Ragde 0 Denunciar post Postado Agosto 19, 2010 Bom galera aqui estou de novo andei meio sumido pois estava tudo bem! Agora percebi nao consigo abrir uma determinada pagina!Eu uso o Mozilla FireFox e ele nao ta abrindo a pagina do 4shared.com fiz zlguns teste e os outros navegadores abrem essa pagina tranquila só o mozilla que nao!Ja escluoir ele de minha maquina por inteiro e nao resolveu! Ja autorizei o FIREWALL pra abrir ele e nem deu resultado por issu venhu lhe pedir uma ajuda!desde já agradeço! Segue o seguinte log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:14:53, on 19/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Arquivos de programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMes1.dll O2 - BHO: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll O2 - BHO: Flash Video Decoder for FLV - {E3A5CD1D-2A58-4A37-8C42-B64B4E2D5D6E} - C:\WINDOWS\system32\flash102flv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes1.dll O2 - BHO: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMes1.dll O3 - Toolbar: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O3 - Toolbar: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes1.dll O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Arquivos de programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MI1933~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{229BCC09-E9B9-4C62-A762-04A24156DA2A}: NameServer = 200.165.132.148 200.165.132.155 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Application Updater - Spigot, Inc. - C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7592 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Agosto 19, 2010 Olá! Por favor, seguindo a regra 2 deste fórum, desinstale o HijackThis 2.0.2 no Adicionar ou Remover Programas do Painel de Controle e, somente após isso, instale a versão 2.0.4 Poste o log da versão 2.0.4. Regra nº 2 Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Agosto 20, 2010 Como pedido,segue o seguinte log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:01:04, on 20/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Arquivos de programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMes1.dll O2 - BHO: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll O2 - BHO: Flash Video Decoder for FLV - {E3A5CD1D-2A58-4A37-8C42-B64B4E2D5D6E} - C:\WINDOWS\system32\flash102flv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes1.dll O2 - BHO: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMes1.dll O3 - Toolbar: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O3 - Toolbar: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes1.dll O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Arquivos de programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MI1933~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{229BCC09-E9B9-4C62-A762-04A24156DA2A}: NameServer = 200.165.132.148 200.165.132.155 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Spigot, Inc. - C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7868 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Agosto 20, 2010 Olá! Seja bem vindo à seção de Segurança & Malwares do fórum iMasters. Por favor, siga as instruções na ordem dada. Com alguma dúvida, NÃO PULE para a próxima etapa. Pare e pergunte. Também não realize o que é pedido neste tópico em outros computadores. Tudo é feito especificamente para seu computador. _____________________________________________________ <<1>> Faça o download do HostsXpert e salve em uma pasta própria (como C:\HostsXpert) Extraia o arquivo .zip Clique em Restore MS Hosts File. OBSERVAÇÃO: Caso o HostsXpert reportar algum erro, clique em Make Writeable? e, após isso, clique em Restore MS Hosts File. _____________________________________________________ <<2>> Por favor, acesse Painel de Controle > Adicionar ou remover programas e desinstale as seguintes toolbars: Windows Live Toolbar Messenger Plus Live Toolbar Messenger Plus Live Portuguese Toolbar Softonic_Brasil Toolbar MAX BR Toolbar Messenger Plus Live Brazil Toolbar Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} Com relação ao Messenger Plus Live: caso não encontrá-lo, o desinstale e instale novamente, sem instalar nenhuma toolbar. _____________________________________________________ <<3>> Por favor, siga o tutorial abaixo e execute o AdRemover. Poste o log gerado. Utilize a opção CLEAN. Tutorial do Ad-Remover _____________________________________________________ <<4>> Faça o download de Lop S&D Temporariamente desative seus programas de proteção (Antivirus, etc.) para não interferirem com a ferramenta. Clique duas vezes no ícone do Lop S&D que estará no desktop.Se utiliza o Windows Vista, clique com o botão direito do mouse no LopSD.exe e escolha 'Executar como administrador'. Irá surgir uma janela (conforme imagem abaixo), tecle P de Português e dê enter. Pressione agora o número 1 e dê enter. A ferramenta irá rodar e a sua tela irá piscar, o que é normal. Por favor, seja paciente e aguarde. No final será gerado um relatório (C:\lopR.txt). Cole o conteúdo desse relatório em sua próxima resposta. _____________________________________________________ <<5>> Por favor, poste um novo log do HijackThis e nos informe como está seu computador depois dessas ações. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Agosto 23, 2010 Bom to tentando desistalar os toolbar e nao consigo minha maquina trava e abre uma outra janela do explore.Tem como fazer os outros passos pois vcs disseram pra nao pular nenhum! Fikarei no aguardo! Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Agosto 24, 2010 Olá! Pode pular somente o da toolbar. Estava tentando removê-las por bem, mas já que não querem, será por mal! ;) Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Agosto 30, 2010 Como pedido segue os seguintes LOGS 1°LOG ======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 ======= Updated by C_XX on 13/06/10 at 20:40 Contact: AdRemover.contact@gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 11:59:00 on 30/08/2010, Normal boot Microsoft Windows XP Professional Service Pack 3 (X86) Dih, CASA-77512E3B81 ( ) ============== ACTION(S) ============== Service: "Application Updater" Service stopped and deleted 0,Folder deleted: C:\Arquivos de programas\Application Updater 0,Folder deleted: C:\Documents and Settings\Dih\Menu Iniciar\Programas\Ask Search Assistant 0,Folder deleted: C:\Arquivos de programas\Ask Search Assistant 0,Folder deleted: C:\Documents and Settings\Dih\Configurações locais\Dados de aplicativos\Conduit 0,Folder deleted: C:\Arquivos de programas\Conduit 0,Folder deleted: C:\Documents and Settings\Dih\Dados de aplicativos\Dealio 0,Folder deleted: C:\Documents and Settings\oscar\Dados de aplicativos\Dealio 0,Folder deleted: C:\Documents and Settings\ramom\Dados de aplicativos\Dealio 0,Folder deleted: C:\Arquivos de programas\Dealio Toolbar 0,Folder deleted: C:\Documents and Settings\Dih\Dados de aplicativos\Search Settings 0,Folder deleted: C:\Documents and Settings\oscar\Dados de aplicativos\Search Settings 0,Folder deleted: C:\Documents and Settings\ramom\Dados de aplicativos\Search Settings 0,Folder deleted: C:\Arquivos de programas\Search Settings 3,File deleted: C:\WINDOWS\Installer\48e352.msi 3,File deleted: C:\WINDOWS\Installer\56c99b.msi 3,File deleted: C:\WINDOWS\Installer\56c9a1.msi (!) -- Temporary files deleted. -- File opened: C:\Documents and Settings\oscar\Dados de aplicativos\Mozilla\FireFox\Profiles\kouwjd3j.default\Prefs.js -- Line deleted: user_pref("CT2124320.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line deleted: user_pref("CT2124320.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT212... Line deleted: user_pref("CT2124320.ct2467812.SearchEngine", "Busca||hxxp://search.conduit.com/Results.aspx?q=UCM_S... Line deleted: user_pref("CT2284000.SearchEngine", "Busca||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM... Line deleted: user_pref("CT2284000.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT228... Line deleted: user_pref("CT2552374.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT2124320&SearchSource=13"); Line deleted: user_pref("CT2552374.SearchEngine", "Busca||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM... Line deleted: user_pref("CT2552374.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT255... Line deleted: user_pref("browser.search.defaultthis.engineName", "MAX BR Customized Web Search"); Line deleted: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2284000&Sea... Line deleted: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2284000&SearchSource=13"); -- File closed -- -- File opened: C:\Documents and Settings\ramom\Dados de aplicativos\Mozilla\FireFox\Profiles\22ef7qo1.default\Prefs.js -- Line deleted: user_pref("CT2124320.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line deleted: user_pref("CT2124320.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT212... Line deleted: user_pref("CT2124320.ct2467812.SearchEngine", "Busca||hxxp://search.conduit.com/Results.aspx?q=UCM_S... Line deleted: user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live Customized Web Search"); Line deleted: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2124320&Sea... Line deleted: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2124320&SearchSource=13"); -- File closed -- 1,Key deleted: HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 1,Key deleted: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} 1,Key deleted: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} 1,Key deleted: HKLM\Software\Classes\Interface\{D8F245F7-60CF-4370-A70D-6867467ECBF2} 1,Key deleted: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} 0,Key deleted: HKLM\Software\Classes\SearchSettings.BHO 0,Key deleted: HKLM\Software\Classes\SearchSettings.BHO.1 0,Key deleted: HKLM\Software\Application Updater 0,Key deleted: HKLM\Software\Conduit 0,Key deleted: HKLM\Software\Dealio 0,Key deleted: HKLM\Software\Search Settings 0,Key deleted: HKCU\Software\AskSearchAsst 0,Key deleted: HKCU\Software\Conduit 0,Key deleted: HKCU\Software\Dealio 0,Key deleted: HKCU\Software\Search Settings 0,Key deleted: HKCU\Software\AppDataLow\Software\Dealio 0,Key deleted: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C878CD69-85DB-426B-81A3-E71175AAEB91} 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe 0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.8 (pt-BR)] ** -- C:\Documents and Settings\Dih\Dados de aplicativos\Mozilla\FireFox\Profiles\piywsds7.default\Prefs.js -- browser.download.lastDir, C:\\Documents and Settings\\Dih\\Meus documentos\\Diguinho\\Fotos\\Originals\\Originals browser.search.defaultenginename, Yahoo browser.search.selectedEngine, Google browser.startup.homepage, hxxp://www.plusnetwork.com browser.startup.homepage_override.mstone, rv:1.9.2.8 keyword.URL, hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= -- C:\Documents and Settings\oscar\Dados de aplicativos\Mozilla\FireFox\Profiles\kouwjd3j.default\Prefs.js -- browser.search.defaultenginename, Yahoo browser.search.selectedEngine, Yahoo browser.startup.homepage_override.mstone, rv:1.9.2.8 keyword.URL, hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= -- C:\Documents and Settings\ramom\Dados de aplicativos\Mozilla\FireFox\Profiles\22ef7qo1.default\Prefs.js -- browser.search.defaultenginename, Yahoo browser.search.selectedEngine, Google browser.startup.homepage_override.mstone, rv:1.9.2.6 keyword.URL, hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Arquivos de programas\Ad-Remover\Quarantine: 122 File(s) C:\Arquivos de programas\Ad-Remover\Backup: 17 File(s) C:\Ad-Report-CLEAN[1].txt - 30/08/2010 (5382 Byte(s)) End at: 12:06:20, 30/08/2010 ============== E.O.F ============== 2°LOG Não foram encontradas pastas com o Lop! --------------------\\ Procura no Registro ..... OK ! --------------------\\ Verificando o Arquivos/Ficheiros Hosts Arquivos/Ficheiros Hosts LIMPO --------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-30 12:41:43 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Procurando por outras infecções Não foram encontradas outras infecções. [F:822][D:27]-> C:\DOCUME~1\Dih\CONFIG~1\Temp [F:97][D:0]-> C:\DOCUME~1\Dih\Cookies [F:4587][D:10]-> C:\DOCUME~1\Dih\CONFIG~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - qui 26/08/2010|18:18 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - seg 30/08/2010|12:43 - Option : [1] --------------------\\ Verificação completa em 12:43:15 e 3° e ultimo LOG Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:49:11, on 30/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wscntfy.