Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:48:37, on 7/1/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Ares\Ares.exe
C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSoft.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\ScriptSn.20101207191131.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast5] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mcui_exe] "C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Nokia Internet Modem] "C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background (User 'Usuario')
O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Usuario')
O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Usuario')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Suellen\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203
O16 - DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} (ValidaUsuario Class) - https://cpne.bradesco.com.br/certifexp.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
--
End of file - 14239 bytes
Segue DDS.txt
DDS (Ver_10-12-12.02) - NTFSx86
Run by Suellen at 16:30:00,82 on dom 09/01/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.326 [GMT -2:00]
AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee VirusScan Enabled/Updated {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Enabled
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Ares\Ares.exe
C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\Suellen\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com.br/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
BHO: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll
BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - c:\arquivos de programas\scpad\scpsssh2.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\arquivos de programas\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\arquiv~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\arquivos de programas\arquivos comuns\mcafee\systemcore\ScriptSn.20101207191131.dll
BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\arquivos de programas\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\arquivos de programas\free download manager\iefdm2.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
TB: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\arquivos de programas\conduitengine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {EDBCA961-4BF8-4CBE-8C63-A11DFF9ED2D9} - No File
TB: {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background
uRun: [ares] "c:\arquivos de programas\ares\Ares.exe" -h
uRun: [Nokia Internet Modem] "c:\arquivos de programas\nokia\nokia internet modem\wellphone2.exe" /background
uRun: [MSMSGS] "c:\arquivos de programas\messenger\msmsgs.exe" /background
uRun: [swg] "c:\arquivos de programas\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [avast5] "c:\arquivos de programas\alwil software\avast5\avastUI.exe" /nogui
mRun: [iTunesHelper] "c:\arquivos de programas\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\qttask.exe" -atboottime
mRun: [mcui_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\mcafee~1.lnk - c:\arquivos de programas\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-explorer: HonorAutoRunSetting = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\suellen\dados de aplicativos\dvdvideosoftiehelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\arquivos de programas\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\arquivos de programas\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\arquiv~1\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - c:\arquivos de programas\scpad\scpLIB.dll
STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - c:\arquivos de programas\scpad\scpLIB.dll
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\suellen\dadosd~1\mozilla\firefox\profiles\ncg7gp7g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13642
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.twitter.com/
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\arquivos de programas\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\arquivos de programas\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\arquivos de programas\google\picasa3\npPicasa3.dll
FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\microsoft\office live\npOLW.dll
FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\mozilla firefox 4.0 beta 5\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\arquivos de programas\mcafee\SiteAdvisor
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-19 386840]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-9 165584]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-11-19 84072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-9 17744]
R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-8-10 54760]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\mcafee\siteadvisor\McSACore.exe [2010-3-19 88176]
R2 McMPFSvc;McAfee Personal Firewall;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480]
R2 McProxy;McAfee Proxy Service;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480]
R2 McShield;McShield;c:\arquivos de programas\arquivos comuns\mcafee\systemcore\mcshield.exe [2010-11-19 171168]
R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\arquivos comuns\mcafee\systemcore\mfefire.exe [2010-11-19 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-11-19 141792]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-27 50704]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-11-19 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-11-19 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-19 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-11-19 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-11-19 88544]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2010-10-9 136176]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384]
S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\arquivos de programas\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-11-19 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-11-19 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-3-19 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-3-19 40552]
S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [2009-6-22 18688]
S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [2009-6-22 27008]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [2009-10-9 98432]
=============== Created Last 30 ================
2011-01-07 23:44:33 388608 ----a-w- C:\HiJackThis.exe
2011-01-04 17:00:46 -------- d-----w- c:\docume~1\suellen\dadosd~1\PhotoScape
2010-12-16 02:50:39 -------- d-----w- c:\windows\system32\Logs
==================== Find3M ====================
2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-18 18:15:22 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 16:17:32 141792 ----a-w- c:\windows\system32\mfevtps.exe
2010-11-06 00:21:10 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21:08 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27:25 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:09:04 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58:48 1853440 ----a-w- c:\windows\system32\win32k.sys
=================== ROOTKIT ====================
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo.
device: opened successfully
user: error reading MBR
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x83B912F0]
3 CLASSPNP[0xF7612FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x83B6F940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
============= FINISH: 16:36:52,06 ===============
Segue Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/10/2009 14:47:13
System Uptime: 9/1/2011 13:21:32 (3 hours ago)
Motherboard: Acer, Inc. | | Prespa M
Processor: Mobile AMD Sempron Processor 3500+ | Socket M2/S1G1 | 1799/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 112 GiB total, 49,536 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP54: 23/10/2010 13:04:42 - Instalado iTunes
RP55: 24/10/2010 17:21:34 - Ponto de verificação do sistema
RP56: 25/10/2010 20:10:51 - Ponto de verificação do sistema
RP57: 26/10/2010 20:57:29 - Ponto de verificação do sistema
RP58: 28/10/2010 16:44:15 - Ponto de verificação do sistema
RP59: 29/10/2010 17:27:42 - Ponto de verificação do sistema
RP60: 30/10/2010 18:35:26 - Ponto de verificação do sistema
RP61: 1/11/2010 14:22:58 - Ponto de verificação do sistema
RP62: 3/11/2010 13:02:00 - Ponto de verificação do sistema
RP63: 4/11/2010 21:25:17 - Ponto de verificação do sistema
RP64: 6/11/2010 10:05:58 - Ponto de verificação do sistema
RP65: 7/11/2010 15:22:48 - Ponto de verificação do sistema
RP66: 9/11/2010 16:01:44 - Ponto de verificação do sistema
RP67: 10/11/2010 16:04:28 - Ponto de verificação do sistema
RP68: 11/11/2010 19:38:11 - Ponto de verificação do sistema
RP69: 11/11/2010 22:48:43 - Software Distribution Service 3.0
RP70: 12/11/2010 23:28:15 - Ponto de verificação do sistema
RP71: 14/11/2010 15:27:57 - Removido QuickTime
RP72: 14/11/2010 15:31:33 - Removed Adobe Reader 9.4.0 - Português.
RP73: 14/11/2010 22:04:06 - Instalado QuickTime
RP74: 15/11/2010 23:05:11 - Ponto de verificação do sistema
RP75: 17/11/2010 20:07:48 - Ponto de verificação do sistema
RP76: 18/11/2010 20:54:47 - Ponto de verificação do sistema
RP77: 19/11/2010 20:59:51 - Ponto de verificação do sistema
RP78: 21/11/2010 01:05:29 - Ponto de verificação do sistema
RP79: 22/11/2010 14:10:22 - Ponto de verificação do sistema
RP80: 22/11/2010 19:56:12 - Installed Windows XP -- Software Updates KB952011.
RP81: 24/11/2010 14:19:59 - Ponto de verificação do sistema
RP82: 25/11/2010 15:23:19 - Ponto de verificação do sistema
RP83: 26/11/2010 16:10:26 - Ponto de verificação do sistema
RP84: 27/11/2010 16:31:49 - Ponto de verificação do sistema
RP85: 28/11/2010 16:57:54 - Ponto de verificação do sistema
RP86: 30/11/2010 23:14:26 - Ponto de verificação do sistema
RP87: 2/12/2010 22:10:15 - Ponto de verificação do sistema
RP88: 3/12/2010 22:52:56 - Ponto de verificação do sistema
RP89: 5/12/2010 17:40:52 - Ponto de verificação do sistema
RP90: 6/12/2010 18:45:44 - Ponto de verificação do sistema
RP91: 7/12/2010 19:04:32 - Ponto de verificação do sistema
RP92: 8/12/2010 19:08:44 - Ponto de verificação do sistema
RP93: 9/12/2010 19:18:05 - Ponto de verificação do sistema
RP94: 10/12/2010 19:46:19 - Ponto de verificação do sistema
RP95: 11/12/2010 20:16:58 - Ponto de verificação do sistema
RP96: 12/12/2010 20:30:40 - Ponto de verificação do sistema
RP97: 13/12/2010 22:03:48 - Ponto de verificação do sistema
RP98: 14/12/2010 22:40:02 - Ponto de verificação do sistema
RP99: 16/12/2010 23:46:35 - Software Distribution Service 3.0
RP100: 17/12/2010 12:00:05 - Software Distribution Service 3.0
RP101: 18/12/2010 12:59:41 - Ponto de verificação do sistema
RP102: 19/12/2010 16:22:51 - Ponto de verificação do sistema
RP103: 20/12/2010 03:00:25 - Software Distribution Service 3.0
RP104: 21/12/2010 12:35:24 - Ponto de verificação do sistema
RP105: 22/12/2010 15:02:05 - Ponto de verificação do sistema
RP106: 23/12/2010 01:24:31 - Software Distribution Service 3.0
RP107: 27/12/2010 16:18:53 - Ponto de verificação do sistema
RP108: 28/12/2010 18:44:20 - Ponto de verificação do sistema
RP109: 29/12/2010 19:09:55 - Ponto de verificação do sistema
RP110: 30/12/2010 19:52:45 - Ponto de verificação do sistema
RP111: 31/12/2010 20:18:48 - Ponto de verificação do sistema
RP112: 2/1/2011 13:08:45 - Ponto de verificação do sistema
RP113: 3/1/2011 19:08:21 - Ponto de verificação do sistema
RP114: 5/1/2011 15:36:51 - Ponto de verificação do sistema
RP115: 6/1/2011 15:57:06 - Ponto de verificação do sistema
RP116: 7/1/2011 16:04:08 - Ponto de verificação do sistema
RP117: 8/1/2011 19:42:52 - Ponto de verificação do sistema
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Shockwave Player 11.5
Aplicativos SEFAZ 2002
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ares 2.1.1
Arquivo do WinRAR
Assistente de Conexão do Windows Live
Atheros Wireless LAN
ATI - Utilitário de desinstalação de software
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
Atualização de Segurança para o Windows Media Player (KB2378111)
Atualização de Segurança para o Windows Media Player (KB952069)
Atualização de Segurança para o Windows Media Player (KB954155)
Atualização de Segurança para o Windows Media Player (KB968816)
Atualização de Segurança para o Windows Media Player (KB973540)
Atualização de Segurança para o Windows Media Player (KB975558)
Atualização de Segurança para o Windows Media Player (KB978695)
Atualização de Segurança para o Windows Media Player 11 (KB954154)
Atualização de Segurança para Windows Internet Explorer 8 (KB2183461)
Atualização de Segurança para Windows Internet Explorer 8 (KB2360131)
Atualização de Segurança para Windows Internet Explorer 8 (KB2416400)
Atualização de Segurança para Windows Internet Explorer 8 (KB971961)
Atualização de Segurança para Windows Internet Explorer 8 (KB974455)
Atualização de Segurança para Windows Internet Explorer 8 (KB976325)
Atualização de Segurança para Windows Internet Explorer 8 (KB978207)
Atualização de Segurança para Windows Internet Explorer 8 (KB981332)
Atualização de Segurança para Windows Internet Explorer 8 (KB982381)
Atualização de Segurança para Windows XP (KB2079403)
Atualização de Segurança para Windows XP (KB2115168)
Atualização de Segurança para Windows XP (KB2121546)
Atualização de Segurança para Windows XP (KB2160329)
Atualização de Segurança para Windows XP (KB2229593)
Atualização de Segurança para Windows XP (KB2259922)
Atualização de Segurança para Windows XP (KB2279986)
Atualização de Segurança para Windows XP (KB2286198)
Atualização de Segurança para Windows XP (KB2296011)
Atualização de Segurança para Windows XP (KB2296199)
Atualização de Segurança para Windows XP (KB2347290)
Atualização de Segurança para Windows XP (KB2360937)
Atualização de Segurança para Windows XP (KB2387149)
Atualização de Segurança para Windows XP (KB2423089)
Atualização de Segurança para Windows XP (KB2436673)
Atualização de Segurança para Windows XP (KB2440591)
Atualização de Segurança para Windows XP (KB2443105)
Atualização de Segurança para Windows XP (KB923561)
