsoft Only]
(Ambfilt) Ambfilt [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Ambfilt.sys -> Creative [Ver = 5.10.00.4240 | Size = 1684736 bytes | Modified Date = 5/8/2008 09:10:12 | Attr = ]
(AR5416) Atheros AR5008 Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\athw.sys -> Atheros Communications, Inc. [Ver = 7.6.1.221 | Size = 1346464 bytes | Modified Date = 30/12/2008 08:02:32 | Attr = ]
(DKbFltr) Dritek Keyboard Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\DKbFltr.SYS -> Dritek System Inc. [Ver = 1, 3, 0, 0 | Size = 16896 bytes | Modified Date = 8/12/2004 03:10:00 | Attr = ]
(DritekPortIO) Dritek General Port I/O [Kernel | System | Running] -> %ProgramFiles%\Launch Manager\DPortIO.sys -> Dritek System Inc. [Ver = 12, 23, 0, 2005 | Size = 20112 bytes | Modified Date = 2/11/2006 10:27:36 | Attr = ]
(int15.sys) int15.sys [Kernel | On_Demand | Stopped] -> %SystemDrive%\acernb\int15.sys -> File not found
(L1c) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\l1c51x86.sys -> Atheros Communications, Inc. [Ver = 1.0.0.16 built by: WinDDK | Size = 38912 bytes | Modified Date = 2/3/2009 02:03:46 | Attr = ]
(M3000Srv) USB2.0 UVC WebCam Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\M3000KNT.sys -> [Ver = 1.0.0.1 | Size = 145408 bytes | Modified Date = 2/1/2009 22:33:54 | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
(RSUSBSTOR) RTS5121.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\RTS5121.sys -> File not found
(Rts516xIR) Realtek IR Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\Rts516xIR.sys -> File not found
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> Synaptics Incorporated [Ver = 12.2.2 05Feb09 | Size = 205232 bytes | Modified Date = 5/2/2009 07:33:04 | Attr = ]
(USBCCID) Realtek Smartcard Reader Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\Rts5161ccid.sys -> File not found
(VirtualDK) VirtualDK [Kernel | On_Demand | Stopped] -> %UserProfile%\Desktop\tentativa\usb_prep8\vdk.sys -> Ken Kato [Ver = 3.1 | Size = 16283 bytes | Modified Date = 10/11/2003 13:48:00 | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
avgnt -> %ProgramFiles%\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> Avira GmbH [Ver = 9.00.00.12 | Size = 209153 bytes | Modified Date = 2/3/2009 13:08:47 | Attr = ]
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> Google [Ver = 5.7.808.7150 | Size = 24064 bytes | Modified Date = 12/3/2009 03:06:28 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Inc. [Ver = 7.6 (1292) | Size = 413696 bytes | Modified Date = 5/1/2009 16:18:48 | Attr = ]
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ares -> %ProgramFiles%\Ares\Ares.exe ["C:\Program Files\Ares\Ares.exe" -h] -> Ares Development Group [Ver = 2.1.1.3035 | Size = 1004544 bytes | Modified Date = 3/2/2009 10:22:18 | Attr = ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 11/5/2009 10:13:43 | Attr = ]
VoipRaider -> %ProgramFiles%\VoipRaider.com\VoipRaider\VoipRaider.exe ["C:\Program Files\VoipRaider.com\VoipRaider\VoipRaider.exe" -nosplash -minimized] -> VoipRaider [Ver = 4, 2, 533, 0 | Size = 9016112 bytes | Modified Date = 8/12/2008 15:10:00 | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Acer VCM.lnk -> %ProgramFiles%\Acer\Acer VCM\AcerVCM.exe -> Acer Incorporated [Ver = 4.00.3006 | Size = 565248 bytes | Modified Date = 11/2/2009 19:46:28 | Attr = ]
< Paty Startup Folder > -> C:\Documents and Settings\Paty\Start Menu\Programs\Startup ->
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 1033728 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 26112 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
*MultiFile Done* -> ->
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost ->
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 514560 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5622 (xpsp_sp3_gdr.080617-1319) | Size = 8461312 bytes | Modified Date = 17/6/2008 16:02:19 | Attr = ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2105) | Size = 300544 bytes | Modified Date = 14/4/2008 09:00:00 | Attr = ]
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 6.14.10.4926 | Size = 208896 bytes | Modified Date = 14/2/2008 19:45:40 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 323 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 323 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Shell\ -> ->
< CDROM Autorun Setting > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
SCSI miniport -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
< Drives with AutoRun files > -> ->