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: Flash Video Decoder for FLV - {E3A5CD1D-2A58-4A37-8C42-B64B4E2D5D6E} - C:\WINDOWS\system32\flash102flv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Messenger Plus Live Portuguese Toolbar - {b46b614e-44c7-4448-ac14-9ab9f7740d64} - C:\Arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSof0.dll O3 - Toolbar: MAX BR Toolbar - {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - C:\Arquivos de programas\MAX_BR\tbMAX0.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MI1933~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{229BCC09-E9B9-4C62-A762-04A24156DA2A}: NameServer = 200.165.132.148 200.165.132.155 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 6338 bytes Aguardo mais informaçoes forte abraço e desculpe pela demora! Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Agosto 30, 2010 Olá! Por favor, desinstale e instale novamente o Firefox 3.6.8. Depois siga estas instruções abaixo: Faça o Download do DDS e salve no Desktop (Área de trabalho). Temporariamente desative os seus programas de proteção. Duplo clique em dds.scr. Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde! Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt. Salve o resultado e cole-o no seu tópico. OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Agosto 31, 2010 Bom como pedido os seguintes logs DDS (Ver_10-03-17.01) - NTFSx86 Run by Dih at 11:46:31,20 on ter 31/08/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Professional 5.1.2600.3.1252.351.1046.18.511.197 [GMT -3:00] AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe svchost.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Dih\Desktop\dds.scr ============== Pseudo HJT Report =============== uWindow Title = BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSof0.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Messenger Plus Live Portuguese Toolbar: {b46b614e-44c7-4448-ac14-9ab9f7740d64} - c:\arquivos de programas\messenger_plus_live_portuguese\tbMes1.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll BHO: Flash Video Decoder for FLV: {e3a5cd1d-2a58-4a37-8c42-b64b4e2d5d6e} - c:\windows\system32\flash102flv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: MAX BR Toolbar: {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - c:\arquivos de programas\max_br\tbMAX0.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll TB: Messenger Plus Live Portuguese Toolbar: {b46b614e-44c7-4448-ac14-9ab9f7740d64} - c:\arquivos de programas\messenger_plus_live_portuguese\tbMes1.dll TB: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSof0.dll TB: MAX BR Toolbar: {fe379c63-1156-4c8c-8dbb-f823d3ea4b37} - c:\arquivos de programas\max_br\tbMAX0.dll uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [DWQueuedReporting] "c:\arquiv~1\arquiv~1\micros~1\dw\dwtrig20.exe" -t IE: E&xportar para o Microsoft Excel - c:\arquiv~1\mi1933~1\office10\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: {229BCC09-E9B9-4C62-A762-04A24156DA2A} = 200.165.132.148 200.165.132.155 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\dih\dadosd~1\mozilla\firefox\profiles\piywsds7.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.plusnetwork.com FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 151216] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2002-6-9 31232] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-5-31 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-5-31 8320] =============== Created Last 30 ================ 2010-08-30 14:58:56 0 dc----w- c:\arquivos de programas\Ad-Remover 2010-08-29 02:35:21 380928 -c--a-w- c:\windows\system32\irprops.cpl 2010-08-26 21:13:44 0 dc----w- C:\Lop SD 2010-08-21 16:15:27 0 dc----w- c:\docume~1\dih\dadosd~1\PriceGong 2010-08-21 14:38:17 8192 -c--a-w- c:\windows\system32\wshirda.dll 2010-08-21 14:38:17 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2010-08-21 14:38:16 28672 -c--a-w- c:\windows\system32\irmon.dll 2010-08-21 14:38:16 28672 -c--a-w- c:\windows\system32\dllcache\irmon.dll 2010-08-21 14:38:09 152576 -c--a-w- c:\windows\system32\irftp.exe 2010-08-21 14:38:09 152576 -c--a-w- c:\windows\system32\dllcache\irftp.exe 2010-08-20 13:58:29 388608 -c--a-w- C:\HiJackThis.exe 2010-08-16 18:34:11 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2010-08-16 18:34:03 159232 -c--a-w- c:\windows\system32\ptpusd.dll 2010-08-10 19:41:52 72 -c--a-w- c:\windows\system32\flash102flv.usr 2010-08-10 19:41:52 48 -c--a-w- c:\windows\system32\flash102flv.cfg 2010-08-10 19:41:52 1029120 -c--a-w- c:\windows\system32\flash102flv.dll 2010-08-04 20:19:19 138 -c--a-w- c:\windows\system32\locale.dat 2010-08-04 14:54:50 0 dc----w- c:\arquivos de programas\CyberScript32 ==================== Find3M ==================== 2010-08-30 03:12:48 79022 ----a-w- c:\windows\system32\perfc016.dat 2010-08-30 03:12:48 468108 ----a-w- c:\windows\system32\perfh016.dat 2010-07-09 21:35:11 20664 -c--a-r- c:\windows\fonts\Karate.ttf.htm 2010-07-09 21:32:04 33712 -c--a-r- c:\windows\fonts\BEATSVIL.TTF.htm 2010-07-09 21:25:06 32264 -c--a-r- c:\windows\fonts\BARBECUE.TTF.htm 2010-06-30 12:32:26 149504 -c--a-w- c:\windows\system32\schannel.dll 2010-06-24 12:24:53 916480 -c--a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02:34 1852032 -c--a-w- c:\windows\system32\win32k.sys 2010-06-17 14:03:09 80384 -c--a-w- c:\windows\system32\iccvid.dll 2010-06-14 07:42:28 1172480 -c--a-w- c:\windows\system32\msxml3.dll 2010-01-30 03:27:13 40960 -c--a-w- c:\arquivos de programas\Uninstall_CDS.exe ============= FINISH: 11:47:17,23 =============== 2°log UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 16/1/2010 19:25:07 System Uptime: 31/8/2010 10:59:07 (1 hours ago) Motherboard: ASUSTeK Computer INC. | | P5VDC-X Processor: Intel® Pentium® 4 CPU 3.00GHz | CPU 1 | 3000/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 75 GiB total, 45,827 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Controlador de interrupção do sistema Device ID: PCI\VEN_1106&DEV_5308&SUBSYS_53081106&REV_00\3&267A616A&0&05 Manufacturer: Name: Controlador de interrupção do sistema PNP Device ID: PCI\VEN_1106&DEV_5308&SUBSYS_53081106&REV_00\3&267A616A&0&05 Service: Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia N80 PNP Device ID: ROOT\WPD\0000 Service: WUDFRd Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0001 Manufacturer: Nokia Name: Nokia 6111 PNP Device ID: ROOT\WPD\0001 Service: WUDFRd Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia N70 Device ID: ROOT\WPD\0002 Manufacturer: Nokia Name: Nokia N70 PNP Device ID: ROOT\WPD\0002 Service: WUDFRd ==== System Restore Points =================== RP6: 2/6/2010 01:01:49 - Software Distribution Service 3.0 RP7: 2/6/2010 15:14:55 - Software Distribution Service 3.0 RP8: 3/6/2010 18:12:52 - Software Distribution Service 3.0 RP9: 4/6/2010 19:26:20 - Software Distribution Service 3.0 RP10: 6/6/2010 00:35:47 - Software Distribution Service 3.0 RP11: 7/6/2010 14:55:08 - Software Distribution Service 3.0 RP12: 7/6/2010 15:09:04 - Software Distribution Service 3.0 RP13: 8/6/2010 15:16:06 - Ponto de verificação do sistema RP14: 8/6/2010 22:43:13 - Software Distribution Service 3.0 RP15: 10/6/2010 01:30:33 - Software Distribution Service 3.0 RP16: 10/6/2010 02:29:18 - Software Distribution Service 3.0 RP17: 10/6/2010 12:07:17 - Software Distribution Service 3.0 RP18: 10/6/2010 23:16:36 - Software Distribution Service 3.0 RP19: 11/6/2010 00:38:35 - Software Distribution Service 3.0 RP20: 11/6/2010 18:25:39 - Software Distribution Service 3.0 RP21: 13/6/2010 20:19:06 - Ponto de verificação do sistema RP22: 14/6/2010 12:40:45 - Software Distribution Service 3.0 RP23: 15/6/2010 19:18:47 - Software Distribution Service 3.0 RP24: 16/6/2010 18:08:53 - Software Distribution Service 3.0 RP25: 17/6/2010 19:46:13 - Ponto de verificação do sistema RP26: 17/6/2010 23:25:03 - Software Distribution Service 3.0 RP27: 20/6/2010 10:41:04 - Software Distribution Service 3.0 RP28: 21/6/2010 15:58:49 - Software Distribution Service 3.0 RP29: 22/6/2010 18:57:38 - Ponto de verificação do sistema RP30: 23/6/2010 18:11:54 - Software Distribution Service 3.0 RP31: 23/6/2010 22:06:29 - Software Distribution Service 3.0 RP32: 24/6/2010 19:57:40 - Software Distribution Service 3.0 RP33: 26/6/2010 08:47:23 - Software Distribution Service 3.0 RP34: 27/6/2010 12:21:14 - Software Distribution Service 3.0 RP35: 28/6/2010 18:27:27 - Software Distribution Service 3.0 RP36: 30/6/2010 00:15:01 - Software Distribution Service 3.0 RP37: 30/6/2010 15:40:50 - Software Distribution Service 3.0 RP38: 1/7/2010 20:25:34 - Software Distribution Service 3.0 RP39: 2/7/2010 11:26:53 - Installed Nokia Series 40 Theme Studio 2.2 RP40: 2/7/2010 22:31:01 - Software Distribution Service 3.0 RP41: 4/7/2010 00:18:57 - Software Distribution Service 3.0 RP42: 5/7/2010 10:43:42 - Software Distribution Service 3.0 RP43: 6/7/2010 19:28:37 - Software Distribution Service 3.0 RP44: 7/7/2010 17:05:02 - Removido Google Earth. RP45: 7/7/2010 22:17:30 - Software Distribution Service 3.0 RP46: 8/7/2010 22:39:40 - Software Distribution Service 3.0 RP47: 9/7/2010 22:48:56 - Software Distribution Service 3.0 RP48: 11/7/2010 09:48:01 - Software Distribution Service 3.0 RP49: 12/7/2010 10:08:44 - Software Distribution Service 3.0 RP50: 13/7/2010 22:31:24 - Software Distribution Service 3.0 RP51: 14/7/2010 13:00:44 - Software Distribution Service 3.0 RP52: 15/7/2010 13:49:55 - Software Distribution Service 3.0 RP53: 16/7/2010 23:20:44 - Software Distribution Service 3.0 RP54: 18/7/2010 00:13:59 - Software Distribution Service 3.0 RP55: 19/7/2010 11:46:13 - Software Distribution Service 3.0 RP56: 20/7/2010 14:57:25 - Ponto de verificação do sistema RP57: 21/7/2010 10:26:14 - Software Distribution Service 3.0 RP58: 22/7/2010 13:30:07 - Ponto de verificação do sistema RP59: 22/7/2010 14:01:21 - Software Distribution Service 3.0 RP60: 23/7/2010 14:11:51 - Ponto de verificação do sistema RP61: 23/7/2010 17:34:17 - Software Distribution Service 3.0 RP62: 24/7/2010 23:48:29 - Ponto de verificação do sistema RP63: 25/7/2010 23:53:15 - Software Distribution Service 3.0 RP64: 27/7/2010 11:55:37 - Instalação de driver não assinada RP65: 27/7/2010 12:08:29 - Software Distribution Service 3.0 RP66: 28/7/2010 21:01:51 - Ponto de verificação do sistema RP67: 30/7/2010 10:06:19 - Software Distribution Service 3.0 RP68: 31/7/2010 10:50:10 - Software Distribution Service 3.0 RP69: 1/8/2010 16:21:21 - Software Distribution Service 3.0 RP70: 2/8/2010 21:10:47 - Software Distribution Service 3.0 RP71: 4/8/2010 09:40:51 - Software Distribution Service 3.0 RP72: 5/8/2010 10:47:10 - Software Distribution Service 3.0 RP73: 7/8/2010 15:50:09 - Ponto de verificação do sistema RP74: 9/8/2010 01:02:21 - Software Distribution Service 3.0 RP75: 10/8/2010 08:23:10 - Software Distribution Service 3.0 RP76: 11/8/2010 11:03:30 - Software Distribution Service 3.0 RP77: 11/8/2010 15:07:53 - Software Distribution Service 3.0 RP78: 11/8/2010 18:10:36 - Software Distribution Service 3.0 RP79: 11/8/2010 23:38:55 - Software Distribution Service 3.0 RP80: 12/8/2010 22:48:12 - Software Distribution Service 3.0 RP81: 14/8/2010 10:56:19 - Software Distribution Service 3.0 RP82: 16/8/2010 10:31:07 - Software Distribution Service 3.0 RP83: 17/8/2010 15:40:44 - Software Distribution Service 3.0 RP84: 18/8/2010 11:26:19 - Installed Opera 10.61. RP85: 19/8/2010 11:29:59 - Removed Opera 10.61. RP86: 19/8/2010 23:12:42 - Software Distribution Service 3.0 RP87: 21/8/2010 08:45:30 - Software Distribution Service 3.0 RP88: 22/8/2010 12:11:22 - Software Distribution Service 3.0 RP89: 23/8/2010 19:04:49 - Software Distribution