Atualização de Segurança para Windows XP (KB938464-v2)
Atualização de Segurança para Windows XP (KB941569)
Atualização de Segurança para Windows XP (KB946648)
Atualização de Segurança para Windows XP (KB950762)
Atualização de Segurança para Windows XP (KB950974)
Atualização de Segurança para Windows XP (KB951066)
Atualização de Segurança para Windows XP (KB951376-v2)
Atualização de Segurança para Windows XP (KB951748)
Atualização de Segurança para Windows XP (KB952004)
Atualização de Segurança para Windows XP (KB952954)
Atualização de Segurança para Windows XP (KB954459)
Atualização de Segurança para Windows XP (KB954600)
Atualização de Segurança para Windows XP (KB955069)
Atualização de Segurança para Windows XP (KB956572)
Atualização de Segurança para Windows XP (KB956744)
Atualização de Segurança para Windows XP (KB956802)
Atualização de Segurança para Windows XP (KB956803)
Atualização de Segurança para Windows XP (KB956844)
Atualização de Segurança para Windows XP (KB957097)
Atualização de Segurança para Windows XP (KB958644)
Atualização de Segurança para Windows XP (KB958687)
Atualização de Segurança para Windows XP (KB958869)
Atualização de Segurança para Windows XP (KB959426)
Atualização de Segurança para Windows XP (KB960225)
Atualização de Segurança para Windows XP (KB960803)
Atualização de Segurança para Windows XP (KB960859)
Atualização de Segurança para Windows XP (KB961371-v2)
Atualização de Segurança para Windows XP (KB961501)
Atualização de Segurança para Windows XP (KB968537)
Atualização de Segurança para Windows XP (KB969059)
Atualização de Segurança para Windows XP (KB969947)
Atualização de Segurança para Windows XP (KB970238)
Atualização de Segurança para Windows XP (KB970430)
Atualização de Segurança para Windows XP (KB971468)
Atualização de Segurança para Windows XP (KB971486)
Atualização de Segurança para Windows XP (KB971557)
Atualização de Segurança para Windows XP (KB971633)
Atualização de Segurança para Windows XP (KB971657)
Atualização de Segurança para Windows XP (KB972270)
Atualização de Segurança para Windows XP (KB973346)
Atualização de Segurança para Windows XP (KB973354)
Atualização de Segurança para Windows XP (KB973507)
Atualização de Segurança para Windows XP (KB973525)
Atualização de Segurança para Windows XP (KB973869)
Atualização de Segurança para Windows XP (KB973904)
Atualização de Segurança para Windows XP (KB974112)
Atualização de Segurança para Windows XP (KB974318)
Atualização de Segurança para Windows XP (KB974392)
Atualização de Segurança para Windows XP (KB974571)
Atualização de Segurança para Windows XP (KB975025)
Atualização de Segurança para Windows XP (KB975467)
Atualização de Segurança para Windows XP (KB975560)
Atualização de Segurança para Windows XP (KB975561)
Atualização de Segurança para Windows XP (KB975562)
Atualização de Segurança para Windows XP (KB975713)
Atualização de Segurança para Windows XP (KB977165)
Atualização de Segurança para Windows XP (KB977816)
Atualização de Segurança para Windows XP (KB977914)
Atualização de Segurança para Windows XP (KB978037)
Atualização de Segurança para Windows XP (KB978251)
Atualização de Segurança para Windows XP (KB978262)
Atualização de Segurança para Windows XP (KB978338)
Atualização de Segurança para Windows XP (KB978542)
Atualização de Segurança para Windows XP (KB978601)
Atualização de Segurança para Windows XP (KB978706)
Atualização de Segurança para Windows XP (KB979309)
Atualização de Segurança para Windows XP (KB979482)
Atualização de Segurança para Windows XP (KB979559)
Atualização de Segurança para Windows XP (KB979683)
Atualização de Segurança para Windows XP (KB979687)
Atualização de Segurança para Windows XP (KB980195)
Atualização de Segurança para Windows XP (KB980218)
Atualização de Segurança para Windows XP (KB980232)
Atualização de Segurança para Windows XP (KB980436)
Atualização de Segurança para Windows XP (KB981322)
Atualização de Segurança para Windows XP (KB981852)
Atualização de Segurança para Windows XP (KB981957)
Atualização de Segurança para Windows XP (KB981997)
Atualização de Segurança para Windows XP (KB982132)
Atualização de Segurança para Windows XP (KB982214)
Atualização de Segurança para Windows XP (KB982665)
Atualização de Segurança para Windows XP (KB982802)
Atualização para Windows Internet Explorer 8 (KB976662)
Atualização para Windows Internet Explorer 8 (KB976749)
Atualização para Windows XP (KB2141007)
Atualização para Windows XP (KB2345886)
Atualização para Windows XP (KB2467659)
Atualização para Windows XP (KB898461)
Atualização para Windows XP (KB951978)
Atualização para Windows XP (KB955759)
Atualização para Windows XP (KB961503)
Atualização para Windows XP (KB967715)
Atualização para Windows XP (KB968389)
Atualização para Windows XP (KB971737)
Atualização para Windows XP (KB973687)
Atualização para Windows XP (KB973815)
avast! Free Antivirus
Bibliotecas de sistema 2.08.0000
Bonjour
BufferChm
CCleaner
Conduit Engine
Conectividade Social
Contab v5.2
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DigiSignDoc Leitor
DVD Shrink 3.2
DVD Suite
eSupportQFolder
Ferramenta de Carregamento do Windows Live
Free Audio CD Burner version 1.4
Free Download Manager 3.4 BETA
Free YouTube to MP3 Converter version 3.9
GeoVision ADPCM
GeoVision H264
GeoVision JPEG
GeoVision MPEG2
GeoVision MPEG4
GeoVision MPEG4 ASP
GeoVision MPEG4 AVC
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix para o Windows Media Player 11 (KB939683)
Hotfix para Windows XP (KB2158563)
Hotfix para Windows XP (KB2443685)
Hotfix para Windows XP (KB952287)
Hotfix para Windows XP (KB961118)
Hotfix para Windows XP (KB970653-v3)
Hotfix para Windows XP (KB976098-v2)
Hotfix para Windows XP (KB981793)
HP Deskjet 3900 series
HP Imaging Device Functions 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
HPDeskjet3900Series
HPProductAssistant
iTunes
J2SE Runtime Environment 5.0 Update 10
Java Auto Updater
Java 6 Update 18
JDownloader
Junk Mail filter update
Launch Manager
McAfee Security Scan Plus
McAfee SecurityCenter
MCESimplificado
Messenger Plus! Live
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Professional Edição 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0b5 (x86 pt-BR)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
Nokia Internet Modem
OGA Notifier 2.0.0048.0
Pacote de Compatibilidade para o sistema Office 2007
PhotoScape
Picasa 3
PowerDVD
PowerProducer
QuickTime
REALTEK GbE & FE Ethernet NIC Driver
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)SEFIP 8.40
Segoe UI
Skype™ 4.2
Softonic_Brasil Toolbar
Software WIDCOMM Bluetooth
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
The KMPlayer (remove only)
TrayApp
Uninstall 1.0.0.1
Uninstall Dual Mode Camera
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WebFldrs XP
WebReg
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live Mail
Windows Live Messenger
Windows Live Proteção para a Família
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
WinPcap 4.1.1
XP Codec Pack
==== End Of File ===========================
Olá!
Por favor, ao realizar as instruções abaixo, siga tudo na ordem dada. Caso tiver alguma dúvida, não pule a etapa, pare e me pergunte.
<< 1 >>
Siga o tutorial abaixo e execute o Malwarebyte's Anti-malware (faça um scan completo). Poste o log gerado.
Tutorial do Malwarebyte's Anti-Malware
<< 2 >>
Siga o tutorial abaixo e execute o Ad-Remover. Poste o log gerado.
<< 3 >>
Por favor, siga o tutorial no link abaixo:
#### Como usar o ComboFix ####
Sugiro que imprima as instruções abaixo pois não poderá lê-las enquanto utiliza a ferramenta.
>
NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.
-
De forma alguma saia do ComboFix usando o "X" do programa. Caso queira sair, tecle "N".
<< 4 >>
Poste um novo log do DDS.
Abraços :D
Aqui estao os Log na squencia solicitada
1- Log Malwarebytes
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Versão da Base de Dados: 5510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
13/01/2011 13:23:22
mbam-log-2011-01-13 (13-23-22).txt
Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 419677
Tempo decorrido: 5 hora(s), 55 minuto(s), 33 segundo(s)
Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 0
Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)
Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)
Pastas Infectadas:
(Não foram detectados ítens maliciosos)
Arquivos Infectados:
(Não foram detectados ítens maliciosos)
-----------------------------------------------------------------------
2- log do Ad-Report-Clean
======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/01/11 at 19:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 02:44:48 on 15/01/2011, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Suellen@ACER ( )
============== ACTION(S) ==============
Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\extensions\toolbar@ask.com
File deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\searchplugins\askcom.xml
Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\ConduitEngine
Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\extensions\engine@conduit.com
Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Bandoo
Folder deleted: C:\Documents and Settings\Suellen\Configurações locais\Dados de aplicativos\Conduit
Folder deleted: C:\Arquivos de programas\Conduit
Folder deleted: C:\Documents and Settings\Suellen\Configurações locais\Dados de aplicativos\ConduitEngine
Folder deleted: C:\Arquivos de programas\ConduitEngine
Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\PriceGong
Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\PriceGong
(!) -- Temporary files deleted.
-- File opened: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\Prefs.js --
Line deleted:
Line deleted:
Line deleted: user_pref("browser.search.defaultengine", "Ask.com");
Line deleted: user_pref("extensions.asktb.cbid", "RY");Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...
Line deleted: user_pref("extensions.asktb.fresh-install", false);
Line deleted: user_pref("extensions.asktb.l", "dis");
Line deleted: user_pref("extensions.asktb.last-config-req", "1287932782765");
Line deleted: user_pref("extensions.asktb.locale", "en_US");
Line deleted: user_pref("extensions.asktb.o", "15184");
Line deleted: user_pref("extensions.asktb.options-lang", "en");
Line deleted: user_pref("extensions.asktb.options-locale", "US");
Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line deleted: user_pref("extensions.asktb.qsrc", "2871");
Line deleted: user_pref("extensions.asktb.r", "3");
Line deleted: user_pref("extensions.asktb.save-searches", false);Line deleted: user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li...
Line deleted: user_pref("extensions.enabledAddons", "toolbar@ask.com:3.5.0.145,testpilot@labs.mozilla.com:1.0.3,jq...
Line deleted: user_pref("extensions.enabledItems", "toolbar@ask.com:3.5.0.145,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCB...
Line deleted: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-...
Line deleted: user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Line deleted: user_pref("keyword.URL", "hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&local...
-- File closed --
-- File opened: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\Prefs.js --
Line deleted:
Line deleted:
Line deleted: user_pref("CT2552374.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT255...
Line deleted: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2552374&SearchSource=13");
Line deleted: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2552374&q=");-- File closed --
Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Classes\CLSID\{4DC61C00-DEFC-49C2-ADEE-5345A7A6871B}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4DC61C00-DEFC-49C2-ADEE-5345A7A6871B}
Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\Toolbar.CT1460988
Key deleted: HKLM\Software\Classes\Toolbar.CT2552374
Key deleted: HKLM\Software\Classes\Toolbar.CT2567694
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Conduit
Key deleted: HKLM\Software\conduitEngine
Key deleted: HKCU\Software\Ask.com
Key deleted: HKCU\Software\AskToolbar
Key deleted: HKCU\Software\Conduit
Key deleted: HKCU\Software\conduitEngine
Key deleted: HKCU\Software\PriceGong
Key deleted: HKCU\Software\AppDataLow\AskBarDis
Key deleted: HKCU\Software\AppDataLow\AskHomePage
Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{834AA5F3-3DF9-427E-9499-3CD007EFDFE3}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
Mozilla Firefox Version [4.0b5 (pt-BR)]
-- C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\Suellen\\Meus documentos\\Minhas imagens\\Fake
browser.search.defaultenginename, Search the web (Babylon)
browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13642
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.twitter.com/
browser.startup.homepage_override.buildID, 20100831070808
browser.startup.homepage_override.mstone, rv:2.0b5
-- C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\Prefs.js --
browser.startup.homepage_override.buildID, 20100831070808
browser.startup.homepage_override.mstone, rv:2.0b5
========================================
Internet Explorer Version [8.0.6001.18702]
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Arquivos de programas\Ad-Remover\Quarantine: 285 File(s)
C:\Arquivos de programas\Ad-Remover\Backup: 15 File(s)
C:\Ad-Report-CLEAN[1].txt - 15/01/2011 (6878 Byte(s))
End at: 02:46:41, 15/01/2011
============== E.O.F ==============
Log do ComboFix
ComboFix 11-01-14.01 - Usuario 15/01/2011 4:37.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.315 [GMT -2:00]
Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe
AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee Anti-Virus e Anti-Spyware Enabled/Updated {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall Disabled {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* AV residente está ativo
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\ST6UNST.000
c:\windows\system32\logs
c:\windows\system32\logs\Settings.dat
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-15 to 2011-01-15 ))))))))))))))))))))))))))))
.