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 12/3/2009 02:07:49 | Attr = ]
< HOSTS File > (698 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0509&m=aspire_one ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.tribalwars.com.br/ ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> local ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1569 domain(s) found. ->
8 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> Adobe Systems Incorporated [Ver = 9.0.0.2008061100 | Size = 75128 bytes | Modified Date = 12/6/2008 02:33:16 | Attr = ]
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{6EF05952-B48D-4944-AA91-57A6A1A48EF8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Puxa Rápido\IEBHO.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 95744 bytes | Modified Date = 18/7/2006 23:46:22 | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> Google Inc. [Ver = 6, 1, 1518, 856 | Size = 259696 bytes | Modified Date = 12/5/2009 12:33:41 | Attr = ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 5, 1, 1309, 3572 | Size = 668656 bytes | Modified Date = 12/5/2009 13:30:39 | Attr = ]
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [Google Dictionary Compression sdch] -> Google Inc. [Ver = 1, 0, 610, 27482 | Size = 470512 bytes | Modified Date = 12/5/2009 12:33:38 | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> Google Inc. [Ver = 6, 1, 1518, 856 | Size = 259696 bytes | Modified Date = 12/5/2009 12:33:41 | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> Google Inc. [Ver = 6, 1, 1518, 856 | Size = 259696 bytes | Modified Date = 12/5/2009 12:33:41 | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{0C08B29C-5715-4501-9744-5E95923CD719} -> (Atheros AR5007EG Wireless Network Adapter) ->
{789B787A-FF78-417C-AE48-10C86FD35D2A} -> (Atheros AR8132 PCI-E Fast Ethernet Controller) ->
{D1BBDEA0-FB81-44C9-8D25-5F16C80C0F22} -> () ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,6,2 | Size = 147456 bytes | Modified Date = 12/12/2008 11:11:44 | Attr = ]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Acer\Acer VCM\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 31, 0 | Size = 1942824 bytes | Modified Date = 2/7/2008 21:35:16 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab[MSN Photo Upload Tool] ->
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}[HKEY_LOCAL_MACHINE] -> http://fdl.msn.com/public/chat/msnchat45.cab[MSN Chat Control 4.5] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\\.Owner -> {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\\{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> ->
[Files/Folders - Created Within 60 days]
addf7175d814a8b805d53384ac5b -> %SystemDrive%\addf7175d814a8b805d53384ac5b -> [Folder | Created Date = 18/5/2009 16:33:20 | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 20/5/2009 01:35:53 | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1063198720 bytes | Created Date = 29/5/2009 17:38:43 | Attr = HS]
HostsXpert -> %SystemDrive%\HostsXpert -> [Folder | Created Date = 25/5/2009 19:21:41 | Attr = ]
Protectorx -> %SystemDrive%\Protectorx -> [Folder | Created Date = 21/5/2009 18:57:23 | Attr = ]
Shutdown -> %SystemDrive%\Shutdown -> [Folder | Created Date = 23/5/2009 14:00:04 | Attr = ]
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 1462304 bytes | Created Date = 27/5/2009 18:37:06 | Attr = HS]
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 18212 bytes | Created Date = 27/5/2009 18:37:06 | Attr = HS]
UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 18/5/2009 16:33:16 | Attr = ]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 18/5/2009 16:33:19 | Attr = H ]
ac3acm.acm -> %SystemRoot%\System32\ac3acm.acm -> fccHandler [Ver = 1, 40, 0, 0 | Size = 118784 bytes | Created Date = 13/5/2009 18:26:54 | Attr = ]
divx.dll -> %SystemRoot%\System32\divx.dll -> DivX, Inc. [Ver = 6.8.5.9 | Size = 684032 bytes | Created Date = 13/5/2009 18:26:51 | Attr = ]
dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 3, 0, 21 | Size = 86016 bytes | Created Date = 13/5/2009 18:26:52 | Attr = ]
ff_vfw.dll -> %SystemRoot%\System32\ff_vfw.dll -> [Ver = | Size = 67584 bytes | Created Date = 13/5/2009 18:26:47 | Attr = ]
lameACM.acm -> %SystemRoot%\System32\lameACM.acm -> http://www.mp3dev.org/ [Ver = 0.9.2 | Size = 839680 bytes | Created Date = 13/5/2009 18:26:55 | Attr = ]
lame_acm.xml -> %SystemRoot%\System32\lame_acm.xml -> [Ver = | Size = 414 bytes | Created Date = 13/5/2009 18:26:56 | Attr = ]
lfbmp13n.dll -> %SystemRoot%\System32\lfbmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 57344 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