Service 3.0 RP90: 24/8/2010 23:38:08 - Software Distribution Service 3.0 RP91: 25/8/2010 12:04:01 - Instalação de driver não assinada RP92: 27/8/2010 17:35:40 - Software Distribution Service 3.0 RP93: 28/8/2010 12:37:29 - Instalação de driver não assinada RP94: 28/8/2010 12:54:09 - Instalação de driver não assinada RP95: 28/8/2010 23:33:48 - Instalação de driver não assinada RP96: 30/8/2010 00:22:59 - Software Distribution Service 3.0 RP97: 31/8/2010 11:28:53 - Software Distribution Service 3.0 ==== Installed Programs ====================== Ad-Remover By C_XX Adobe Acrobat 5.0 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Arquivo do WinRAR Assistente de Conexão do Windows Live Atualização de Segurança para o Windows Media Player (KB952069) Atualização de Segurança para o Windows Media Player (KB954155) Atualização de Segurança para o Windows Media Player (KB968816) Atualização de Segurança para o Windows Media Player (KB973540) Atualização de Segurança para o Windows Media Player (KB978695) Atualização de Segurança para o Windows Media Player 11 (KB954154) Atualização de Segurança para Windows Internet Explorer 8 (KB2183461) Atualização de Segurança para Windows Internet Explorer 8 (KB971961) Atualização de Segurança para Windows Internet Explorer 8 (KB976325) Atualização de Segurança para Windows Internet Explorer 8 (KB978207) Atualização de Segurança para Windows Internet Explorer 8 (KB981332) Atualização de Segurança para Windows Internet Explorer 8 (KB982381) Atualização de Segurança para Windows XP (KB2079403) Atualização de Segurança para Windows XP (KB2115168) Atualização de Segurança para Windows XP (KB2160329) Atualização de Segurança para Windows XP (KB2229593) Atualização de Segurança para Windows XP (KB2286198) Atualização de Segurança para Windows XP (KB923561) Atualização de Segurança para Windows XP (KB941569) Atualização de Segurança para Windows XP (KB946648) Atualização de Segurança para Windows XP (KB950762) Atualização de Segurança para Windows XP (KB950974) Atualização de Segurança para Windows XP (KB951066) Atualização de Segurança para Windows XP (KB951376-v2) Atualização de Segurança para Windows XP (KB951748) Atualização de Segurança para Windows XP (KB952004) Atualização de Segurança para Windows XP (KB952954) Atualização de Segurança para Windows XP (KB955069) Atualização de Segurança para Windows XP (KB956572) Atualização de Segurança para Windows XP (KB956744) Atualização de Segurança para Windows XP (KB956802) Atualização de Segurança para Windows XP (KB956803) Atualização de Segurança para Windows XP (KB956844) Atualização de Segurança para Windows XP (KB957097) Atualização de Segurança para Windows XP (KB958644) Atualização de Segurança para Windows XP (KB958687) Atualização de Segurança para Windows XP (KB958869) Atualização de Segurança para Windows XP (KB959426) Atualização de Segurança para Windows XP (KB960225) Atualização de Segurança para Windows XP (KB960803) Atualização de Segurança para Windows XP (KB960859) Atualização de Segurança para Windows XP (KB961501) Atualização de Segurança para Windows XP (KB969059) Atualização de Segurança para Windows XP (KB969947) Atualização de Segurança para Windows XP (KB970238) Atualização de Segurança para Windows XP (KB970430) Atualização de Segurança para Windows XP (KB971468) Atualização de Segurança para Windows XP (KB971486) Atualização de Segurança para Windows XP (KB971557) Atualização de Segurança para Windows XP (KB971633) Atualização de Segurança para Windows XP (KB971657) Atualização de Segurança para Windows XP (KB971961) Atualização de Segurança para Windows XP (KB972270) Atualização de Segurança para Windows XP (KB973354) Atualização de Segurança para Windows XP (KB973507) Atualização de Segurança para Windows XP (KB973525) Atualização de Segurança para Windows XP (KB973869) Atualização de Segurança para Windows XP (KB973904) Atualização de Segurança para Windows XP (KB974112) Atualização de Segurança para Windows XP (KB974318) Atualização de Segurança para Windows XP (KB974392) Atualização de Segurança para Windows XP (KB974571) Atualização de Segurança para Windows XP (KB975025) Atualização de Segurança para Windows XP (KB975467) Atualização de Segurança para Windows XP (KB975560) Atualização de Segurança para Windows XP (KB975561) Atualização de Segurança para Windows XP (KB975562) Atualização de Segurança para Windows XP (KB975713) Atualização de Segurança para Windows XP (KB976325) Atualização de Segurança para Windows XP (KB977165) Atualização de Segurança para Windows XP (KB977816) Atualização de Segurança para Windows XP (KB977914) Atualização de Segurança para Windows XP (KB978037) Atualização de Segurança para Windows XP (KB978251) Atualização de Segurança para Windows XP (KB978262) Atualização de Segurança para Windows XP (KB978338) Atualização de Segurança para Windows XP (KB978542) Atualização de Segurança para Windows XP (KB978601) Atualização de Segurança para Windows XP (KB978706) Atualização de Segurança para Windows XP (KB979309) Atualização de Segurança para Windows XP (KB979482) Atualização de Segurança para Windows XP (KB979559) Atualização de Segurança para Windows XP (KB979683) Atualização de Segurança para Windows XP (KB980195) Atualização de Segurança para Windows XP (KB980218) Atualização de Segurança para Windows XP (KB980232) Atualização de Segurança para Windows XP (KB980436) Atualização de Segurança para Windows XP (KB981852) Atualização de Segurança para Windows XP (KB981997) Atualização de Segurança para Windows XP (KB982214) Atualização de Segurança para Windows XP (KB982665) Atualização para Windows Internet Explorer 8 (KB976662) Atualização para Windows Internet Explorer 8 (KB978506) Atualização para Windows Internet Explorer 8 (KB980182) Atualização para Windows XP (KB951978) Atualização para Windows XP (KB955759) Atualização para Windows XP (KB961503) Atualização para Windows XP (KB967715) Atualização para Windows XP (KB968389) Atualização para Windows XP (KB971737) Atualização para Windows XP (KB973687) Atualização para Windows XP (KB973815) Atualização para Windows XP (KB978207) aTube Catcher Auslogics Disk Defrag CCleaner CyberScript v3.2 DVD Solution eMule Encore 5 Ferramenta de Carregamento do Windows Live Free Mp3 Wma Converter V 1.9 GameDesire-Pool & Snooker GIF Movie Gear 4.2.3 High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix para o Windows Media Player 11 (KB939683) Hotfix para Windows XP (KB952287) Hotfix para Windows XP (KB961118) Hotfix para Windows XP (KB976098-v2) Hotfix para Windows XP (KB979306) Hotfix para Windows XP (KB981793) InCD Java Auto Updater Java 6 Update 18 JPEG Camera v0.97 JPEG USB Video Camera Driver v0.94 Junk Mail filter update LG ODD Auto Firmware Update LightModem 3.0 Malwarebytes' Anti-Malware MAX_BR Toolbar Messenger Plus! Live Messenger_Plus_Live_Portuguese Toolbar Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Antimalware Microsoft Antimalware Service PT-BR Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office XP Professional com FrontPage Microsoft Search Enhancement Pack Microsoft Security Essentials Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 Redistributable mIRC Mozilla Firefox (3.6.8) MSVC80_x86_v2 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Launcher Nero OEM Nokia Connectivity Cable Driver Nokia PC Suite Nokia Series 40 Theme Studio 2.2 Nokia Software Updater OGA Notifier 2.0.0048.0 Pacote de Driver do Windows - Nokia Modem (06/01/2009 7.01.0.4) Pacote de Driver do Windows - Nokia Modem (10/05/2009 4.2) Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) PC Connectivity Solution PhotoScape Plugin Letras.mus.br 1.10 PowerDVD PowerProducer PPP over Ethernet Protocol 0.98 Pro Evolution Soccer 2010 Search Settings v1.2.3 Segoe UI Skype Toolbars Skype™ 4.2 Softonic_Brasil Toolbar SoundMAX SpywareBlaster 4.2 Truco WinnersGames 2.1 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) USB2.0 PC Camera WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component Windows Installer Clean Up Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Galeria de Fotos Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sync Windows Live Toolbar Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 ==== Event Viewer Messages From Past Week ======== 31/8/2010 10:59:28, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 30/8/2010 18:40:26, error: W32Time [17] - Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host inacessível. (0x80072751) 30/8/2010 18:40:05, error: W32Time [17] - Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host inacessível. (0x80072751) 30/8/2010 18:40:04, error: W32Time [17] - Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host inacessível. (0x80072751) 30/8/2010 18:35:23, error: W32Time [17] - Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host inacessível. (0x80072751) 30/8/2010 17:14:22, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 30/8/2010 16:46:02, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 30/8/2010 12:02:58, error: Service Control Manager [7034] - O serviço Spooler de impressão foi encerrado inesperadamente. Isso aconteceu 1 vez(es). 30/8/2010 12:02:58, error: Service Control Manager [7034] - O serviço SeaPort foi encerrado inesperadamente. Isso aconteceu 1 vez(es). 30/8/2010 12:02:58, error: Service Control Manager [7034] - O serviço Java Quick Starter foi encerrado inesperadamente. Isso aconteceu 1 vez(es). 30/8/2010 12:02:58, error: Service Control Manager [7034] - O serviço InCD Helper foi encerrado inesperadamente. Isso aconteceu 1 vez(es). 30/8/2010 12:02:58, error: Service Control Manager [7031] - O serviço Microsoft Antimalware Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 15000 milissegundos: Reiniciar o serviço. 30/8/2010 11:11:41, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 30/8/2010 00:05:59, error: DCOM [10005] - Erro "%1084" no DCOM na tentativa de iniciar o serviço EventSystem com argumentos "" para iniciar o servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} 30/8/2010 00:05:36, error: DCOM [10005] - Erro "%1084" no DCOM na tentativa de iniciar o serviço netman com argumentos "" para iniciar o servidor: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 30/8/2010 00:05:33, error: DCOM [10005] - Erro "%1084" no DCOM na tentativa de iniciar o serviço netman com argumentos "" para iniciar o servidor: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 30/8/2010 00:05:18, error: Service Control Manager [7026] - Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip 30/8/2010 00:05:18, error: Service Control Manager [7001] - O serviço Serviços IPSEC depende do serviço Driver IPSEC, mas não foi possível iniciá-lo devido ao seguinte erro: Um dispositivo conectado ao sistema não está funcionando. 30/8/2010 00:05:18, error: Service Control Manager [7001] - O serviço Cliente DNS depende do serviço Driver de protocolo TCP/IP, mas não foi possível iniciá-lo devido ao seguinte erro: Um dispositivo conectado ao sistema não está funcionando. 30/8/2010 00:05:18, error: Service Control Manager [7001] - O serviço Cliente DHCP depende do serviço NetBios em Tcpip, mas não foi possível iniciá-lo devido ao seguinte erro: Um dispositivo conectado ao sistema não está funcionando. 30/8/2010 00:05:18, error: Service Control Manager [7001] - O serviço Auxiliar NetBIOS TCP/IP depende do serviço AFD, mas não foi possível iniciá-lo devido ao seguinte erro: Um dispositivo conectado ao sistema não está funcionando. 30/8/2010 00:04:58, error: DCOM [10005] - Erro "%1084" no DCOM na tentativa de iniciar o serviço EventSystem com argumentos "" para iniciar o servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} 29/8/2010 23:27:43, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 29/8/2010 08:54:14, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 28/8/2010 23:39:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.89.487.