2011-01-15 04:43 . 2011-01-15 04:44 -------- d-----w- c:\arquivos de programas\Ad-Remover
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin7.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin6.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin5.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin4.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin3.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin2.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin.dll
2011-01-13 09:25 . 2011-01-13 09:25 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Malwarebytes
2011-01-13 09:24 . 2010-12-20 20:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2011-01-13 09:24 . 2010-12-20 20:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2011-01-07 23:44 . 2011-01-07 23:44 388608 ----a-w- C:\HiJackThis.exe
2011-01-04 17:00 . 2011-01-04 17:00 -------- d-----w- c:\documents and settings\Suellen\Dados de aplicativos\PhotoScape
2011-01-03 03:11 . 2011-01-03 03:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 19:38 . 2010-11-29 19:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 19:38 . 2010-11-29 19:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2009-10-08 17:41 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 16:17 . 2010-11-19 20:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-11-12 16:17 . 2010-11-19 20:00 141792 ----a-w- c:\windows\system32\mfevtps.exe
2010-11-12 16:17 . 2010-11-19 20:00 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2010-11-12 16:17 . 2010-11-19 20:00 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-11-12 16:17 . 2010-11-19 20:00 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2010-11-12 16:17 . 2010-11-19 20:00 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-11-12 16:17 . 2010-11-19 20:00 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-11-12 16:17 . 2010-11-19 20:00 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-11-12 16:17 . 2010-11-19 20:00 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-11-12 16:17 . 2010-03-19 20:39 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-11-12 16:17 . 2010-03-19 20:39 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:21 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-09-18_14.00.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 03:02 . 2009-07-12 03:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-12 03:05 . 2009-07-12 03:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 03:05 . 2009-07-12 03:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-10-28 20:50 . 2008-07-07 14:08 53248 c:\windows\twain_32\JL2005C\jltwdec.dll
+ 2010-10-28 20:50 . 2007-09-21 12:02 49152 c:\windows\twain_32\JL2005C\dec_jl6.dll
+ 2010-10-28 20:50 . 2008-04-17 13:14 49152 c:\windows\twain_32\913D Camera\TransTwain.exe
+ 2011-01-15 05:37 . 2011-01-15 05:37 16384 c:\windows\Temp\Perflib_Perfdata_4f8.dat
+ 2010-10-28 20:51 . 2008-04-13 21:20 54784 c:\windows\system32\vfwwdm32.dll
+ 2008-04-14 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2010-08-27 05:53 99840 c:\windows\system32\srvsvc.dll
+ 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2010-01-27 02:09 . 2010-01-27 02:09 53299 c:\windows\system32\pthreadVC.dll
+ 2008-04-14 12:00 . 2010-11-02 11:21 80526 c:\windows\system32\perfc016.dat
+ 2008-04-14 12:00 . 2010-11-02 11:21 68668 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2010-11-06 00:21 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 07:31 . 2010-11-06 00:21 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-01-01 13:57 . 2011-01-01 13:57 58732 c:\windows\system32\mlfcache.dat
+ 2008-04-14 12:00 . 2010-11-06 00:21 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2010-12-04 02:30 . 2010-09-28 17:44 41984 c:\windows\system32\DRVSTORE\usbaapl_DECA0B114863448FE4957E5F5676B09528A18C9F\usbaapl.sys
+ 2010-12-04 02:31 . 2010-04-19 22:29 18432 c:\windows\system32\DRVSTORE\netaapl_A0C073C4137716F9478B8B08B2873A7AB3AECF72\netaapl.sys
+ 2010-10-28 20:52 . 2008-04-13 13:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS
+ 2010-10-28 20:52 . 2008-04-13 13:46 15232 c:\windows\system32\drivers\StreamIP.sys
+ 2010-10-28 20:52 . 2008-04-13 13:46 11136 c:\windows\system32\drivers\SLIP.sys
+ 2010-01-27 02:09 . 2010-01-27 02:09 50704 c:\windows\system32\drivers\npf.sys
+ 2010-10-28 20:52 . 2008-04-13 13:46 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2010-10-28 20:51 . 2008-04-13 13:46 85248 c:\windows\system32\drivers\NABTSFEC.sys
+ 2010-10-28 20:50 . 2008-03-11 18:18 68762 c:\windows\system32\drivers\jl2005c.sys
+ 2010-10-28 20:51 . 2008-04-13 13:46 17024 c:\windows\system32\drivers\CCDECODE.sys
+ 2010-10-09 22:03 . 2010-09-07 14:52 46672 c:\windows\system32\drivers\aswTdi.sys
+ 2010-10-09 22:03 . 2010-09-07 14:47 23376 c:\windows\system32\drivers\aswRdr.sys
+ 2010-10-09 22:03 . 2010-09-07 14:47 94544 c:\windows\system32\drivers\aswmon.sys
+ 2010-10-09 22:03 . 2010-09-07 14:47 17744 c:\windows\system32\drivers\aswFsBlk.sys
+ 2010-10-09 22:03 . 2010-09-07 14:46 28880 c:\windows\system32\drivers\aavmker4.sys
+ 2010-07-27 20:44 . 2010-07-27 20:44 91424 c:\windows\system32\dnssd.dll
+ 2009-10-16 12:53 . 2010-11-06 00:21 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-10-28 20:52 . 2008-04-13 13:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2009-10-08 17:41 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2010-10-28 20:51 . 2008-04-13 21:20 54784 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2010-10-28 20:52 . 2008-04-13 13:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2008-04-14 12:00 . 2010-08-27 05:53 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2010-10-28 20:52 . 2008-04-13 13:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2008-04-14 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2010-10-28 20:52 . 2008-04-13 13:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2010-10-28 20:51 . 2008-04-13 13:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2008-04-14 12:00 . 2010-11-06 00:21 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-10-16 12:53 . 2010-11-06 00:21 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-10-08 17:41 . 2010-11-18 18:15 86016 c:\windows\system32\dllcache\isign32.dll
+ 2010-10-28 20:51 . 2008-04-13 13:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2011-01-03 03:11 . 2011-01-14 22:42 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2010-09-24 23:29 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-10-08 17:48 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-08 17:48 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat
+ 2010-09-22 12:43 . 2010-09-22 12:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-10-20 16:19 . 2010-10-20 16:19 21504 c:\windows\Installer\da51e.msi
+ 2010-10-18 02:47 . 2010-10-18 02:47 24064 c:\windows\Installer\b0e4cd.msi
+ 2010-11-12 00:59 . 2010-11-12 00:59 34632 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 23040 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 61440 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 27136 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 11264 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 86016 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 12288 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-06-10 20:00 . 2010-12-17 01:58 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-14 03:54 . 2009-03-08 07:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-14 03:54 . 2009-03-08 07:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll
+ 2010-10-09 22:03 . 2010-09-07 15:12 38848 c:\windows\avastSS.scr
+ 2010-10-10 16:20 . 2010-10-10 16:20 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\4b76ee7cffa5a925f16967eb6d44d79e\WindowsLiveWriter.ni.exe
+ 2010-10-10 16:21 . 2010-10-10 16:21 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0f3ef21a166df82d34e0147cfa308256\WindowsLive.Writer.Api.ni.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-10-10 02:23 . 2010-10-10 02:23 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-10-10 02:22 . 2010-10-10 02:22 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-10-10 13:20 . 2010-10-10 13:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-10 01:53 . 2008-04-14 12:00 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-10-10 02:23 . 2008-04-14 12:00 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-14 03:55 . 2008-04-14 12:00 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-10-10 01:53 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-10-10 01:53 . 2010-06-23 00:57 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-10-10 02:21 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll
+ 2010-10-10 02:21 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982802\spmsg.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-10-10 02:27 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-10-10 02:27 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-14 03:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-14 03:55 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-10-10 01:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-10-10 01:53 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-14 03:48 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll
+ 2010-10-14 03:48 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB981957\spmsg.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-10-09 22:52 . 2010-06-17 13:45 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll+ 2010-10-10 02:22 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-10-10 02:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-10-10 02:02 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-10-10 02:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-10-10 02:03 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-14 03:46 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2010-10-14 03:46 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll
+ 2010-10-10 02:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-10-10 02:23 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2345886\spmsg.dll
+ 2010-08-27 06:01 . 2010-08-27 06:01 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll
+ 2010-10-10 01:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-10-10 01:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 18296 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-10-10 02:17 . 2009-05-26 09:00 26488 c:\windows\$hf_mig$\KB2183461-IE8\update\spcustom.dll
+ 2010-10-10 02:17 . 2009-05-26 09:00 18296 c:\windows\$hf_mig$\KB2183461-IE8\spmsg.dll
+ 2010-10-09 23:29 . 2010-06-24 12:29 12800 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\xpshims.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 55296 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeedsbs.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 25600 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\jsproxy.dll
+ 2010-10-10 02:10 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-10-10 02:10 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-10-10 02:22 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-10-10 02:22 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2079403\spmsg.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-05 10:24 . 2010-08-27 01:43 5120 c:\windows\system32\xpsp4res.dll
+ 2010-10-28 20:52 . 2008-04-13 13:39 5504 c:\windows\system32\drivers\MSTEE.sys
+ 2010-10-28 20:52 . 2008-04-13 13:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2009-10-08 18:32 . 2010-12-17 14:03 4096 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2010-10-10 02:20 . 2010-10-10 02:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-10-10 02:21 . 2008-05-05 10:24 3072 c:\windows\$NtUninstallKB982802$\xpsp4res.dll
+ 2010-10-14 03:46 . 2010-07-22 06:19 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-14 03:55 . 2010-08-13 21:44 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2010-07-22 06:19 . 2010-07-22 06:19 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\sprv0416.dll
+ 2010-07-12 13:19 . 2010-07-12 13:19 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\sprv0416.dll
+ 2010-10-13 21:36 . 2010-08-13 21:44 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\sprv0416.dll
+ 2010-08-27 01:43 . 2010-08-27 01:43 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\sprv0416.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 03:05 . 2009-07-12 03:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2010-10-28 20:50 . 2008-08-08 19:55 348160 c:\windows\twain_32\JL2005C\jlisp.dll
+ 2010-10-28 20:50 . 2007-11-07 20:03 696320 c:\windows\twain_32\JL2005C\jl2005_ip.dll
+ 2010-01-27 02:09 . 2010-01-27 02:09 281104 c:\windows\system32\wpcap.dll
+ 2008-04-14 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\winsrv.dll
+ 2008-04-14 12:00 . 2010-04-16 15:37 406016 c:\windows\system32\usp10.dll
+ 2008-04-14 12:00 . 2010-08-27 08:03 119808 c:\windows\system32\t2embed.dll
+ 2008-04-14 12:00 . 2010-06-30 12:32 149504 c:\windows\system32\schannel.dll
+ 2008-04-14 12:00 . 2010-08-16 08:44 590848 c:\windows\system32\rpcrt4.dll
+ 2008-04-14 12:00 . 2010-11-02 11:21 471592 c:\windows\system32\perfh016.dat
+ 2008-04-14 12:00 . 2010-11-02 11:21 435772 c:\windows\system32\perfh009.dat
+ 2010-01-27 02:09 . 2010-01-27 02:09 100880 c:\windows\system32\Packet.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 206848 c:\windows\system32\occache.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 07:32 . 2010-11-06 00:21 602112 c:\windows\system32\msfeeds.dll
+ 2006-10-19 00:47 . 2010-03-30 15:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2008-04-14 12:00 . 2010-09-18 15:23 974848 c:\windows\system32\mfc42u.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2010-11-22 21:41 . 2010-11-22 21:41 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
+ 2010-11-02 23:51 . 2010-11-02 23:51 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe
+ 2010-11-02 23:51 . 2010-11-02 23:51 311760 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.dll
+ 2010-08-25 17:32 . 2010-08-25 17:32 552960 c:\windows\system32\Logof.dll
+ 2010-10-28 20:50 . 2005-12-15 19:34 135168 c:\windows\system32\jl_jdct.drv
+ 2009-10-08 17:41 . 2010-06-09 07:44 692736 c:\windows\system32\inetcomm.dll
+ 2010-06-11 00:40 . 2010-06-11 00:40 922112 c:\windows\system32\imapi2fs.dll
+ 2010-06-11 00:40 . 2010-06-11 00:40 426496 c:\windows\system32\imapi2.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 184320 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
+ 2009-10-08 14:31 . 2010-12-17 13:54 290088 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys
+ 2010-10-09 22:03 . 2010-09-07 14:52 165584 c:\windows\system32\drivers\aswSP.sys
+ 2010-10-09 22:03 . 2010-09-07 14:47 100176 c:\windows\system32\drivers\aswmon2.sys
+ 2010-07-27 20:44 . 2010-07-27 20:44 107808 c:\windows\system32\dns-sd.exe
+ 2009-10-08 17:39 . 2010-07-16 11:57 218624 c:\windows\system32\dllcache\wordpad.exe
+ 2008-04-14 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2010-04-16 15:37 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 12:00 . 2010-08-27 08:03 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys
+ 2008-04-14 12:00 . 2010-06-30 12:32 149504 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 12:00 . 2010-08-16 08:44 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2008-04-14 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-10-08 17:41 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-10-16 12:53 . 2010-11-06 00:21 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-10-08 17:41 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2009-10-08 17:41 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2009-10-08 17:41 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-10-08 17:41 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2010-03-30 15:24 . 2010-03-30 15:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2008-04-14 12:00 . 2010-09-18 15:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2009-10-08 17:41 . 2010-06-09 07:44 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-06-11 00:40 . 2010-06-11 00:40 922112 c:\windows\system32\dllcache\imapi2fs.dll
+ 2010-06-11 00:40 . 2010-06-11 00:40 426496 c:\windows\system32\dllcache\imapi2.dll
+ 2009-10-16 12:53 . 2010-11-06 00:21 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-07-03 18:25 . 2010-11-06 00:21 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-10-08 17:41 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2008-04-14 12:00 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2010-10-09 22:03 . 2010-09-07 15:11 167592 c:\windows\system32\aswBoot.exe