lfcmp13n.dll -> %SystemRoot%\System32\lfcmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 401408 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
lfgif13n.dll -> %SystemRoot%\System32\lfgif13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 69632 bytes | Created Date = 17/5/2009 12:03:03 | Attr = ]
LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 11/5/2009 20:04:03 | Attr = ]
6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
ltdis13n.dll -> %SystemRoot%\System32\ltdis13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 299008 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
ltefx13n.dll -> %SystemRoot%\System32\ltefx13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.068 | Size = 206336 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
ltfil13n.dll -> %SystemRoot%\System32\ltfil13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 163840 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
ltimg13n.dll -> %SystemRoot%\System32\ltimg13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 450560 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
ltkrn13n.dll -> %SystemRoot%\System32\ltkrn13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 462848 bytes | Created Date = 17/5/2009 12:03:00 | Attr = ]
mlfcache.dat -> %SystemRoot%\System32\mlfcache.dat -> [Ver = | Size = 55200 bytes | Created Date = 21/5/2009 19:22:36 | Attr = H ]
pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 13/5/2009 18:27:05 | Attr = ]
PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 13/5/2009 11:53:17 | Attr = ]
qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Created Date = 13/5/2009 18:26:52 | Attr = ]
SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 11/5/2009 12:16:26 | Attr = ]
unrar.dll -> %SystemRoot%\System32\unrar.dll -> [Ver = | Size = 168448 bytes | Created Date = 13/5/2009 18:27:03 | Attr = ]
xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 795648 bytes | Created Date = 13/5/2009 18:26:53 | Attr = ]
xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [Ver = | Size = 130048 bytes | Created Date = 13/5/2009 18:26:53 | Attr = ]
yv12vfw.dll -> %SystemRoot%\System32\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 217088 bytes | Created Date = 13/5/2009 18:26:54 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 21/5/2009 12:58:55 | Attr = ]
explorer.exe.local -> %SystemRoot%\explorer.exe.local -> [Ver = | Size = 12 bytes | Created Date = 18/5/2009 16:30:59 | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 13/5/2009 12:34:48 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Created Date = 19/5/2009 22:07:23 | Attr = ]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 11/5/2009 10:05:00 | Attr = ]
temp -> %SystemRoot%\temp -> [Folder | Created Date = 29/5/2009 22:58:29 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 280 bytes | Created Date = 11/5/2009 12:17:29 | Attr = ]
[Files/Folders - Modified Within 60 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 25/5/2009 19:17:43 | Attr = RHS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1063198720 bytes | Modified Date = 29/5/2009 17:38:43 | Attr = HS]
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 698 bytes | Modified Date = 25/5/2009 19:24:45 | Attr = ]
hosts.msn -> %SystemRoot%\System32\drivers\etc\hosts.msn -> [Ver = | Size = 27 bytes | Modified Date = 21/5/2009 13:03:48 | Attr = ]
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 1462304 bytes | Modified Date = 27/5/2009 23:04:23 | Attr = HS]
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 18212 bytes | Modified Date = 27/5/2009 23:04:23 | Attr = HS]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 18/5/2009 16:33:19 | Attr = H ]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 37732 bytes | Modified Date = 11/5/2009 10:12:58 | Attr = ]
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 18/5/2009 16:34:54 | Attr = ]
6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 246312 bytes | Modified Date = 21/5/2009 03:13:06 | Attr = ]
mlfcache.dat -> %SystemRoot%\System32\mlfcache.dat -> [Ver = | Size = 55200 bytes | Modified Date = 21/5/2009 19:22:36 | Attr = H ]
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 18/5/2009 16:34:54 | Attr = ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 59670 bytes | Modified Date = 29/5/2009 17:43:34 | Attr = ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 394206 bytes | Modified Date = 29/5/2009 17:43:34 | Attr = ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 460414 bytes | Modified Date = 29/5/2009 17:43:34 | Attr = ]