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: AUTORIDADE NT\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6103.0 Error code: 0x80072efd Error description: A connection with the server could not be established 28/8/2010 23:28:34, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 28/8/2010 12:31:08, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 28/8/2010 00:36:10, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 22:51:20, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 18:29:55, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 18:28:13, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 18:27:27, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 17:13:51, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 27/8/2010 09:54:29, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 26/8/2010 17:29:55, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 26/8/2010 16:35:52, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.89.283.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: AUTORIDADE NT\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6103.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 26/8/2010 16:18:18, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 26/8/2010 07:53:39, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 25/8/2010 10:15:49, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 24/8/2010 23:26:10, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 24/8/2010 22:21:41, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 24/8/2010 15:26:03, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). 24/8/2010 10:30:46, error: Dhcp [1002] - A concessão 192.168.254.1 do endereço IP para a placa de rede com endereço de rede 001731913E4B foi negada pelo servidor DHCP 192.168.254.254 (O servidor DHCP enviou uma mensagem DHCPNACK). ==== End Of File =========================== Aguardo mais instruçoes.... Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Setembro 1, 2010 Olá! <<1>> Siga o tutorial abaixo e execute o Malwarebyte's Anti-Malware. Poste o log gerado. Tutorial do Malwarebyte's Anti-Malware _____________________________________________________ <<2>> Por favor, siga o tutorial no link abaixo: #### Como usar o ComboFix #### Sugiro que imprima as instruções abaixo pois não poderá lê-las enquanto utiliza a ferramenta. Siga o tutorial e execute o ComboFix. Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta. NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador. Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações. De forma alguma saia do ComboFix usando o "X" do programa. Caso queira sair, tecle "N". Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão. Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão. Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Setembro 2, 2010 segue os logs Malwarebytes' Anti-Malware 1.44 Versão do banco de dados: 3877 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 1/9/2010 13:49:27 mbam-log-2010-09-01 (13-49-27).txt Tipo de Verificação: Completa (A:\|C:\|D:\|) Objetos verificados: 234380 Tempo decorrido: 1 hour(s), 58 minute(s), 47 second(s) Processos da Memória infectados: 0 Módulos de Memória Infectados: 0 Chaves do Registro infectadas: 0 Valores do Registro infectados: 0 Ítens do Registro infectados: 0 Pastas infectadas: 0 Arquivos infectados: 1 Processos da Memória infectados: (Nenhum ítem malicioso foi detectado) Módulos de Memória Infectados: (Nenhum ítem malicioso foi detectado) Chaves do Registro infectadas: (Nenhum ítem malicioso foi detectado) Valores do Registro infectados: (Nenhum ítem malicioso foi detectado) Ítens do Registro infectados: (Nenhum ítem malicioso foi detectado) Pastas infectadas: (Nenhum ítem malicioso foi detectado) Arquivos infectados: C:\Arquivos de programas\CyberScript32\msnmirc\dll\nHTMLn.dll (Trojan.Agent) -> Quarantined and deleted successfully. 2°LOG ComboFix 10-09-01.02 - Dih 01/09/2010 14:21:51.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.351.1046.18.511.267 [GMT -3:00] Executando de: c:\documents and settings\Dih\Desktop\ComboFix.exe AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Dih\Dados de aplicativos\PriceGong c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\1.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\a.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\b.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\c.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\d.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\e.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\f.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\g.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\h.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\i.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\J.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\k.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\l.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\m.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\mru.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\n.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\o.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\p.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\q.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\r.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\s.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\t.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\u.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\v.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\w.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\x.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\y.xml c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\z.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\1.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\a.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\b.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\c.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\d.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\e.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\f.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\g.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\h.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\i.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\J.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\k.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\l.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\m.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\n.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\o.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\p.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\q.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\r.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\s.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\t.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\u.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\v.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\w.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\x.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\y.xml c:\documents and settings\oscar\Dados de aplicativos\PriceGong\Data\z.xml c:\windows\system32\vbzlib1.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASC3360PR (((((((((((((((( Arquivos/Ficheiros criados de 2010-08-01 to 2010-09-01 )))))))))))))))))))))))))))) . 2010-08-30 14:58 . 2010-08-30 15:06 -------- dc----w- c:\arquivos de programas\Ad-Remover 2010-08-28 15:59 . 2010-08-28 15:59 -------- dcsh--w- c:\documents and settings\ramom\Phone Browser 2010-08-26 21:13 . 2010-08-30 15:43 -------- dc----w- C:\Lop SD 2010-08-21 14:38 . 2008-04-14 03:20 8192 -c--a-w- c:\windows\system32\wshirda.dll 2010-08-21 14:38 . 2008-04-14 03:20 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2010-08-21 14:38 . 2008-04-14 03:20 28672 -c--a-w- c:\windows\system32\irmon.dll 2010-08-21 14:38 . 2008-04-14 03:20 28672 -c--a-w- c:\windows\system32\dllcache\irmon.dll 2010-08-21 14:38 . 2008-04-14 03:21 152576 -c--a-w- c:\windows\system32\irftp.exe 2010-08-21 14:38 . 2008-04-14 03:21 152576 -c--a-w- c:\windows\system32\dllcache\irftp.exe 2010-08-20 13:58 . 2010-08-20 13:59 388608 -c--a-w- C:\HiJackThis.exe 2010-08-16 18:34 . 2001-09-06 02:50 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2010-08-16 18:34 . 2008-04-14 03:20 159232 -c--a-w- c:\windows\system32\ptpusd.dll 2010-08-12 20:43 . 2010-08-12 20:43 -------- dc----w- c:\documents and settings\ramom\Dados de aplicativos\Malwarebytes 2010-08-10 19:41 . 2010-08-04 15:05 1029120 -c--a-w- c:\windows\system32\flash102flv.dll 2010-08-04 20:19 . 2010-09-01 17:13 138 -c--a-w- c:\windows\system32\locale.dat 2010-08-04 14:54 . 2010-09-01 14:34 -------- dc----w- c:\arquivos de programas\CyberScript32 . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-31 20:42 . 2001-10-28 18:07 79022 ----a-w- c:\windows\system32\perfc016.dat 2010-08-31 20:42 . 2001-10-28 18:07 468108 ----a-w- c:\windows\system32\perfh016.dat 2010-08-21 11:58 . 2010-02-13 16:39 -------- dc----w- c:\arquivos de programas\Messenger_Plus_Live_Portuguese 2010-07-27 23:11 . 2010-05-08 20:51 -------- dc----w- c:\arquivos de programas\MAX_BR 2010-07-27 23:11 . 2010-03-28 17:11 -------- dc----w- c:\arquivos de programas\Softonic_Brasil 2010-07-23 22:10 . 2010-05-29 17:45 -------- dc----w- c:\documents and settings\ramom\Dados de aplicativos\PC Suite 2010-07-22 16:30 . 2010-07-22 14:57 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Skype 2010-07-22 15:38 . 2010-07-22 15:38 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Auslogics 2010-07-22 15:09 . 2010-07-22 15:09 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\skypePM 2010-07-21 19:42 . 2010-04-05 02:13 -------- dc----w- c:\arquivos de programas\WinnersGames 2010-07-21 13:40 . 2010-07-21 13:40 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Malwarebytes 2010-07-17 16:59 . 2010-07-13 13:59 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\PC Suite 2010-07-10 02:11 . 2010-05-29 17:45 -------- dc----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite 2010-07-05 15:04 . 2010-07-05 15:04 -------- dc----w- c:\windows\system32\config\systemprofile\Dados de aplicativos\Application Updater 2010-07-05 14:59 . 2010-07-05 14:58 -------- dc----w- c:\arquivos de programas\Free Audio Pack 2010-06-30 12:32 . 2004-08-04 03:45 149504 -c--a-w- c:\windows\system32\schannel.dll 2010-06-24 12:24 . 2004-08-04 03:45 916480 -c--a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-08-04 03:38 1852032 -c--a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-08-04 02:14 354304 -c--a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-08-04 03:45 80384 -c--a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2010-01-16 21:19 744448 -c--a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:42 . 2004-08-04 03:45 1172480 -c--a-w- c:\windows\system32\msxml3.dll 2010-01-30 03:27 . 2010-01-17 02:11 40960 -c--a-w- c:\arquivos de programas\Uninstall_CDS.exe . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\asyncmac.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ntfs.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\ERDNT\cache\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\browser.dll [-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lsass.exe [-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\netman.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\windows\ERDNT\cache\qmgr.dll [-] 2009-02-09 . B5AE6227853C4B6A723567A8DEF68F03 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\rpcss.dll [-] 2009-02-09 . CB6BBDCCC9F7984E2CA6CA5842746635 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll [-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2004-08-04 . 7461E79FD81D467A03CD35091D384D2B . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . 38867483E0CB504BB8F277E05729881E . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\services.exe [-] 2009-02-09 . E64296F1D45C776FAC6EE8F89EF3C303 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe [-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . CC73C4430C2FC27FDE16A0A4E3678148 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe [-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe [-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\spoolsv.exe [-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe [-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll [-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\cryptsvc.dll [-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\windows\ERDNT\cache\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:25 . 