+ 2009-10-08 17:41 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-09-22 12:43 . 2010-09-22 12:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-05-11 09:40 . 2010-05-11 09:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 09:40 . 2010-05-11 09:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-11-12 14:23 . 2010-11-12 14:23 884736 c:\windows\Installer\c34c65.msp
+ 2010-09-24 00:02 . 2010-09-24 00:02 798208 c:\windows\Installer\43d12.msp
+ 2010-10-09 22:03 . 2010-10-09 22:03 219648 c:\windows\Installer\264f63.msi
+ 2010-12-04 01:57 . 2010-12-04 01:57 811008 c:\windows\Installer\2103495.msi
+ 2009-10-08 18:32 . 2010-12-17 14:03 409600 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 286720 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 249856 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 794624 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 135168 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-08 18:32 . 2010-12-17 14:03 593920 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2010-10-23 16:32 . 2010-10-23 20:30 380928 c:\windows\Installer\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}\iTunesIco.exe
+ 2007-04-19 16:01 . 2007-04-19 16:01 238424 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL
+ 2007-01-16 22:32 . 2007-01-16 22:32 136032 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL
+ 2007-04-19 15:54 . 2007-04-19 15:54 169312 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL
+ 2010-12-23 03:27 . 2010-09-10 05:51 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-23 03:27 . 2010-07-05 13:12 395128 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-23 03:27 . 2010-02-22 14:19 233336 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-23 03:27 . 2010-09-10 05:51 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-23 03:27 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2010-10-14 03:54 . 2010-06-24 12:24 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-14 03:54 . 2010-07-05 13:12 395128 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-14 03:54 . 2010-06-24 12:24 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-14 03:54 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-10-10 02:17 . 2010-05-06 10:34 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll
+ 2010-10-10 02:17 . 2010-02-22 14:20 395128 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll
+ 2010-10-10 02:17 . 2009-05-26 09:00 233336 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe
+ 2010-10-10 02:17 . 2010-05-06 10:34 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll
+ 2010-10-10 02:17 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe
+ 2010-10-10 02:07 . 2010-10-10 02:07 835584 c:\windows\assembly\tmp\T4CJRZ6E\System.Web.Mobile.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 835584 c:\windows\assembly\tmp\5FMU2AIQ\System.Web.Mobile.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-10-10 16:21 . 2010-10-10 16:21 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\cf67b75a1da96795723d2034e48ba183\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f7eecdbf8f73f127df632e81bc835484\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd5335b13b4ce8f10990c752f3c0a6b9\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cf5151086dd038a82602c9167c9acad5\WindowsLive.Writer.Passport.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc7d0d688ca1fb7bd0e0ba3f17e3add1\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c46d84073499887c745801bda334c97f\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\879fd6f22250247f79ee663b80199b73\WindowsLive.Writer.Localization.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\80ce7f3c877dff36e07711517ed49b19\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\796b11733fd16a0128c89ae37abce0f4\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\70cc2bbf8d87c63f36d05bf7a4a01a69\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\69968aa6fb3a6fb47df1b2dd59f1e1a2\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5efde99101ca1afd5ad2b21f793e2854\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36888cd642eab375b37c2d8ae121d2ad\WindowsLive.Writer.Controls.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\323d5898b41430c73305874d4b93bf25\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0e5d49b051e355c696ed7a2b5b24a623\WindowsLive.Writer.Interop.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0d82d08289c6b8f928d8804f69f959ec\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b34623aa698e02b699e5b4706b1cd248\WindowsLive.Client.ni.dll
+ 2010-10-10 13:12 . 2010-10-10 13:12 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-10-10 16:19 . 2010-10-10 16:19 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-10-10 16:19 . 2010-10-10 16:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-10-10 02:28 . 2010-10-10 02:28 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-10-10 16:21 . 2010-10-10 16:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-10-10 02:25 . 2010-10-10 02:25 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-10-10 02:25 . 2010-10-10 02:25 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-10-10 02:25 . 2010-10-10 02:25 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-10-10 02:25 . 2010-10-10 02:25 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-10-10 16:21 . 2010-10-10 16:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-10-10 13:22 . 2010-10-10 13:22 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-10-10 02:21 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982802$\spuninst\updspapi.dll
+ 2010-10-10 02:21 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982802$\spuninst\spuninst.exe
+ 2010-10-10 02:21 . 2009-04-15 14:53 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll
+ 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-10-10 02:27 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-10-10 02:27 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-10-10 02:27 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2009-10-15 16:32 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-14 03:55 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe
+ 2010-10-10 01:53 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-10-10 01:53 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-10-14 03:48 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll
+ 2010-10-14 03:48 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe
+ 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-10-10 02:02 . 2008-04-14 12:00 406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-10-10 02:02 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll
+ 2010-10-10 02:02 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe
+ 2010-10-10 02:03 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-10-10 02:03 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-10-10 02:03 . 2009-06-25 08:27 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-10-14 03:54 . 2008-04-21 21:15 216064 c:\windows\$NtUninstallKB979687$\wordpad.exe
+ 2010-10-14 03:54 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe
+ 2010-10-10 02:26 . 2007-07-28 02:11 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll
+ 2010-10-10 02:26 . 2007-07-28 00:07 233336 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe
+ 2010-10-10 02:26 . 2006-10-19 00:47 317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll
+ 2010-11-22 21:55 . 2010-06-11 00:40 379184 c:\windows\$NtUninstallKB952011$\spuninst\updspapi.dll
+ 2010-11-22 21:55 . 2010-06-11 00:40 221488 c:\windows\$NtUninstallKB952011$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2008-04-14 12:00 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-14 03:55 . 2008-04-14 12:00 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-14 03:55 . 2008-04-14 12:00 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-14 03:55 . 2007-07-28 02:11 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2007-07-28 00:07 233336 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe
+ 2010-10-14 03:46 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll
+ 2010-10-14 03:46 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe
+ 2010-10-14 03:46 . 2010-07-22 15:46 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-10-10 02:23 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll
+ 2010-10-10 02:23 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2010-06-21 15:27 354304 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2008-04-14 12:00 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-10-10 01:54 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-10-10 01:54 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe
+ 2010-10-14 03:55 . 2010-04-20 05:31 285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 395128 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 233336 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe
+ 2010-10-10 02:26 . 2010-02-22 22:50 395128 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-10-10 02:26 . 2008-04-14 12:00 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-10-10 02:10 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-10-10 02:10 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe
+ 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe
+ 2010-10-10 01:53 . 2010-01-29 15:00 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-10-10 02:22 . 2008-04-14 12:00 293888 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe
+ 2010-10-10 02:26 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-10-10 02:22 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-10-10 02:22 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-10-10 02:21 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982802\update\updspapi.dll
+ 2010-10-10 02:21 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982802\update\update.exe+ 2010-10-10 02:21 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982802\spuninst.exe
+ 2010-07-23 06:17 . 2010-07-23 06:17 590848 c:\windows\$hf_mig$\KB982802\SP3QFE\rpcrt4.dll
+ 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982665\update\update.exe+ 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-10-10 02:27 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-10-10 02:27 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982214\update\update.exe+ 2010-10-10 02:27 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-10-09 23:04 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-10-14 03:55 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-14 03:55 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB982132\update\update.exe+ 2010-10-14 03:55 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-10-10 01:53 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-10-10 01:53 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB981997\update\update.exe+ 2010-10-10 01:53 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-10-14 03:48 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB981957\update\updspapi.dll
+ 2010-10-14 03:48 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB981957\update\update.exe+ 2010-10-14 03:48 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB981957\spuninst.exe
+ 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB981852\update\update.exe+ 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-10-10 02:02 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-10-10 02:02 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB981322\update\update.exe+ 2010-10-10 02:02 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:30 . 2010-04-16 15:30 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-10-10 02:03 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-10-10 02:03 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB980436\update\update.exe+ 2010-10-10 02:03 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:24 . 2010-06-30 12:24 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-10-14 03:54 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB979687\update\update.exe+ 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-16 11:56 . 2010-07-16 11:56 218624 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-14 03:55 . 2010-07-05 13:12 760696 c:\windows\$hf_mig$\KB2387149\update\update.exe+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-13 21:36 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-13 21:36 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-13 21:36 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-13 21:36 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-14 03:46 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2010-10-14 03:46 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2360937\update\update.exe+ 2010-10-14 03:46 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2010-10-13 21:36 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2010-10-14 03:54 . 2010-07-05 13:12 395128 c:\windows\$hf_mig$\KB2360131-IE8\update\updspapi.dll
+ 2010-10-14 03:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2360131-IE8\update\update.exe+ 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2360131-IE8\spuninst.exe
+ 2010-10-13 21:40 . 2010-09-10 05:49 919552 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 206848 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\occache.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 611840 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mstime.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 602112 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeeds.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 247808 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieproxy.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 184320 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iepeers.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 743424 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedvtool.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 387584 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedkcs32.dll
+ 2010-10-13 21:40 . 2010-09-08 15:49 173056 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ie4uinit.exe
+ 2010-10-10 02:23 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-10-10 02:23 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2347290\update\update.exe+ 2010-10-10 02:23 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2345886\update\update.exe+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2010-10-10 01:54 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-10-10 01:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2286198\update\update.exe+ 2010-10-10 01:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-14 03:55 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2279986\update\update.exe+ 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-09-01 11:49 . 2010-09-01 11:49 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 395128 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll
+ 2010-10-10 02:26 . 2009-05-26 09:00 760696 c:\windows\$hf_mig$\KB2259922\update\update.exe+ 2010-10-10 02:26 . 2009-05-26 09:00 233336 c:\windows\$hf_mig$\KB2259922\spuninst.exe
+ 2010-10-10 02:26 . 2010-02-22 22:50 395128 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-10-10 02:26 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2229593\update\update.exe+ 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-10-09 22:25 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-10-10 02:17 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2183461-IE8\update\updspapi.dll
+ 2010-10-10 02:17 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2183461-IE8\update\update.exe+ 2010-10-10 02:17 . 2009-05-26 09:00 233336 c:\windows\$hf_mig$\KB2183461-IE8\spuninst.exe
+ 2010-10-09 23:29 . 2010-06-24 12:29 919040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
+ 2010-10-09 23:29 . 2010-06-24 12:29 206848 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\occache.dll
+ 2010-10-09 23:29 . 2010-06-24 12:29 611840 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mstime.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 599040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeeds.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 247808 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieproxy.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 184320 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iepeers.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 743424 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedvtool.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 387584 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedkcs32.dll
+ 2010-10-09 23:29 . 2010-06-23 11:31 173056 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ie4uinit.exe