pid.PNF -> %SystemRoot%\System32\pid.PNF -> [Ver = | Size = 5208 bytes | Modified Date = 11/5/2009 10:12:46 | Attr = ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 18/5/2009 16:31:08 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 29/5/2009 17:38:45 | Attr = S]
explorer.exe.local -> %SystemRoot%\explorer.exe.local -> [Ver = | Size = 12 bytes | Modified Date = 18/5/2009 16:30:59 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 21/5/2009 01:07:09 | Attr = ]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 11/5/2009 10:05:00 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 29/5/2009 22:57:06 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 507 bytes | Modified Date = 25/5/2009 19:17:43 | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 18/5/2009 16:33:55 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 280 bytes | Modified Date = 29/5/2009 21:39:04 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 29/5/2009 22:58:27 | Attr = H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 11/5/2009 19:30:06 | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6855 bytes | Modified Date = 29/5/2009 13:07:38 | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6441 bytes | Modified Date = 29/5/2009 13:07:38 | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 12/5/2009 13:59:30 | Attr = ]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8492 bytes | Modified Date = 26/5/2009 13:50:19 | Attr = ]
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
< Document and Settings folder & sub folders >
scanning hidden files ...
C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54 98 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\Favorites\CuiabanoTech Blog COMO INSTALAR O WINDOWS XP SP2 NO ASUS EEE PC 701.url:favicon 3638 bytes
C:\Documents and Settings\Paty\Favorites\Download Acer Aspire One XP Driver BlognTech.Com.url:favicon 1150 bytes
C:\Documents and Settings\Paty\Favorites\The West.url:favicon 1406 bytes
C:\Documents and Settings\Paty\Favorites\Tribal Wars.url:favicon 894 bytes
C:\Documents and Settings\Paty\Favorites\Tutorial completo Ipod Touch.url:favicon 1406 bytes
C:\Documents and Settings\Paty\My Documents\Downloads\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\FFOutput\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\A Era do Gelo 1\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\A Era do Gelo 2\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\A Lenda do Tesouro Perdido\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\A lenda do tesouro perdido (o livro dos segredos - dub)\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Gênio Indomável - Drama (dub)\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Hancock\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Legais\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Modelos_Nada_Corretos_(Comedia)\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Os_Melhores_do_Mundo_(Show_Comedia)\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Por Agua Abaixo\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Putz a coisa ta feia\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Shrek - Terceiro\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Ta Dando Onda\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\Um_Louco_Apaixonado_(Comedia)\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Movies\videos informatica\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Alex e Alex - Pra Glória do Teu Nome - 2007\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Alex Gonzaga - Canções Eternas Canções - 2001\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Bianca Ryan\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Brian Littrell\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Brian Macknight\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Mandy Moore\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Quatro Por Um - Enquanto Houver Fôlego - 2008\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Music\Roupa Nova\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Pictures\Folguinha\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Pictures\fotos no haiti\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Pictures\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Pictures\varias\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Received Files\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Paty\My Documents\My Videos\videos ipod\Thumbs.db:encryptable 0 bytes
scan completed successfully
hidden files: 117
< End of report >