58586EB44E6FD9A711943647C8451741 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:18 . 788A6C475F332290217C33921623CF48 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2004-08-04 03:45 . 74C397E17E946D61012C301186C84124 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\imm32.dll [-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\windows\ERDNT\cache\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 03DA51CE83B0D693A10C91B139BBD221 . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . 424919C0378FD828E0FE4683B480BE9B . 1028096 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2004-08-04 . AD72A244955E89EBBB8FABF02F8041C6 . 1022464 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll [-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\linkinfo.dll [-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lpk.dll [-] 2010-06-24 . BFD26DB90A37C2B79EBA3F0FCB36B5CF . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\mshtml.dll [-] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . 20800D7145CF4E247775458B404FD44A . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll [-] 2010-05-06 . AA1410ABF16D5F3655569927075CEF05 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . 23099BB44DA6A7D80B15FF4F7C51877D . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 6D179FBB1B42A3C33955652D3A38BFDF . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-22 . A4FCA9BAA4659222874AB4C130E9C56D . 3084800 . . [6.00.2900.3660] . . c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2009-12-22 . A4FCA9BAA4659222874AB4C130E9C56D . 3084800 . . [6.00.2900.3660] . . c:\windows\ERDNT\cache\mshtml.dll [-] 2009-12-22 . 0EEFCAFFE3216936538D250E280BA9BB . 3092480 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\mshtml.dll [-] 2009-12-22 . 9CEF5BDCA08EF0E1EDBE554DD42EA78A . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll [-] 2009-12-22 . 9CEF5BDCA08EF0E1EDBE554DD42EA78A . 3092480 . . [6.00.2900.5921] . . c:\windows\ie8\mshtml.dll [-] 2009-12-22 . 876465CA0016F14EDB3CBC9BCE9212E1 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll [-] 2009-12-21 . B5A5C997C2F926C40CCC64A3BD377D4B . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . AAD700DEA94EE6E56E591C351111941A . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 0400A0005968E08910288E8C83350C53 . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll [-] 2009-10-29 . 0400A0005968E08910288E8C83350C53 . 3091968 . . [6.00.2900.5897] . . c:\windows\$NtUninstallKB978207$\mshtml.dll [-] 2009-10-29 . 58A17D0C94F23CD59346720B0C374A90 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 80F9322FBC4BBBC3A0DB6E9B3C953C60 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 894ED07C32A34C94D2D152091C2C666B . 3084288 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207_0$\mshtml.dll [-] 2009-10-29 . 83C85ADB961232DA44A36314B7AC0F2F . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll [-] 2009-10-29 . 7E6CF52059A20F624607F65F4EEAC7CB . 3091968 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB976325$\mshtml.dll [-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2004-08-04 . 2D36439FE3C0FBD30F5ABD8FDBAA31B5 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB976325_0$\mshtml.dll [-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\windows\ERDNT\cache\msvcrt.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\windows\ERDNT\cache\mswsock.dll [-] 2008-06-20 . E8C71AECFD3B76407430A22C9EB371FF . 247808 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . DB19E9D916B10319A17572B3E7E63FAC . 247808 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll [-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll [-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll [-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\netlogon.dll [-] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-04-28 . 4E6A46B3168F5A5AABD76A9A0FFE0571 . 2150400 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe [-] 2010-04-28 . 2B14801C5D196E8BEC3EA573B3B2DA44 . 2194304 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . 46CBD078D6273AAC9BB98F7A964B007F . 2150400 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . 8A47EB27E99109826F8A54BB64BE8131 . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . C25035B93BDF12E2CB89C6F5BF8B99F1 . 2193536 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 2F96B731F201031071DDE5EEE414B24C . 2149376 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-05 . 5478469B21B53EFCA944412D2DE6ABCA . 2193408 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 89733862C3CE777D821253A842C36291 . 2149376 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . 3B75E61D1546C05A959EDFE11F1510D1 . 2193536 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 23BB94AD11225E8AE43015CF857FD4BA . 2190208 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe [-] 2009-08-04 . ABE4DD1C48487AD0C2DEFB972549CBAB . 2140160 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2009-08-04 . ABE4DD1C48487AD0C2DEFB972549CBAB . 2140160 . . [5.1.2600.3610] . . c:\windows\ERDNT\cache\ntoskrnl.exe [-] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . AF8A3B4150C87E692E5CD27836BFA83D . 2190336 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [-] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2009-02-09 . 7F92E99C2FCC721DE2B8A3B6A6BC4FFF . 2149376 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-04-14 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2008-04-14 . 0ED0AB8E279126064A46A73A5ED59069 . 2149376 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2004-08-04 . 91448D27F6DFAF50DD1D5FD3D8C1F3BD . 2152448 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntoskrnl.exe [-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\powrprof.dll [-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\scecli.dll [-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfc.dll [-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\svchost.exe [-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\tapisrv.dll [-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\user32.dll [-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\userinit.exe [-] 2010-06-24 . 119AC859ABDA997E87CD30E10145B1AD . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . c:\windows\system32\wininet.dll [-] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . 2B050AA55BEB6F3D5BF29FD7D3893A4E . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . 326CDF2109D669998922946D6B490836 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . E5CC74D62E06066451D59248CBFBAED0 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . D8E3E2FD8928B2BD8BEB2518C2E45ED1 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-22 . F4D30BAB1887DF1A51BE1ADA1144E258 . 664064 . . [6.00.2900.3660] . . c:\windows\$NtServicePackUninstall$\wininet.dll [-] 2009-12-22 . F4D30BAB1887DF1A51BE1ADA1144E258 . 664064 . . [6.00.2900.3660] . . c:\windows\ERDNT\cache\wininet.dll [-] 2009-12-22 . 7C71CB1573D17542DDC37C6D7B623AA1 . 670720 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll [-] 2009-12-22 . 48447E9A4417F21933C1A2C2CCC37E4E . 669184 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll [-] 2009-12-22 . 48447E9A4417F21933C1A2C2CCC37E4E . 669184 . . [6.00.2900.5921] . . c:\windows\ie8\wininet.dll [-] 2009-12-22 . 596C8203A6EA00FD970436984A6539B4 . 670720 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll [-] 2009-12-21 . 79805286A6D381A658A1871F6B3588B9 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 11162780821A0531D39E675A662D766F . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 191FFB2798E4DB25F04C2E71C9595A85 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . E30B8F0D3BFAF4B403C57F05242AEF74 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 33F66E223793072231CED7FA3C02F877 . 664064 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207_0$\wininet.dll [-] 2009-10-29 . 4415FF5D7386D49186AD9174EBA0A760 . 669184 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll [-] 2009-10-29 . 4415FF5D7386D49186AD9174EBA0A760 . 669184 . . [6.00.2900.5897] . . c:\windows\$NtUninstallKB978207$\wininet.dll [-] 2009-10-29 . 892AB77C3FA3A5B64EAFEFFB45661963 . 670720 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [-] 2009-10-29 . 55F5CB6F5FB06679097F1DA144245CD5 . 670720 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB976325$\wininet.dll [-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2004-08-04 . 398A619CE60090303042D1F8CC68F712 . 658432 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB976325_0$\wininet.dll [-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ws2_32.dll [-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\explorer.exe [-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll [-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\srsvc.dll [-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\wscntfy.exe [-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\xmlprov.dll [-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\eventlog.dll [-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfcfiles.dll [-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ctfmon.exe [-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\shsvcs.dll [-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\regsvc.dll [-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\schedsvc.dll [-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ssdpsrv.dll [-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\termsrv.dll [-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll [-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\appmgmts.dll [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\ERDNT\cache\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ip6fw.sys [-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\windows\ERDNT\cache\mfc40u.dll [-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\msgsvc.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . 1E4A43698D5FCEE3776A1487C43D99AB . 2071040 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-04-28 . 1E4A43698D5FCEE3776A1487C43D99AB . 2071040 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-04-28 . CAE51873B94D3C2CF6FCB555A042B9DF . 2028544 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . 4CC872935CC85068DF50923A0DF53FC3 . 2028544 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . E94AC126E7ADFD40DC4E38D2E91236D8 . 2071168 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 7D45AF0A376A7EEE59B2A4BCDC304C9C . 2070400 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . FC563DD4043C14C9B91D9CC0D1186FB1 . 2028032 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-05 . 6FEC1B436323CC29B3008D7C5BF2A10F . 2070400 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . B7A8A8A3B9C2E259689140F5F8E46842 . 2070272 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . 90AFCA87DE42E75E4C0D5FC660006F5C . 2028032 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-08-04 . 5B655CC36552CF102F75A4422F7A9A00 . 2067200 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe [-] 2009-08-04 . 768C3ACBAF109B2D498B682473CABD54 . 2019840 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2009-08-04 . 768C3ACBAF109B2D498B682473CABD54 . 2019840 . . [5.1.2600.3610] . . c:\windows\ERDNT\cache\ntkrnlpa.exe [-] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 9CFC9992BF7C7AFE6FF7E5DE76D74A5F . 2067200 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [-] 2009-02-09 . 09C6501998773C0D0A1D7AA7B2B0CE66 . 2028032 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-04-14 . 763EE1C250EC83EFD11FBF51AC4A6D82 . 2028032 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2004-08-04 . 31DFE96B6B6FA4C9CA098CEAF21B29A5 . 