+ 2010-10-10 02:10 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-10-10 02:10 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2160329\update\update.exe+ 2010-10-10 02:10 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-10-10 01:53 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2141007\update\update.exe+ 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-06-09 07:42 . 2010-06-09 07:42 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-10-10 02:22 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2121546\update\update.exe+ 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:46 . 2010-06-18 17:46 293888 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-10-10 02:26 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2115168\update\update.exe+ 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-10-10 02:22 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-10-10 02:22 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2079403\update\update.exe+ 2010-10-10 02:22 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2010-10-13 21:35 . 2010-08-23 16:11 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 03:02 . 2009-07-12 03:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 1210880 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2010-07-27 06:29 8492032 c:\windows\system32\shell32.dll
+ 2008-04-14 12:00 . 2010-07-16 12:00 1287680 c:\windows\system32\ole32.dll
+ 2008-04-14 12:00 . 2010-04-28 18:13 2194176 c:\windows\system32\ntoskrnl.exe
+ 2008-04-13 19:00 . 2010-04-28 05:43 2071040 c:\windows\system32\ntkrnlpa.exe
+ 2008-04-14 12:00 . 2010-06-14 07:42 1172480 c:\windows\system32\msxml3.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 5959168 c:\windows\system32\mshtml.dll
+ 2010-11-22 21:41 . 2010-11-22 21:41 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-03-08 07:32 . 2010-11-06 00:21 1991680 c:\windows\system32\iertutil.dll
+ 2010-12-04 02:30 . 2010-09-28 17:44 4184352 c:\windows\system32\DRVSTORE\usbaapl_DECA0B114863448FE4957E5F5676B09528A18C9F\usbaaplrc.dll
+ 2010-12-04 02:31 . 2010-04-19 22:29 1461992 c:\windows\system32\DRVSTORE\netaapl_A0C073C4137716F9478B8B08B2873A7AB3AECF72\wdfcoinstaller01009.dll
+ 2008-04-14 12:00 . 2010-10-26 13:58 1853440 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 12:00 . 2010-11-06 00:21 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2010-07-27 06:29 8492032 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 12:00 . 2010-07-16 12:00 1287680 c:\windows\system32\dllcache\ole32.dll
+ 2008-04-14 12:00 . 2010-04-28 18:13 2194176 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-10-12 00:56 . 2010-04-28 05:43 2028544 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-04-13 19:00 . 2010-04-28 05:43 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-10-12 00:56 . 2010-04-28 05:43 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 12:00 . 2010-06-14 07:42 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-04-14 12:00 . 2010-11-06 00:21 5959168 c:\windows\system32\dllcache\mshtml.dll
+ 2009-10-08 17:41 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-10-16 12:53 . 2010-11-06 00:21 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2010-09-22 12:44 . 2010-09-22 12:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-05-11 09:40 . 2010-05-11 09:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 09:40 . 2010-05-11 09:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-10-22 17:45 . 2010-10-22 17:45 8444928 c:\windows\Installer\c34c85.msp
+ 2010-10-01 23:53 . 2010-10-01 23:53 4147712 c:\windows\Installer\c34c4c.msp
+ 2010-12-06 17:02 . 2010-12-06 17:02 5518848 c:\windows\Installer\7108b.msp
+ 2010-10-23 16:32 . 2010-10-23 16:32 6333440 c:\windows\Installer\67324d.msi
+ 2010-08-05 16:16 . 2010-08-05 16:16 4034560 c:\windows\Installer\43d8e.msp
+ 2010-06-28 19:01 . 2010-06-28 19:01 7677952 c:\windows\Installer\43d6d.msp
+ 2010-05-25 14:45 . 2010-05-25 14:45 8445440 c:\windows\Installer\43d58.msp
+ 2010-06-11 20:55 . 2010-06-11 20:55 1827328 c:\windows\Installer\43d40.msp
+ 2010-06-29 01:53 . 2010-06-29 01:53 6819840 c:\windows\Installer\43d27.msp
+ 2010-08-20 16:50 . 2010-08-20 16:50 5518848 c:\windows\Installer\43cf7.msp
+ 2010-09-23 10:39 . 2010-09-23 10:39 4265472 c:\windows\Installer\43ce2.msp
+ 2010-08-04 18:12 . 2010-08-04 18:12 1004544 c:\windows\Installer\43cd8.msp
+ 2010-08-25 20:06 . 2010-08-25 20:06 6479360 c:\windows\Installer\43cd1.msp
+ 2010-07-10 23:14 . 2010-07-10 23:14 2850816 c:\windows\Installer\43cbd.msp
+ 2010-10-23 14:53 . 2010-10-23 14:53 1984000 c:\windows\Installer\33e1a4.msi
+ 2011-01-13 20:04 . 2011-01-13 20:04 9472000 c:\windows\Installer\270c17f.msi
+ 2010-09-17 08:04 . 2010-09-17 08:04 9401856 c:\windows\Installer\23294c7.msp
+ 2010-10-01 19:42 . 2010-10-01 19:42 5054464 c:\windows\Installer\23294aa.msp
+ 2010-10-22 15:25 . 2010-10-22 15:25 5521408 c:\windows\Installer\2329495.msp
+ 2010-12-04 02:31 . 2010-12-04 02:32 3085312 c:\windows\Installer\21034e2.msi
+ 2010-08-13 20:59 . 2010-08-13 20:59 8182272 c:\windows\Installer\19daa11.msp
+ 2010-08-13 21:02 . 2010-08-13 21:02 2545664 c:\windows\Installer\19daa09.msp
+ 2010-08-23 20:09 . 2010-08-23 20:09 7673344 c:\windows\Installer\19daa01.msp
+ 2010-10-04 19:32 . 2010-10-04 19:32 5517824 c:\windows\Installer\19da9ec.msp
+ 2010-08-24 12:49 . 2010-08-24 12:49 6825472 c:\windows\Installer\19da9d7.msp
+ 2007-05-10 15:43 . 2007-05-10 15:43 6688096 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE
+ 2009-08-20 19:23 . 2009-08-20 19:23 4672872 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6514\WRD12CNV.DLL
+ 2010-12-23 03:27 . 2010-09-10 05:51 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-23 03:27 . 2010-09-10 05:51 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 1210368 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 5951488 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-10-14 03:54 . 2010-06-24 12:24 1986560 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll
+ 2009-10-12 00:56 . 2010-04-28 18:13 2194176 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-10-12 00:56 . 2010-04-28 05:43 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-10 22:07 . 2010-04-28 05:43 2071040 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-10-12 00:56 . 2010-04-28 05:43 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-10 02:09 . 2010-10-10 02:09 3182592 c:\windows\assembly\tmp\X7FNV3AI\System.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 2018816 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ec6601e9b75d691ee7339616559b5232\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7226cd21c68247fa3b23612fa1b848f9\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4f183789843f054fba4ea676b9637b04\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-10-10 02:22 . 2010-10-10 02:22 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-10-10 02:22 . 2010-10-10 02:22 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-10 16:27 . 2010-10-10 16:27 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-10-10 16:19 . 2010-10-10 16:19 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-10-10 02:28 . 2010-10-10 02:28 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-10-10 16:19 . 2010-10-10 16:19 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-10-10 02:28 . 2010-10-10 02:28 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-10-10 02:26 . 2010-10-10 02:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-10-10 02:26 . 2010-10-10 02:26 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-10-10 16:22 . 2010-10-10 16:22 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-10-10 02:26 . 2010-10-10 02:26 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-10-10 02:26 . 2010-10-10 02:26 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-10-10 02:25 . 2010-10-10 02:25 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-10-10 02:22 . 2010-10-10 02:22 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-10-10 16:23 . 2010-10-10 16:23 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-10-10 16:21 . 2010-10-10 16:21 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-10 02:22 . 2010-10-10 02:22 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-10-10 02:20 . 2010-10-10 02:20 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-10-10 01:53 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-10-14 03:48 . 2010-06-24 09:02 1852032 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-10-10 02:22 . 2010-02-17 17:07 2194176 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-10-10 02:22 . 2010-02-16 19:07 2028544 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-10-10 02:22 . 2010-02-16 19:07 2071040 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-10-10 02:22 . 2010-02-16 19:07 2150400 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-10-14 03:54 . 2008-04-14 12:00 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-10-14 03:55 . 2008-04-14 12:00 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2010-10-10 01:54 . 2008-06-17 19:02 8491008 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-10-10 02:10 . 2010-05-02 08:08 1851392 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-10-10 02:22 . 2009-07-31 04:33 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-10-09 23:08 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-09-01 07:57 . 2010-09-01 07:57 1862016 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys
+ 2010-10-09 22:52 . 2010-04-28 05:18 2194304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-10-09 22:52 . 2010-04-28 05:17 2028544 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-29 02:18 . 2010-04-29 02:18 2071168 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-10-09 22:52 . 2010-04-28 05:18 2150400 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-07-16 11:59 . 2010-07-16 11:59 1288704 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
+ 2010-10-13 21:40 . 2010-09-10 05:49 1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
+ 2010-07-27 06:28 . 2010-07-27 06:28 8493056 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-10-09 23:29 . 2010-06-24 12:29 1211904 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\urlmon.dll
+ 2010-10-09 23:29 . 2010-06-24 12:29 5954560 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 1987072 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll
+ 2010-06-24 21:29 . 2010-06-24 21:29 1861248 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:40 . 2010-06-14 07:40 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2008-04-14 12:00 . 2010-08-26 02:36 10841088 c:\windows\system32\wmp.dll
+ 2009-10-13 19:56 . 2011-01-15 05:01 37403080 c:\windows\system32\MRT.exe
+ 2009-03-08 07:39 . 2010-11-06 00:21 11080704 c:\windows\system32\ieframe.dll
+ 2008-04-14 12:00 . 2010-08-26 02:36 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-10-16 12:53 . 2010-11-06 00:21 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2010-12-17 01:57 . 2010-12-17 01:57 20304384 c:\windows\Installer\c34c70.msp
+ 2010-06-11 20:52 . 2010-06-11 20:52 45542912 c:\windows\Installer\43d41.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 c:\windows\Installer\43d0b.msp
+ 2010-10-10 02:16 . 2010-10-10 02:16 20303872 c:\windows\Installer\43d02.msp
+ 2010-10-14 18:57 . 2010-10-14 18:57 11189248 c:\windows\Installer\23294bf.msp
+ 2010-12-23 03:27 . 2010-09-10 05:51 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2010-10-14 03:54 . 2010-06-24 20:54 11077120 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2010-10-10 02:17 . 2010-05-06 10:34 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll
+ 2010-10-10 02:29 . 2010-10-10 02:29 12024832 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38B.tmp\System.Windows.Forms.dll
+ 2010-10-10 13:11 . 2010-10-10 13:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-10-10 16:20 . 2010-10-10 16:20 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-10 16:19 . 2010-10-10 16:19 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-10 02:27 . 2010-10-10 02:27 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-10-10 02:24 . 2010-10-10 02:25 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-10-10 02:23 . 2010-10-10 02:23 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-10-10 02:22 . 2010-10-10 02:22 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
+ 2010-10-14 03:55 . 2009-07-14 02:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2010-09-10 14:19 . 2010-09-10 14:19 11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
+ 2010-10-09 23:29 . 2010-06-24 12:28 11079168 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll
.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
2010-10-18 14:26 3908192 ----a-w- c:\arquivos de programas\Softonic_Brasil\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-18 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"mcui_exe"="c:\arquivos de programas\McAfee.com\Agent\mcagent.exe" [2010-11-22 1193848]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-11-29 421888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
McAfee Security Scan Plus.lnk - c:\arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Atualizador Automatico - Folhamatic.lnk]
backup=c:\windows\pss\Atualizador Automatico - Folhamatic.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Auto Backup - Folhamatic.LNK]
backup=c:\windows\pss\Auto Backup - Folhamatic.LNKCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk]
backup=c:\windows\pss\BTTray.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-05-10 14:12 90112 ----a-w- c:\arquivos de programas\ATI Technologies\ATI.ACE\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-08-16 03:20 53248 ------w- c:\arquivos de programas\Realtek\InstallShield\AzMixerSel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 02:12 49152 ----a-w- c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-05-15 18:55 1057328 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-17 10:15 221184 ----a-w- c:\arquiv~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-17 10:15 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 04:10 421160 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-06 01:55 54832 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2006-09-07 11:52 479232 ----a-w- c:\arquiv~1\LAUNCH~1\QtZgAcer.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2010-11-22 20:15 1193848 ----a-w- c:\arquivos de programas\McAfee.com\Agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 01:12 3872080 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem]
2009-07-29 17:01 1962648 ----a-w- c:\arquivos de programas\Nokia\Nokia Internet Modem\Wellphone2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 19:38 421888 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-23 18:10 56928 ------w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-08-16 03:23 16248320 ----a-w- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-05-15 18:55 1628208 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-08-16 03:21 2879488 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 19:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 17:21 246504 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Ares\\Ares.exe"=
"c:\\folhawin\\atualizador\\atualizador.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Arquivos comuns\\McAfee\\McSvcHost\\McSvHost.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [09/10/2010 20:03 165584]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [19/11/2010 18:00 84072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/10/2010 20:03 17744]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\McAfee\SiteAdvisor\McSACore.exe [19/03/2010 18:44 88176]
R2 McMPFSvc;McAfee Personal Firewall;"c:\arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480]
R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe [19/11/2010 18:00 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [19/11/2010 18:00 141792]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 00:09 50704]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [19/11/2010 18:00 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [19/11/2010 18:00 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544]
S2 0007201295044842mcinstcleanup;McAfee Application Installer Cleanup (0007201295044842);c:\windows\TEMP\000720~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\000720~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [09/10/2010 20:05 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 10:49 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [19/11/2010 18:00 84264]
S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [22/06/2009 14:41 18688]
S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [22/06/2009 14:41 27008]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [09/10/2009 18:29 98432]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01/08/2010 15:10 691696]
--- =Outros Serviços/Drivers Na Memória ---
NewlyCreated - 0007201295044842MCINSTCLEANUP
Deregistered - mfeavfk01
.