2019328 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntkrnlpa.exe [-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\windows\ERDNT\cache\ntmssvc.dll [-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\upnphost.dll [-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}] 2010-07-27 23:23 2734688 -c--a-w- c:\arquivos de programas\Softonic_Brasil\tbSof0.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] 2010-05-27 14:13 2515552 -c--a-w- c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3A5CD1D-2A58-4A37-8C42-B64B4E2D5D6E}] 2010-08-04 15:05 1029120 -c--a-w- c:\windows\system32\flash102flv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] 2010-07-27 23:23 2734688 -c--a-w- c:\arquivos de programas\MAX_BR\tbMAX0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b46b614e-44c7-4448-ac14-9ab9f7740d64}"= "c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll" [2010-05-27 2515552] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSof0.dll" [2010-07-27 2734688] "{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}"= "c:\arquivos de programas\MAX_BR\tbMAX0.dll" [2010-07-27 2734688] [HKEY_CLASSES_ROOT\clsid\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CLASSES_ROOT\clsid\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{B46B614E-44C7-4448-AC14-9AB9F7740D64}"= "c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll" [2010-05-27 2515552] "{FE379C63-1156-4C8C-8DBB-F823D3EA4B37}"= "c:\arquivos de programas\MAX_BR\tbMAX0.dll" [2010-07-27 2734688] "{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSof0.dll" [2010-07-27 2734688] [HKEY_CLASSES_ROOT\clsid\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] [HKEY_CLASSES_ROOT\clsid\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 03:21 110592 -c--a-w- c:\windows\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 02:20 15360 -c--a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera] 2007-07-11 19:09 20480 -c--a-w- c:\windows\FixCamera.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-01-17 03:09 135664 -c--atw- c:\documents and settings\ramom\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] 2004-10-27 17:21 61952 -c----w- c:\windows\system32\HdAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2006-03-14 02:06 1397760 ------w- c:\arquivos de programas\Ahead\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] 2010-01-17 02:40 557056 ----a-w- c:\arquivos de programas\lg_fwupdate\fwupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] 2005-05-18 07:57 188416 -c----w- c:\arquivos de programas\ltmoh\ltmoh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 19:44 3883840 -c--a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE] 2010-06-01 17:53 1093208 -c--a-w- c:\arquivos de programas\Microsoft Security Essentials\msseces.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 12:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 13:57 1451520 -c--a-w- c:\arquivos de programas\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 22:24 32768 ----a-w- c:\arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std] 2007-09-28 19:32 344064 -c----w- c:\windows\vsnp2std.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2005-05-20 09:11 925696 ----a-w- c:\arquivos de programas\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 17:21 246504 -c--a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std] 2007-05-12 14:19 270336 -c--a-w- c:\windows\tsnp2std.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\Arquivos de programas\\PhotoScape\\PhotoScape.exe"= "c:\\Documents and Settings\\ramom\\Configurações locais\\Dados de aplicativos\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Arquivos de programas\\Windows Media Player\\wmdbexport.exe"= "c:\\WINDOWS\\system32\\HDAShCut.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\getodd.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\GetODDModel.exe"= "c:\\WINDOWS\\system32\\wscntfy.exe"= "c:\\WINDOWS\\system32\\NeroCheck.exe"= "c:\\Documents and Settings\\ramom\\Configurações locais\\Dados de aplicativos\\Google\\Update\\GoogleUpdate.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Windows Live\\Toolbar\\wltuser.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\getadmin.exe"= "c:\\Arquivos de programas\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe"= "c:\\Arquivos de programas\\Analog Devices\\Core\\smax4pnp.exe"= "c:\\Arquivos de programas\\CyberScript32\\CyberScript.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\fwupdate.exe"= "c:\\oscar\\wlsetup-custom.exe"= "c:\\Arquivos de programas\\Ahead\\InCD\\InCD.exe"= "c:\\Arquivos de programas\\Windows Live\\Contacts\\wlcomm.exe"= "c:\\WINDOWS\\system32\\wuauclt.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\Buyer.exe"= "c:\\WINDOWS\\system32\\WgaTray.exe"= "c:\\Arquivos de programas\\ltmoh\\Ltmoh.exe"= "c:\\WINDOWS\\system32\\taskmgr.exe"= "c:\\Arquivos de programas\\Analog Devices\\SoundMAX\\Smax4.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\oscar\\eMule\\emule.exe"= "c:\\Arquivos de programas\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Arquivos de programas\\Arquivos comuns\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= "c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"= R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [9/6/2002 23:09 31232] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [31/5/2010 23:25 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [31/5/2010 23:25 8320] . Conteúdo da pasta 'Tarefas Agendadas' 2010-09-01 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] 2010-09-01 c:\windows\Tasks\User_Feed_Synchronization-{4149C9B5-B8C4-4522-8252-6D3A5332BB93}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 06:31] 2010-09-01 c:\windows\Tasks\User_Feed_Synchronization-{7591141C-7460-4C2F-8949-CAF1DAD084F0}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 06:31] . . ------- Scan Suplementar ------- . IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MI1933~1\Office10\EXCEL.EXE/3000 TCP: {229BCC09-E9B9-4C62-A762-04A24156DA2A} = 200.165.132.148 200.165.132.155 FF - ProfilePath - c:\documents and settings\Dih\Dados de aplicativos\Mozilla\Firefox\Profiles\piywsds7.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.plusnetwork.com FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-01 14:31 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\.*%Û*<%] @="+Û+_auto_file" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell] @="open" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\open] @="A&brir" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\open\command] @="c:\\Arquivos de programas\\Windows Media Player\\wmplayer.exe /Open \"%L\"" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\play] @="&Executar" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\play\command] @="c:\\Arquivos de programas\\Windows Media Player\\wmplayer.exe /Play \"%L\"" . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'explorer.exe'(2236) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\arquivos de programas\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\arquivos de programas\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\arquivos de programas\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_por-br.nlr c:\arquivos de programas\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Outros Processos em Execução ------------------------ . c:\arquivos de programas\Microsoft Security Essentials\MsMpEng.exe c:\arquivos de programas\Ahead\InCD\InCDsrv.exe c:\arquivos de programas\Java\jre6\bin\jqs.exe c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Tempo para conclusão: 2010-09-01 14:37:42 - Máquina reiniciou ComboFix-quarantined-files.txt 2010-09-01 17:37 Pré-execução: 19 pasta(s) 49.248.120.832 bytes disponíveis Pós execução: 21 pasta(s) 49.802.432.512 bytes disponíveis - - End Of File - - 88E9C150833015A1A406B2BF8CFB053B ah lembrando que mesmu com issu meu problema continua.. aguardo mais instruçoes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Setembro 2, 2010 Olá! Por favor execute novamente o ComboFix. Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Setembro 6, 2010 logo do comboFix ComboFix 10-09-01.02 - Dih 06/09/2010 11:37:11.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.351.1046.18.511.221 [GMT -3:00] Executando de: c:\documents and settings\Dih\Desktop\ComboFix.exe AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Dih\Dados de aplicativos\PriceGong c:\documents and settings\Dih\Dados de aplicativos\PriceGong\Data\mru.xml . (((((((((((((((( Arquivos/Ficheiros criados de 2010-08-06 to 2010-09-06 )))))))))))))))))))))))))))) . 2010-09-03 20:42 . 2010-09-03 20:42 -------- dc----w- c:\arquivos de programas\Arquivos comuns\MainConcept 2010-09-03 20:41 . 2010-09-03 20:46 -------- dc----w- c:\documents and settings\ramom\.SimpleCenter 2010-09-03 20:40 . 2010-09-03 20:40 -------- dc----w- c:\arquivos de programas\Arquivos comuns\i4j_jres 2010-09-03 20:39 . 2010-09-03 20:41 -------- dc----w- c:\arquivos de programas\SimpleCenter 2010-08-30 14:58 . 2010-08-30 15:06 -------- dc----w- c:\arquivos de programas\Ad-Remover 2010-08-28 15:59 . 2010-08-28 15:59 -------- dcsh--w- c:\documents and settings\ramom\Phone Browser 2010-08-26 21:13 . 2010-08-30 15:43 -------- dc----w- C:\Lop SD 2010-08-21 14:38 . 2008-04-14 03:20 8192 -c--a-w- c:\windows\system32\wshirda.dll 2010-08-21 14:38 . 2008-04-14 03:20 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2010-08-21 14:38 . 2008-04-14 03:20 28672 -c--a-w- c:\windows\system32\irmon.dll 2010-08-21 14:38 . 2008-04-14 03:20 28672 -c--a-w- c:\windows\system32\dllcache\irmon.dll 2010-08-21 14:38 . 2008-04-14 03:21 152576 -c--a-w- c:\windows\system32\irftp.exe 2010-08-21 14:38 . 2008-04-14 03:21 152576 -c--a-w- c:\windows\system32\dllcache\irftp.exe 2010-08-20 13:58 . 2010-08-20 13:59 388608 -c--a-w- C:\HiJackThis.exe 2010-08-16 18:34 . 2001-09-06 02:50 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2010-08-16 18:34 . 2008-04-14 03:20 159232 -c--a-w- c:\windows\system32\ptpusd.dll 2010-08-12 20:43 . 2010-08-12 20:43 -------- dc----w- c:\documents and settings\ramom\Dados de aplicativos\Malwarebytes 2010-08-10 19:41 . 2010-09-02 04:10 1029632 -c--a-w- c:\windows\system32\flash102flv.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-06 14:19 . 2010-08-04 14:54 -------- dc----w- c:\arquivos de programas\CyberScript32 2010-09-03 20:48 . 2010-05-29 17:34 -------- dc----w- c:\arquivos de programas\Nokia 2010-09-02 04:34 . 2010-08-04 20:19 138 -c--a-w- c:\windows\system32\locale.dat 2010-08-31 20:42 . 2001-10-28 18:07 79022 ----a-w- c:\windows\system32\perfc016.dat 2010-08-31 20:42 . 2001-10-28 18:07 468108 ----a-w- c:\windows\system32\perfh016.dat 2010-08-21 11:58 . 2010-02-13 16:39 -------- dc----w- c:\arquivos de programas\Messenger_Plus_Live_Portuguese 2010-07-27 23:11 . 2010-05-08 20:51 -------- dc----w- c:\arquivos de programas\MAX_BR 2010-07-27 23:11 . 2010-03-28 17:11 -------- dc----w- c:\arquivos de programas\Softonic_Brasil 2010-07-23 22:10 . 2010-05-29 17:45 -------- dc----w- c:\documents and settings\ramom\Dados de aplicativos\PC Suite 2010-07-22 16:30 . 2010-07-22 14:57 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Skype 2010-07-22 15:38 . 2010-07-22 15:38 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Auslogics 2010-07-22 15:09 . 2010-07-22 15:09 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\skypePM 2010-07-21 19:42 . 2010-04-05 02:13 -------- dc----w- c:\arquivos de programas\WinnersGames 2010-07-21 13:40 . 2010-07-21 13:40 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\Malwarebytes 2010-07-17 16:59 . 2010-07-13 13:59 -------- dc----w- c:\documents and settings\Dih\Dados de aplicativos\PC Suite 2010-07-10 02:11 . 2010-05-29 17:45 -------- dc----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite 2010-06-30 12:32 . 2004-08-04 03:45 149504 -c--a-w- c:\windows\system32\schannel.dll 2010-06-24 12:24 . 2004-08-04 03:45 916480 -c--a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-08-04 03:38 1852032 -c--a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-08-04 02:14 354304 -c--a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-08-04 03:45 80384 -c--a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2010-01-16 21:19 744448 -c--a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:42 . 