Conteúdo da pasta 'Tarefas Agendadas'
2011-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job
2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-01-15 c:\windows\Tasks\OGALogon.job
2011-01-15 c:\windows\Tasks\User_Feed_Synchronization-{2DFD6A99-60EB-42AE-BE0E-4865A1A7142D}.job
2011-01-15 c:\windows\Tasks\User_Feed_Synchronization-{A63760CC-2B08-48B6-A9DA-BAA3844E50E8}.job
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab
FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\bk6df2gu.default\
.
MSConfigStartUp-Adobe ARM - c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-15 04:52
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):50,05,62,cd,7b,51,fe,26,e2,1b,22,a3,82,32,a7,8d,3a,da,2d,e6,e3,
a9,df,53,d8,64,3a,58,b3,41,43,69,5d,12,51,c3,0f,92,67,70,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8ee7e689-a3ca-4a4c-aaa9-0a24f3ee9427}]
@Denied: (Full) (Everyone)
"Model"=dword:000000de
"Therad"=dword:0000000b
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\Ati2evxx.dll
.
Tempo para conclusão: 2011-01-15 04:57:30
ComboFix-quarantined-files.txt 2011-01-15 06:57
ComboFix2.txt 2010-09-18 15:23
ComboFix3.txt 2010-09-18 14:05
ComboFix4.txt 2010-03-18 21:15
Pré-execução: 27 pasta(s) 51.535.286.272 bytes disponíveis
Pós execução: 28 pasta(s) 51.864.711.168 bytes disponíveis
Olá!
Por favor, siga as instruções abaixo:
<< 1 >>
-
c:\windows\system32\GPhotos.scr
[*]Clique no botão /applications/core/interface/imageproxy/imageproxy.php?img=http://i1.tinypic.com/688godt.jpg&key=af964c7063a589fb848a86a08a362b70af2cc6ac0c6df895aa469059716e0691" alt="688godt.jpg" />
[*]O(s) arquivo(s) irá(serão) ser examinado(s) por diferentes softwares antivirus, por favor aguarde.
[*]Copie e cole o(s) resultado(s).
Se o site acima estiver muito congestionado, tente num desses sites:
<< 2 >>
Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
Registry::
[-HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
-
Não use o mouse nem o teclado quando o ComboFix estiver rodando.
Abraços :D
Resultado do scan do arquivo GPhotos.scr
Filename: GPhotos.scr
Status: Scan finished. 0 out of 18 scanners reported malware.
Scan taken on: Wed 19 Jan 2011 22:53:06 (CET) Permalink
--------------------------------------------------------------------------------
Additional info
File size: 4280320 bytes
Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5: 27a89e12360ea1f2e894d6c1884e74b7
SHA1: 8876c25e1be840087fb3d318121bfb0e5df520bc
Scanners
2011-01-19 Found nothing 2011-01-19 Found nothing
Scanner unavailable 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-18 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing
------------------------------------------------------------------------------------------------------
Resultado do scan do arquivo ndproxy.sys
Jotti's malware scan
Filename: ndproxy.sys
Status: Scan finished. 0 out of 19 scanners reported malware.
Scan taken on: Wed 19 Jan 2011 22:59:33 (CET) Permalink
--------------------------------------------------------------------------------
Additional info
File size: 40960 bytes
Filetype: PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5: 9282bd12dfb069d3889eb3fcc1000a9b
SHA1: f76e50cf3a2a40a2d71437c7662cff8be9be037f
Packer (Kaspersky): PE_Patch
Scanners
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing 2011-01-18 Found nothing
2011-01-19 Found nothing 2011-01-19 Found nothing
2011-01-19 Found nothing
-----------------------------------------------------------------
Log do ComboFix
ComboFix 11-01-18.04 - Usuario 19/01/2011 20:38:18.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.440 [GMT -2:00]
Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Usuario\Desktop\CFScript.txt
AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee Anti-Virus e Anti-Spyware Disabled/Updated {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall Disabled {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-19 to 2011-01-19 ))))))))))))))))))))))))))))
.
2011-01-19 21:37 . 2011-01-19 21:37 -------- d-----w- c:\windows\LastGood
2011-01-15 04:43 . 2011-01-15 04:44 -------- d-----w- c:\arquivos de programas\Ad-Remover
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin7.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin6.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin5.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin4.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin3.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin2.dll
2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin.dll
2011-01-13 09:25 . 2011-01-13 09:25 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Malwarebytes
2011-01-13 09:24 . 2010-12-20 20:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2011-01-13 09:24 . 2010-12-20 20:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2011-01-07 23:44 . 2011-01-07 23:44 388608 ----a-w- C:\HiJackThis.exe
2011-01-04 17:00 . 2011-01-04 17:00 -------- d-----w- c:\documents and settings\Suellen\Dados de aplicativos\PhotoScape
2011-01-03 03:11 . 2011-01-03 03:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 19:38 . 2010-11-29 19:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 19:38 . 2010-11-29 19:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2009-10-08 17:41 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 16:17 . 2010-11-19 20:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-11-12 16:17 . 2010-11-19 20:00 141792 ----a-w- c:\windows\system32\mfevtps.exe
2010-11-12 16:17 . 2010-11-19 20:00 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2010-11-12 16:17 . 2010-11-19 20:00 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-11-12 16:17 . 2010-11-19 20:00 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2010-11-12 16:17 . 2010-11-19 20:00 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-11-12 16:17 . 2010-11-19 20:00 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-11-12 16:17 . 2010-11-19 20:00 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-11-12 16:17 . 2010-11-19 20:00 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-11-12 16:17 . 2010-03-19 20:39 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-11-12 16:17 . 2010-03-19 20:39 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:21 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((( SnapShot_2011-01-15_06.52.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-19 20:42 . 2011-01-19 20:42 16384 c:\windows\Temp\Perflib_Perfdata_2b8.dat
+ 2011-01-03 03:11 . 2011-01-19 21:38 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-01-15 10:32 . 2011-01-19 21:38 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-10-08 17:48 . 2011-01-19 21:38 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
2010-10-18 14:26 3908192 ----a-w- c:\arquivos de programas\Softonic_Brasil\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192]
[HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-18 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"mcui_exe"="c:\arquivos de programas\McAfee.com\Agent\mcagent.exe" [2010-11-22 1193848]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-11-29 421888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
McAfee Security Scan Plus.lnk - c:\arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Atualizador Automatico - Folhamatic.lnk]
backup=c:\windows\pss\Atualizador Automatico - Folhamatic.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Auto Backup - Folhamatic.LNK]
backup=c:\windows\pss\Auto Backup - Folhamatic.LNKCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk]
backup=c:\windows\pss\BTTray.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-05-10 14:12 90112 ----a-w- c:\arquivos de programas\ATI Technologies\ATI.ACE\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-08-16 03:20 53248 ------w- c:\arquivos de programas\Realtek\InstallShield\AzMixerSel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 02:12 49152 ----a-w- c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-05-15 18:55 1057328 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-17 10:15 221184 ----a-w- c:\arquiv~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-17 10:15 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 04:10 421160 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-06 01:55 54832 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2006-09-07 11:52 479232 ----a-w- c:\arquiv~1\LAUNCH~1\QtZgAcer.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2010-11-22 20:15 1193848 ----a-w- c:\arquivos de programas\McAfee.com\Agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 01:12 3872080 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem]
2009-07-29 17:01 1962648 ----a-w- c:\arquivos de programas\Nokia\Nokia Internet Modem\Wellphone2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 19:38 421888 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-23 18:10 56928 ------w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-08-16 03:23 16248320 ----a-w- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-05-15 18:55 1628208 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-08-16 03:21 2879488 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 19:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 17:21 246504 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Ares\\Ares.exe"=
"c:\\folhawin\\atualizador\\atualizador.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Arquivos comuns\\McAfee\\McSvcHost\\McSvHost.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [09/10/2010 20:03 165584]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [19/11/2010 18:00 84072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/10/2010 20:03 17744]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\McAfee\SiteAdvisor\McSACore.exe [19/03/2010 18:44 88176]
R2 McMPFSvc;McAfee Serviço Personal Firewall;"c:\arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480]
R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe [19/11/2010 18:00 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [19/11/2010 18:00 141792]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 00:09 50704]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [19/11/2010 18:00 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [19/11/2010 18:00 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544]
S2 0229321295473087mcinstcleanup;McAfee Application Installer Cleanup (0229321295473087);c:\windows\TEMP\022932~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\022932~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [09/10/2010 20:05 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 10:49 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [19/11/2010 18:00 84264]
S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [22/06/2009 14:41 18688]
S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [22/06/2009 14:41 27008]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [09/10/2009 18:29 98432]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01/08/2010 15:10 691696]
--- =Outros Serviços/Drivers Na Memória ---
Deregistered - mfeavfk01
.
Conteúdo da pasta 'Tarefas Agendadas'
2011-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-01-19 c:\windows\Tasks\OGALogon.job
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{2DFD6A99-60EB-42AE-BE0E-4865A1A7142D}.job
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{A63760CC-2B08-48B6-A9DA-BAA3844E50E8}.job
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab
FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\bk6df2gu.default\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-19 20:48
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\WININET.dll
c:\arquiv~1\WINDOW~2\wmpband.dll
c:\arquivos de programas\Scpad\scpLIB.dll
c:\arquivos de programas\Scpad\scpMIB.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tempo para conclusão: 2011-01-19 20:52:05
ComboFix-quarantined-files.txt 2011-01-19 22:52
ComboFix2.txt 2011-01-15 06:57
ComboFix3.txt 2010-09-18 15:23
ComboFix4.txt 2010-09-18 14:05
ComboFix5.txt 2011-01-19 22:35
Pré-execução: 27 pasta(s) 53.636.931.584 bytes disponíveis
Pós execução: 28 pasta(s) 53.643.874.304 bytes disponíveis
Olá!
<< 1 >>
Siga o tutorial abaixo e execute o Kaspersky Removal Tool. Depois poste o log gerado.