2004-08-04 03:45 1172480 -c--a-w- c:\windows\system32\msxml3.dll 2010-01-30 03:27 . 2010-01-17 02:11 40960 -c--a-w- c:\arquivos de programas\Uninstall_CDS.exe . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\asyncmac.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ntfs.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\ERDNT\cache\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\browser.dll [-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lsass.exe [-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\netman.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\windows\ERDNT\cache\qmgr.dll [-] 2009-02-09 . B5AE6227853C4B6A723567A8DEF68F03 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\rpcss.dll [-] 2009-02-09 . CB6BBDCCC9F7984E2CA6CA5842746635 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll [-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2004-08-04 . 7461E79FD81D467A03CD35091D384D2B . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . 38867483E0CB504BB8F277E05729881E . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\services.exe [-] 2009-02-09 . E64296F1D45C776FAC6EE8F89EF3C303 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe [-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . CC73C4430C2FC27FDE16A0A4E3678148 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe [-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe [-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\spoolsv.exe [-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe [-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll [-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\cryptsvc.dll [-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\windows\ERDNT\cache\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:25 . 58586EB44E6FD9A711943647C8451741 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:18 . 788A6C475F332290217C33921623CF48 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2004-08-04 03:45 . 74C397E17E946D61012C301186C84124 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\imm32.dll [-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\windows\ERDNT\cache\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 03DA51CE83B0D693A10C91B139BBD221 . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . 424919C0378FD828E0FE4683B480BE9B . 1028096 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2004-08-04 . AD72A244955E89EBBB8FABF02F8041C6 . 1022464 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll [-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\linkinfo.dll [-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lpk.dll [-] 2010-06-24 . BFD26DB90A37C2B79EBA3F0FCB36B5CF . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\mshtml.dll [-] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . 20800D7145CF4E247775458B404FD44A . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll [-] 2010-05-06 . AA1410ABF16D5F3655569927075CEF05 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . 23099BB44DA6A7D80B15FF4F7C51877D . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 6D179FBB1B42A3C33955652D3A38BFDF . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-22 . A4FCA9BAA4659222874AB4C130E9C56D . 3084800 . . [6.00.2900.3660] . . c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2009-12-22 . A4FCA9BAA4659222874AB4C130E9C56D . 3084800 . . [6.00.2900.3660] . . c:\windows\ERDNT\cache\mshtml.dll [-] 2009-12-22 . 0EEFCAFFE3216936538D250E280BA9BB . 3092480 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\mshtml.dll [-] 2009-12-22 . 9CEF5BDCA08EF0E1EDBE554DD42EA78A . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll [-] 2009-12-22 . 9CEF5BDCA08EF0E1EDBE554DD42EA78A . 3092480 . . [6.00.2900.5921] . . c:\windows\ie8\mshtml.dll [-] 2009-12-22 . 876465CA0016F14EDB3CBC9BCE9212E1 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll [-] 2009-12-21 . B5A5C997C2F926C40CCC64A3BD377D4B . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . AAD700DEA94EE6E56E591C351111941A . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 0400A0005968E08910288E8C83350C53 . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll [-] 2009-10-29 . 0400A0005968E08910288E8C83350C53 . 3091968 . . [6.00.2900.5897] . . c:\windows\$NtUninstallKB978207$\mshtml.dll [-] 2009-10-29 . 58A17D0C94F23CD59346720B0C374A90 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 80F9322FBC4BBBC3A0DB6E9B3C953C60 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 894ED07C32A34C94D2D152091C2C666B . 3084288 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207_0$\mshtml.dll [-] 2009-10-29 . 83C85ADB961232DA44A36314B7AC0F2F . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll [-] 2009-10-29 . 7E6CF52059A20F624607F65F4EEAC7CB . 3091968 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB976325$\mshtml.dll [-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2004-08-04 . 2D36439FE3C0FBD30F5ABD8FDBAA31B5 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB976325_0$\mshtml.dll [-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\windows\ERDNT\cache\msvcrt.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\windows\ERDNT\cache\mswsock.dll [-] 2008-06-20 . E8C71AECFD3B76407430A22C9EB371FF . 247808 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . DB19E9D916B10319A17572B3E7E63FAC . 247808 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll [-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll [-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll [-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\netlogon.dll [-] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-04-28 . 4E6A46B3168F5A5AABD76A9A0FFE0571 . 2150400 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe [-] 2010-04-28 . 2B14801C5D196E8BEC3EA573B3B2DA44 . 2194304 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . 46CBD078D6273AAC9BB98F7A964B007F . 2150400 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . 8A47EB27E99109826F8A54BB64BE8131 . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . C25035B93BDF12E2CB89C6F5BF8B99F1 . 2193536 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 2F96B731F201031071DDE5EEE414B24C . 2149376 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-05 . 5478469B21B53EFCA944412D2DE6ABCA . 2193408 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 89733862C3CE777D821253A842C36291 . 2149376 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . 3B75E61D1546C05A959EDFE11F1510D1 . 2193536 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 23BB94AD11225E8AE43015CF857FD4BA . 2190208 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe [-] 2009-08-04 . ABE4DD1C48487AD0C2DEFB972549CBAB . 2140160 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2009-08-04 . ABE4DD1C48487AD0C2DEFB972549CBAB . 2140160 . . [5.1.2600.3610] . . c:\windows\ERDNT\cache\ntoskrnl.exe [-] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . AF8A3B4150C87E692E5CD27836BFA83D . 2190336 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [-] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2009-02-09 . 7F92E99C2FCC721DE2B8A3B6A6BC4FFF . 2149376 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-04-14 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2008-04-14 . 0ED0AB8E279126064A46A73A5ED59069 . 2149376 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2004-08-04 . 91448D27F6DFAF50DD1D5FD3D8C1F3BD . 2152448 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntoskrnl.exe [-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\powrprof.dll [-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\scecli.dll [-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfc.dll [-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\svchost.exe [-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\tapisrv.dll [-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\user32.dll [-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\userinit.exe [-] 2010-06-24 . 119AC859ABDA997E87CD30E10145B1AD . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . c:\windows\system32\wininet.dll [-] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . 2B050AA55BEB6F3D5BF29FD7D3893A4E . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . 326CDF2109D669998922946D6B490836 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . E5CC74D62E06066451D59248CBFBAED0 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . D8E3E2FD8928B2BD8BEB2518C2E45ED1 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-22 . F4D30BAB1887DF1A51BE1ADA1144E258 . 664064 . . [6.00.2900.3660] . . c:\windows\$NtServicePackUninstall$\wininet.dll [-] 2009-12-22 . F4D30BAB1887DF1A51BE1ADA1144E258 . 664064 . . [6.00.2900.3660] . . c:\windows\ERDNT\cache\wininet.dll [-] 2009-12-22 . 7C71CB1573D17542DDC37C6D7B623AA1 . 670720 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll [-] 2009-12-22 . 48447E9A4417F21933C1A2C2CCC37E4E . 669184 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll [-] 2009-12-22 . 48447E9A4417F21933C1A2C2CCC37E4E . 669184 . . [6.00.2900.5921] . . c:\windows\ie8\wininet.dll [-] 2009-12-22 . 596C8203A6EA00FD970436984A6539B4 . 670720 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll [-] 2009-12-21 . 79805286A6D381A658A1871F6B3588B9 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 11162780821A0531D39E675A662D766F . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 191FFB2798E4DB25F04C2E71C9595A85 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . E30B8F0D3BFAF4B403C57F05242AEF74 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 33F66E223793072231CED7FA3C02F877 . 664064 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207_0$\wininet.dll [-] 2009-10-29 . 4415FF5D7386D49186AD9174EBA0A760 . 669184 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll [-] 2009-10-29 . 4415FF5D7386D49186AD9174EBA0A760 . 669184 . . [6.00.2900.5897] . . c:\windows\$NtUninstallKB978207$\wininet.dll [-] 2009-10-29 . 892AB77C3FA3A5B64EAFEFFB45661963 . 670720 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [-] 2009-10-29 . 55F5CB6F5FB06679097F1DA144245CD5 . 670720 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB976325$\wininet.dll [-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2004-08-04 . 398A619CE60090303042D1F8CC68F712 . 658432 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB976325_0$\wininet.dll [-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ws2_32.dll [-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\explorer.exe [-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll [-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\srsvc.dll [-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\wscntfy.exe [-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\xmlprov.dll [-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\eventlog.dll [-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfcfiles.dll [-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ctfmon.exe [-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\shsvcs.dll [-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\regsvc.dll [-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\schedsvc.dll [-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ssdpsrv.dll [-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\termsrv.dll [-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll [-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\appmgmts.dll [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys [-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\ERDNT\cache\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ip6fw.sys [-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\windows\ERDNT\cache\mfc40u.dll [-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\msgsvc.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 23:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . 1E4A43698D5FCEE3776A1487C43D99AB . 2071040 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-04-28 . 1E4A43698D5FCEE3776A1487C43D99AB . 2071040 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-04-28 . CAE51873B94D3C2CF6FCB555A042B9DF . 