Tutorial do Kaspersky Virus Removal Tool
<< 2 >>
Siga o tutorial abaixo e execute o Spyware Doctor Starter Edition. Depois poste o log gerado.
Tutorial do Spyware Doctor Starter Edition
Abraços :D
Segue log do Kaspersky, quanto ao log do PCtools Spyware doctor,'não esta sendo possivel fazer verificaçao completa após tres dias verificando e varias reinicializações atinge no maximo 25% e da erro uma tela azul e o computador reinicia sozinho. Quando reinicia ele abre automaticamente na tela do Kaspersky e em seguinda inicia o Inteli-Scan do Spyware doctor.
Verificação automática: concluído 1 dia atrás (eventos: 39, objetos: 3315710, hora: 19:11:46)
22/01/2011 12:22:39 Tarefa iniciada Ação padrão selecionada
22/01/2011 12:24:46 Detectados: Trojan.Win32.AutoRun.abj C:\UsbFix_Upload_Me_ACER.zip/UsbFix_Upload_Me/autorun.inf.UsbFix Ação padrão selecionada
22/01/2011 12:26:18 Excluído: Trojan.Win32.AutoRun.abj C:\UsbFix_Upload_Me_ACER.zip/UsbFix_Upload_Me/autorun.inf.UsbFix Ação padrão selecionada
22/01/2011 12:46:30 Erro de processamento C:\Arquivos de programas\ATI Technologies\ATI.ACE\th\CLI.Aspect.MultiVPU3.Graphics.Dashboard.resources.dll Erro de leitura
22/01/2011 12:56:50 Erro de processamento C:\Arquivos de programas\HP\Digital Imaging\bin\ltefx13n.dll Erro de leitura
22/01/2011 13:14:22 Erro de processamento C:\Arquivos de programas\Mozilla Firefox 4.0 Beta 5\nssckbi.dll Erro de leitura
22/01/2011 13:18:54 Erro de processamento C:\Arquivos de programas\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll Erro de leitura
22/01/2011 16:37:54 Detectados: Worm.Win32.AutoRun.bldz C:\Documents and Settings\Usuario\Meus documentos\Downloads\pcmega_setup.exe/data0000/UPX Ação padrão selecionada
22/01/2011 16:51:50 Excluído: Worm.Win32.AutoRun.bldz C:\Documents and Settings\Usuario\Meus documentos\Downloads\pcmega_setup.exe Ação padrão selecionada
22/01/2011 18:39:12 Detectados: Trojan.Win32.AutoRun.abj C:\UsbFix\Quarantine\E\autorun.inf.UsbFix Ação padrão selecionada
22/01/2011 18:44:05 Erro de processamento C:\WINDOWS\twain_32.dll Erro de leitura
22/01/2011 18:47:04 Erro de processamento C:\WINDOWS\$hf_mig$\KB955069\update\spcustom.dll Erro de leitura
22/01/2011 18:50:22 Excluído: Trojan.Win32.AutoRun.abj C:\UsbFix\Quarantine\E\autorun.inf.UsbFix Ação padrão selecionada
22/01/2011 18:55:58 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll Erro de leitura
22/01/2011 18:57:11 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll Erro de leitura
22/01/2011 19:02:46 Erro de processamento C:\WINDOWS\GeoOCX\WebCam\20090326\PTZ\PtzConfig.dll Erro de leitura
22/01/2011 19:05:05 Erro de processamento C:\WINDOWS\Help\spolsconcepts.chm Erro de leitura
22/01/2011 19:20:25 Erro de processamento C:\WINDOWS\system32\msvidctl.dll Erro de leitura
22/01/2011 19:24:48 Erro de processamento C:\WINDOWS\system32\tapi3.dll Erro de leitura
22/01/2011 19:30:25 Erro de processamento C:\WINDOWS\system32\termmgr.dll Erro de leitura
22/01/2011 19:34:39 Erro de processamento C:\WINDOWS\system32\wavemsp.dll Erro de leitura
22/01/2011 19:43:25 Erro de processamento C:\WINDOWS\system32\wiadss.dll Erro de leitura
22/01/2011 19:54:03 Erro de processamento C:\WINDOWS\system32\dllcache\sysdm.cpl Erro de leitura
22/01/2011 20:57:20 Erro de processamento c:\WINDOWS\system32\msvidctl.dll Erro de leitura
22/01/2011 21:27:59 Erro de processamento C:\Arquivos de programas\ATI Technologies\ATI.ACE\th\CLI.Aspect.MultiVPU3.Graphics.Dashboard.resources.dll Erro de leitura
22/01/2011 21:44:57 Erro de processamento C:\Arquivos de programas\HP\Digital Imaging\bin\ltefx13n.dll Erro de leitura
22/01/2011 22:08:04 Erro de processamento C:\Arquivos de programas\Mozilla Firefox 4.0 Beta 5\nssckbi.dll Erro de leitura
22/01/2011 22:17:26 Erro de processamento C:\Arquivos de programas\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll Erro de leitura
23/01/2011 05:13:10 Erro de processamento C:\WINDOWS\twain_32.dll Erro de leitura
23/01/2011 05:18:06 Erro de processamento C:\WINDOWS\$hf_mig$\KB955069\update\spcustom.dll Erro de leitura
23/01/2011 05:35:47 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll Erro de leitura
23/01/2011 05:37:05 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll Erro de leitura
23/01/2011 05:45:16 Erro de processamento C:\WINDOWS\GeoOCX\WebCam\20090326\PTZ\PtzConfig.dll Erro de leitura
23/01/2011 05:47:44 Erro de processamento C:\WINDOWS\Help\spolsconcepts.chm Erro de leitura
23/01/2011 06:40:46 Erro de processamento C:\WINDOWS\system32\msvidctl.dll Erro de leitura
23/01/2011 06:50:28 Erro de processamento C:\WINDOWS\system32\termmgr.dll Erro de leitura
23/01/2011 06:55:00 Erro de processamento C:\WINDOWS\system32\wavemsp.dll Erro de leitura
23/01/2011 07:04:22 Erro de processamento C:\WINDOWS\system32\wiadss.dll Erro de leitura
23/01/2011 07:34:33 Tarefa concluída Ação padrão selecionada
Olá!
Por favor, poste um novo log do DDS.
Abraços :D
Segue Log DDS.txt
DDS (Ver_10-12-12.02) - NTFSx86
Run by Usuario at 19:18:06,90 on 02/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.320 [GMT -2:00]
AV: McAfee Anti-Virus e Anti-Spyware Enabled/Updated {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall Enabled
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Arquivos de programas\Bonjour\mDNSResponder.exe
C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.EXE
C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe
C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
C:\ARQUIV~1\LAUNCH~1\QtZgAcer.EXE
C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Arquivos de programas\Spyware Doctor\pctsTray.exe
C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Nokia\Nokia Internet Modem\WellPhone2.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\DOCUME~1\Usuario\CONFIG~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe
C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Usuario\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll
BHO: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - c:\arquivos de programas\scpad\scpsssh2.dll
BHO: {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\arquiv~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\arquivos de programas\arquivos comuns\mcafee\systemcore\ScriptSn.20101207191131.dll
BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\arquivos de programas\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\arquivos de programas\free download manager\iefdm2.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
TB: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Nokia Internet Modem] "c:\arquivos de programas\nokia\nokia internet modem\WellPhone2.exe" /background
uRun: [spybotSD TeaTimer] c:\arquivos de programas\spybot - search & destroy\TeaTimer.exe
uRun: [swg] "c:\arquivos de programas\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [iTunesHelper] "c:\arquivos de programas\itunes\iTunesHelper.exe"
mRun: [mcui_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey
mRun: [ATICCC] "c:\arquivos de programas\ati technologies\ati.ace\CLIStart.exe"
mRun: [AzMixerSel] c:\arquivos de programas\realtek\installshield\AzMixerSel.exe
mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"
mRun: [skyTel] SkyTel.EXE
mRun: [securDisc] c:\arquivos de programas\nero\nero 7\incd\NBHGui.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe
mRun: [iSUSPM Startup] c:\arquiv~1\arquiv~1\instal~1\update~1\isuspm.exe -startupmRun: [inCD] c:\arquivos de programas\nero\nero 7\incd\InCD.exe
mRun: [iSUSScheduler] "c:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start
mRun: [LanguageShortcut] "c:\arquivos de programas\cyberlink\powerdvd\language\Language.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [LManager] c:\arquiv~1\launch~1\QtZgAcer.EXE
mRun: [mcagent_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey
mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe
mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\QTTask.exe" -atboottime
mRun: [RemoteControl] "c:\arquivos de programas\cyberlink\powerdvd\PDVDServ.exe"
mRun: [iSTray] "c:\arquivos de programas\spyware doctor\pctsTray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: HonorAutoRunSetting = 0 (0x0)
mPolicies-explorer: HonorAutoRunSetting = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\free download manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\free download manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\free download manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\free download manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000
IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\arquivos de programas\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\arquivos de programas\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\arquivos de programas\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\arquivos de programas\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\arquiv~1\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - c:\arquivos de programas\scpad\scpLIB.dll
STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - c:\arquivos de programas\scpad\scpLIB.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\usuario\dadosd~1\mozilla\firefox\profiles\bk6df2gu.default\
FF - prefs.js: network.proxy.http -
FF - prefs.js: network.proxy.http_port - 0
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\arquivos de programas\google\picasa3\npPicasa3.dll
FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\microsoft\office live\npOLW.dll
FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll
============= SERVICES / DRIVERS ===============
R? fsssvc;Serviço Windows Live Proteção para a Família
R? gupdate;Google Update Service (gupdate)
R? McComponentHostService;McAfee Security Scan Component Host Service
R? mfendisk;McAfee Core NDIS Intermediate Filter
R? mferkdet;McAfee Inc. mferkdet
R? mferkdk;McAfee Inc. mferkdk
R? mfesmfk;McAfee Inc. mfesmfk
R? nokiacpo;Nokia Internet Stick Wireless Modem Service Install
R? nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service
R? utqwodiy;AVZ Kernel Driver
R? zteusbser;ZTE USB Device for Legacy Serial Communication
S? cfwids;McAfee Inc. cfwids
S? fssfltr;fssfltr
S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service
S? McMPFSvc;McAfee Serviço Personal Firewall
S? McNaiAnn;McAfee VirusScan Announcer
S? McProxy;McAfee Proxy Service
S? McShield;McShield
S? mfeavfk;McAfee Inc. mfeavfk
S? mfebopk;McAfee Inc. mfebopk
S? mfefire;McAfee Firewall Core Service
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfendiskmp;mfendiskmp
S? mfetdi2k;McAfee Inc. mfetdi2k
S? mfevtp;McAfee Validation Trust Protection Service
S? npf;NetGroup Packet Filter Driver
S? PCTCore;PCTools KDS
S? sdAuxService;PC Tools Auxiliary Service
S? sdCoreService;PC Tools Security Service
=============== Created Last 30 ================
2011-01-24 03:23:53 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-01-24 03:22:20 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-01-24 03:22:20 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-01-24 03:21:21 -------- d-----w- c:\arquivos de programas\arquivos comuns\PC Tools
2011-01-24 03:21:20 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-01-24 03:20:21 -------- d-----w- c:\docume~1\usuario\dadosd~1\PC Tools
2011-01-24 03:20:21 -------- d-----w- c:\docume~1\alluse~1\dadosd~1\PC Tools
2011-01-24 03:20:21 -------- d-----w- c:\arquivos de programas\Spyware Doctor
2011-01-13 20:04:46 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin7.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin6.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin5.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin4.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin3.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin2.dll
2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin.dll
2011-01-13 09:25:20 -------- d-----w- c:\docume~1\usuario\dadosd~1\Malwarebytes
2011-01-13 09:24:49 -------- d-----w- c:\docume~1\alluse~1\dadosd~1\Malwarebytes
2011-01-13 09:24:43 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2011-01-07 23:44:33 388608 ----a-w- C:\HiJackThis.exe
==================== Find3M ====================
2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 19:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 19:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:15:22 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 16:17:32 141792 ----a-w- c:\windows\system32\mfevtps.exe
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-08 03:20:24 89088 ----a-w- c:\windows\MBR.exe
2010-11-06 00:21:10 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21:08 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
=================== ROOTKIT ====================
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo.
device: opened successfully
user: error reading MBR
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x83B83AB8]
3 CLASSPNP[0xF7612FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x83B73940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
============= FINISH: 19:46:11,28 ===============
Segue Log Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 08/10/2009 14:47:13
System Uptime: 02/02/2011 06:36:02 (13 hours ago)
Motherboard: Acer, Inc. | | Prespa M
Processor: Mobile AMD Sempron Processor 3500+ | Socket M2/S1G1 | 1799/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 112 GiB total, 59,319 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros AR5007EG Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_04281468&REV_01\4&1BF192B7&0&0020
Manufacturer: Atheros
Name: Atheros AR5007EG Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_04281468&REV_01\4&1BF192B7&0&0020
Service: AR5211
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Shockwave Player 11.5
Aplicativos SEFAZ 2002
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ares 2.1.1
Arquivo do WinRAR
Assistente de Conexão do Windows Live
Atheros Wireless LAN
ATI - Utilitário de desinstalação de software
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
Atualização de Segurança para o Windows Media Player (KB2378111)
Atualização de Segurança para o Windows Media Player (KB952069)
Atualização de Segurança para o Windows Media Player (KB954155)
Atualização de Segurança para o Windows Media Player (KB968816)
Atualização de Segurança para o Windows Media Player (KB973540)
Atualização de Segurança para o Windows Media Player (KB975558)
Atualização de Segurança para o Windows Media Player (KB978695)
Atualização de Segurança para o Windows Media Player 11 (KB954154)
Atualização de Segurança para Windows Internet Explorer 8 (KB2183461)
Atualização de Segurança para Windows Internet Explorer 8 (KB2360131)
Atualização de Segurança para Windows Internet Explorer 8 (KB2416400)
Atualização de Segurança para Windows Internet Explorer 8 (KB971961)
Atualização de Segurança para Windows Internet Explorer 8 (KB974455)
Atualização de Segurança para Windows Internet Explorer 8 (KB976325)
Atualização de Segurança para Windows Internet Explorer 8 (KB978207)
Atualização de Segurança para Windows Internet Explorer 8 (KB981332)
Atualização de Segurança para Windows Internet Explorer 8 (KB982381)
Atualização de Segurança para Windows XP (KB2079403)
Atualização de Segurança para Windows XP (KB2115168)
Atualização de Segurança para Windows XP (KB2121546)
Atualização de Segurança para Windows XP (KB2160329)
Atualização de Segurança para Windows XP (KB2229593)
Atualização de Segurança para Windows XP (KB2259922)
Atualização de Segurança para Windows XP (KB2279986)
Atualização de Segurança para Windows XP (KB2286198)
Atualização de Segurança para Windows XP (KB2296011)
Atualização de Segurança para Windows XP (KB2296199)
Atualização de Segurança para Windows XP (KB2347290)
Atualização de Segurança para Windows XP (KB2360937)
Atualização de Segurança para Windows XP (KB2387149)
Atualização de Segurança para Windows XP (KB2419632)
Atualização de Segurança para Windows XP (KB2423089)
Atualização de Segurança para Windows XP (KB2436673)
Atualização de Segurança para Windows XP (KB2440591)
Atualização de Segurança para Windows XP (KB2443105)
Atualização de Segurança para Windows XP (KB923561)
Atualização de Segurança para Windows XP (KB938464-v2)
Atualização de Segurança para Windows XP (KB941569)
Atualização de Segurança para Windows XP (KB946648)
Atualização de Segurança para Windows XP (KB950762)
Atualização de Segurança para Windows XP (KB950974)
Atualização de Segurança para Windows XP (KB951066)
Atualização de Segurança para Windows XP (KB951376-v2)
Atualização de Segurança para Windows XP (KB951748)
Atualização de Segurança para Windows XP (KB952004)
Atualização de Segurança para Windows XP (KB952954)
Atualização de Segurança para Windows XP (KB954459)
Atualização de Segurança para Windows XP (KB954600)
Atualização de Segurança para Windows XP (KB955069)
Atualização de Segurança para Windows XP (KB956572)
Atualização de Segurança para Windows XP (KB956744)
Atualização de Segurança para Windows XP (KB956802)
Atualização de Segurança para Windows XP (KB956803)
Atualização de Segurança para Windows XP (KB956844)
Atualização de Segurança para Windows XP (KB957097)
Atualização de Segurança para Windows XP (KB958644)
Atualização de Segurança para Windows XP (KB958687)
Atualização de Segurança para Windows XP (KB958869)
Atualização de Segurança para Windows XP (KB959426)
Atualização de Segurança para Windows XP (KB960225)
Atualização de Segurança para Windows XP (KB960803)
Atualização de Segurança para Windows XP (KB960859)
Atualização de Segurança para Windows XP (KB961371-v2)
Atualização de Segurança para Windows XP (KB961501)
Atualização de Segurança para Windows XP (KB968537)
Atualização de Segurança para Windows XP (KB969059)
Atualização de Segurança para Windows XP (KB969947)
Atualização de Segurança para Windows XP (KB970238)
Atualização de Segurança para Windows XP (KB970430)
Atualização de Segurança para Windows XP (KB971468)
Atualização de Segurança para Windows XP (KB971486)
Atualização de Segurança para Windows XP (KB971557)
Atualização de Segurança para Windows XP (KB971633)
Atualização de Segurança para Windows XP (KB971657)
Atualização de Segurança para Windows XP (KB972270)
Atualização de Segurança para Windows XP (KB973346)
Atualização de Segurança para Windows XP (KB973354)
Atualização de Segurança para Windows XP (KB973507)
Atualização de Segurança para Windows XP (KB973525)
Atualização de Segurança para Windows XP (KB973869)
Atualização de Segurança para Windows XP (KB973904)
Atualização de Segurança para Windows XP (KB974112)
Atualização de Segurança para Windows XP (KB974318)
Atualização de Segurança para Windows XP (KB974392)
Atualização de Segurança para Windows XP (KB974571)
Atualização de Segurança para Windows XP (KB975025)
Atualização de Segurança para Windows XP (KB975467)
Atualização de Segurança para Windows XP (KB975560)
Atualização de Segurança para Windows XP (KB975561)
Atualização de Segurança para Windows XP (KB975562)
Atualização de Segurança para Windows XP (KB975713)
Atualização de Segurança para Windows XP (KB977165)
Atualização de Segurança para Windows XP (KB977816)
Atualização de Segurança para Windows XP (KB977914)
Atualização de Segurança para Windows XP (KB978037)
Atualização de Segurança para Windows XP (KB978251)
Atualização de Segurança para Windows XP (KB978262)
Atualização de Segurança para Windows XP (KB978338)
Atualização de Segurança para Windows XP (KB978542)
Atualização de Segurança para Windows XP (KB978601)
Atualização de Segurança para Windows XP (KB978706)
Atualização de Segurança para Windows XP (KB979309)
Atualização de Segurança para Windows XP (KB979482)
Atualização de Segurança para Windows XP (KB979559)
Atualização de Segurança para Windows XP (KB979683)
Atualização de Segurança para Windows XP (KB979687)
Atualização de Segurança para Windows XP (KB980195)
Atualização de Segurança para Windows XP (KB980218)
Atualização de Segurança para Windows XP (KB980232)
Atualização de Segurança para Windows XP (KB980436)
Atualização de Segurança para Windows XP (KB981322)
Atualização de Segurança para Windows XP (KB981852)
Atualização de Segurança para Windows XP (KB981957)
Atualização de Segurança para Windows XP (KB981997)
Atualização de Segurança para Windows XP (KB982132)
Atualização de Segurança para Windows XP (KB982214)
Atualização de Segurança para Windows XP (KB982665)
Atualização de Segurança para Windows XP (KB982802)
Atualização para Windows Internet Explorer 8 (KB976662)
Atualização para Windows Internet Explorer 8 (KB976749)
Atualização para Windows XP (KB2141007)
Atualização para Windows XP (KB2345886)
Atualização para Windows XP (KB2467659)
Atualização para Windows XP (KB898461)
Atualização para Windows XP (KB951978)
Atualização para Windows XP (KB955759)
Atualização para Windows XP (KB961503)
Atualização para Windows XP (KB967715)
Atualização para Windows XP (KB968389)
Atualização para Windows XP (KB971737)
Atualização para Windows XP (KB973687)
Atualização para Windows XP (KB973815)
Bonjour
BufferChm
CCleaner
Conectividade Social
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DigiSignDoc Leitor
DVD Shrink 3.2
DVD Suite
eSupportQFolder
Ferramenta de Carregamento do Windows Live
Free Audio CD Burner version 1.4
Free Download Manager 3.4 BETA
Free YouTube to MP3 Converter version 3.9
GeoVision ADPCM
GeoVision H264
GeoVision JPEG
GeoVision MPEG2
GeoVision MPEG4
GeoVision MPEG4 ASP
GeoVision MPEG4 AVC
Gerenciador de Aplicacoes de Notas Fiscais
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix para o Windows Media Player 11 (KB939683)
Hotfix para Windows XP (KB2158563)
Hotfix para Windows XP (KB2443685)
Hotfix para Windows XP (KB952287)
Hotfix para Windows XP (KB961118)
Hotfix para Windows XP (KB970653-v3)
Hotfix para Windows XP (KB976098-v2)
Hotfix para Windows XP (KB981793)
HP Deskjet 3900 series
HP Imaging Device Functions 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
HPDeskjet3900Series
HPProductAssistant
iTunes
J2SE Runtime Environment 5.0 Update 10
Java Auto Updater
Java 6 Update 18
JDownloader
Junk Mail filter update
Launch Manager
McAfee Security Scan Plus
McAfee SecurityCenter
MCESimplificado
Messenger Plus! Live
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Professional Edição 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0b5 (x86 pt-BR)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
Nokia Internet Modem
OGA Notifier 2.0.0048.0
Pacote de Compatibilidade para o sistema Office 2007
PhotoScape
Picasa 3
PowerDVD
PowerProducer
QuickTime
REALTEK GbE & FE Ethernet NIC Driver
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)SEFIP 8.40
Segoe UI
Skype™ 4.2
Softonic_Brasil Toolbar
Software WIDCOMM Bluetooth
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Spyware Doctor 6.0
Status
The KMPlayer (remove only)
TrayApp
Uninstall 1.0.0.1
Uninstall Dual Mode Camera
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WebFldrs XP
WebReg
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live Mail
Windows Live Messenger
Windows Live Proteção para a Família
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
WinPcap 4.1.1
XP Codec Pack
==== End Of File ===========================
Olá!
Seu log não apresenta infecções. Sugiro que limpe o número de complementos do seu navegador (desabilite todos que não forem necessários para você) e faça uma limpeza do registro e de arquivos com programas como o CCleaner.
Abraços.
OK, obrigado. Porem deixo registrado que após os procedimentos propostos o computador continua lento ao iniciar, mesmo desabilitando programas que inicia junto com o windows e ao abrir navegador (até o chrome), e apreceu uma deficiencia no som ficou rouco e lento ao reproduzir qualquer som mesmos os simples som do windows. Uma vez aberto os navegadores navegar não é problema.
Informo que estou formatando a maquina, creio que alguns arquivos do windows estao corrompidos. Obrigado pela atenção.
O computador começou a ficar lento ao iniciar, Segue Log para analise
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:34, on 12/02/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Users\Silas\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101113013153.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Silas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GoToAssist - Invalid registry found
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Serviço Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SessionLauncher - Unknown owner - c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TipCtrl - Unknown owner - C:\Program Files (x86)\uTIPu\TipCtrl.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14145 bytes
Olá!
Deixe-me entender: Você formatou a máquina e ela está lenta novamente?
>
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mO4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
Há muitos programas sendo carregados na inicialização do Computador. Deve ser por isso que ele está lento.
No CCleaner, vá na guia Ferramentas >> Programas iniciados com o Windows.
Clique em DESABILITAR e desabilite as entradas que marquei em vermelho acima.
Seu computador deve acelerar. Recomendo que também faça as limpezas já citadas nesse tópico com o CCleaner e que desfragmente & otimize seu pc com o Auslogics Disk Defrag.
Abraços :D
Ok, funcionou obrigado.
Manain
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Olá!
Seja bem vinda à seção de Remoção de Malwares da IMasters Fóruns!
Por favor, siga as instruções abaixo:
Faça o Download do DDS e salve no Desktop (Área de trabalho).
OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link.
Abraços :D