2028544 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . 4CC872935CC85068DF50923A0DF53FC3 . 2028544 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . E94AC126E7ADFD40DC4E38D2E91236D8 . 2071168 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 7D45AF0A376A7EEE59B2A4BCDC304C9C . 2070400 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . FC563DD4043C14C9B91D9CC0D1186FB1 . 2028032 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-05 . 6FEC1B436323CC29B3008D7C5BF2A10F . 2070400 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . B7A8A8A3B9C2E259689140F5F8E46842 . 2070272 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . 90AFCA87DE42E75E4C0D5FC660006F5C . 2028032 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-08-04 . 5B655CC36552CF102F75A4422F7A9A00 . 2067200 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe [-] 2009-08-04 . 768C3ACBAF109B2D498B682473CABD54 . 2019840 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2009-08-04 . 768C3ACBAF109B2D498B682473CABD54 . 2019840 . . [5.1.2600.3610] . . c:\windows\ERDNT\cache\ntkrnlpa.exe [-] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 9CFC9992BF7C7AFE6FF7E5DE76D74A5F . 2067200 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [-] 2009-02-09 . 09C6501998773C0D0A1D7AA7B2B0CE66 . 2028032 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-04-14 . 763EE1C250EC83EFD11FBF51AC4A6D82 . 2028032 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2004-08-04 . 31DFE96B6B6FA4C9CA098CEAF21B29A5 . 2019328 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntkrnlpa.exe [-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\windows\ERDNT\cache\ntmssvc.dll [-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\upnphost.dll [-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}] 2010-07-27 23:23 2734688 -c--a-w- c:\arquivos de programas\Softonic_Brasil\tbSof0.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] 2010-05-27 14:13 2515552 -c--a-w- c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3A5CD1D-2A58-4A37-8C42-B64B4E2D5D6E}] 2010-09-02 04:10 1029632 -c--a-w- c:\windows\system32\flash102flv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] 2010-07-27 23:23 2734688 -c--a-w- c:\arquivos de programas\MAX_BR\tbMAX0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b46b614e-44c7-4448-ac14-9ab9f7740d64}"= "c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll" [2010-05-27 2515552] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSof0.dll" [2010-07-27 2734688] "{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}"= "c:\arquivos de programas\MAX_BR\tbMAX0.dll" [2010-07-27 2734688] [HKEY_CLASSES_ROOT\clsid\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CLASSES_ROOT\clsid\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{B46B614E-44C7-4448-AC14-9AB9F7740D64}"= "c:\arquivos de programas\Messenger_Plus_Live_Portuguese\tbMes1.dll" [2010-05-27 2515552] "{FE379C63-1156-4C8C-8DBB-F823D3EA4B37}"= "c:\arquivos de programas\MAX_BR\tbMAX0.dll" [2010-07-27 2734688] "{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSof0.dll" [2010-07-27 2734688] [HKEY_CLASSES_ROOT\clsid\{b46b614e-44c7-4448-ac14-9ab9f7740d64}] [HKEY_CLASSES_ROOT\clsid\{fe379c63-1156-4c8c-8dbb-f823d3ea4b37}] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sclauncher"="c:\arquivos de programas\SimpleCenter\bin\win\sclauncher.exe" [2007-10-11 94208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 03:21 110592 -c--a-w- c:\windows\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 02:20 15360 -c--a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera] 2007-07-11 19:09 20480 -c--a-w- c:\windows\FixCamera.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-01-17 03:09 135664 -c--atw- c:\documents and settings\ramom\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] 2004-10-27 17:21 61952 -c----w- c:\windows\system32\HdAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2006-03-14 02:06 1397760 ------w- c:\arquivos de programas\Ahead\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] 2010-01-17 02:40 557056 ----a-w- c:\arquivos de programas\lg_fwupdate\fwupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] 2005-05-18 07:57 188416 -c----w- c:\arquivos de programas\ltmoh\ltmoh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 19:44 3883840 -c--a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE] 2010-06-01 17:53 1093208 -c--a-w- c:\arquivos de programas\Microsoft Security Essentials\msseces.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 12:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 13:57 1451520 -c--a-w- c:\arquivos de programas\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 22:24 32768 ----a-w- c:\arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std] 2007-09-28 19:32 344064 -c----w- c:\windows\vsnp2std.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2005-05-20 09:11 925696 ----a-w- c:\arquivos de programas\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 17:21 246504 -c--a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std] 2007-05-12 14:19 270336 -c--a-w- c:\windows\tsnp2std.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\Arquivos de programas\\PhotoScape\\PhotoScape.exe"= "c:\\Documents and Settings\\ramom\\Configurações locais\\Dados de aplicativos\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Arquivos de programas\\Windows Media Player\\wmdbexport.exe"= "c:\\WINDOWS\\system32\\HDAShCut.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\getodd.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\GetODDModel.exe"= "c:\\WINDOWS\\system32\\wscntfy.exe"= "c:\\WINDOWS\\system32\\NeroCheck.exe"= "c:\\Documents and Settings\\ramom\\Configurações locais\\Dados de aplicativos\\Google\\Update\\GoogleUpdate.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Windows Live\\Toolbar\\wltuser.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\getadmin.exe"= "c:\\Arquivos de programas\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe"= "c:\\Arquivos de programas\\Analog Devices\\Core\\smax4pnp.exe"= "c:\\Arquivos de programas\\CyberScript32\\CyberScript.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\fwupdate.exe"= "c:\\oscar\\wlsetup-custom.exe"= "c:\\Arquivos de programas\\Ahead\\InCD\\InCD.exe"= "c:\\Arquivos de programas\\Windows Live\\Contacts\\wlcomm.exe"= "c:\\WINDOWS\\system32\\wuauclt.exe"= "c:\\Arquivos de programas\\lg_fwupdate\\Buyer.exe"= "c:\\WINDOWS\\system32\\WgaTray.exe"= "c:\\Arquivos de programas\\ltmoh\\Ltmoh.exe"= "c:\\WINDOWS\\system32\\taskmgr.exe"= "c:\\Arquivos de programas\\Analog Devices\\SoundMAX\\Smax4.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\oscar\\eMule\\emule.exe"= "c:\\Arquivos de programas\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Arquivos de programas\\Arquivos comuns\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= "c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"= "c:\\Arquivos de programas\\SimpleCenter\\Home Media Server.exe"= R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [9/6/2002 23:09 31232] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [31/5/2010 23:25 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [31/5/2010 23:25 8320] . Conteúdo da pasta 'Tarefas Agendadas' 2010-09-06 c:\windows\Tasks\MP Scheduled Scan.job - c:\arquivos de programas\Microsoft Security Essentials\MpCmdRun.exe [2010-03-26 00:40] 2010-09-06 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] 2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{4149C9B5-B8C4-4522-8252-6D3A5332BB93}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 06:31] 2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{7591141C-7460-4C2F-8949-CAF1DAD084F0}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 06:31] . . ------- Scan Suplementar ------- . IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MI1933~1\Office10\EXCEL.EXE/3000 TCP: {229BCC09-E9B9-4C62-A762-04A24156DA2A} = 200.165.132.148 200.165.132.155 FF - ProfilePath - c:\documents and settings\Dih\Dados de aplicativos\Mozilla\Firefox\Profiles\piywsds7.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.plusnetwork.com FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-06 11:44 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\.*%Û*<%] @="+Û+_auto_file" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell] @="open" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\open] @="A&brir" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\open\command] @="c:\\Arquivos de programas\\Windows Media Player\\wmplayer.exe /Open \"%L\"" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\play] @="&Executar" [HKEY_LOCAL_MACHINE\software\Classes\%Û*<%_*a*u*t*o*_*f*i*l*e*\shell\play\command] @="c:\\Arquivos de programas\\Windows Media Player\\wmplayer.exe /Play \"%L\"" . Tempo para conclusão: 2010-09-06 11:51:17 ComboFix-quarantined-files.txt 2010-09-06 14:51 ComboFix2.txt 2010-09-01 17:37 Pré-execução: 20 pasta(s) 48.982.036.480 bytes disponíveis Pós execução: 21 pasta(s) 49.119.932.416 bytes disponíveis - - End Of File - - 7B3BFAC6E6D90044DA55EE2CD58AEC1F Mesmu com essa 2° vez que execultei o combofix ainda continua meu problema os dizeres sao os seguintes: Conexão reiniciada A conexão para o servidor foi reiniciada durante o carregamento da página. * Este site pode estar temporariamente fora do ar ou sobrecarregado. Tente de novo em alguns instantes. * Se você não consegue carregar nenhuma página, verifique a conexão de rede do computador. * Se o seu computador ou rede forem protegidos por um firewall ou proxy, certifique-se de que o Firefox esteja autorizado a acessar a web. E é só esse site que faz issu.aguardo mais instruçoes. Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Setembro 9, 2010 Olá, Ragde! Dando um feedback ao Lord Evil enquanto ele resolve uns Pro!, depois ele dará continuidade no caso! Vamos tentar resolver o problema inicial, Ok? 1º *Clique em [iniciar] > [Executar] > digite: Combofix /uninstall *Clique [OK] *Clique em [Executar] *Aguarde até surgir a mensagem: "ComboFix está desinstalado" *Clique [OK] 2º *Baixe o ATF'>http://www.atribune.org/ccount/click.php?id=1"]ATF Cleaner e salve-o no desktop *Duplo clique em ATF-Cleaner *Selecione: [] Select All *Clique em [Empty Selected] =>Caso use Firefox ou Opera: *Clique na aba "Firefox" ou em "Opera" *Selecione: [] Select All *Clique em [sim] > [Empty Selected] > [sim] *Clique em [Exit] ou no [X] para sair do programa ->OK 3º *Baixe e instale o CCleaner'>http://www.piriform.com/ccleaner/download/slim/downloadfile"]CCleaner *Abra o programa e na aba "Windows", desça até a opção "Avançado" e selecione "Dados Prefetch antigos" *Clique em [Executar Limpeza] *Em seguida, clique em [Registro] -> [Procurar erros] -> [Corrigir Erros Selecionados] -> [Corrigir Todos os Erros Selecionados] ->Teve muitos erros mais corrigiu todos * Por gentileza, use regularmente o ATFCleaner e o CCleaner para manter o PC em ordem. Informe-nos se resolveu o problema! No aguardo! Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Setembro 11, 2010 Infelismente o mesmu problema continua e as vezes quando desligo minha maquina e ligo no dia seguinte o meu mozilla firefox nao esta sendo encontrado pelo xul.dll ai tenhu de instalar de novo. a pagina que tento entrar fala assim Conexão reiniciada A conexão para o servidor foi reiniciada durante o carregamento da página. * Este site pode estar temporariamente fora do ar ou sobrecarregado. Tente de novo em alguns instantes. * Se você não consegue carregar nenhuma página, verifique a conexão de rede do computador. * Se o seu computador ou rede forem protegidos por um firewall ou proxy, certifique-se de que o Firefox esteja autorizado a acessar a web. fiko no aguardo.... Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Setembro 13, 2010 Ragde, Geralmente quando da esse problema, é só limpar o cache do navegador. Você realizaou o procedimento do ATFcleaner? Tente limpar o cache do firefox... Clique em Ferramentas e escolha a opção Limpar histórico recente. Na janela que segue, marque pelo menos as opções Cache e Cookies. Certifique-se de que Tudo está selecionado na parte superior da janela. Clique em Limpar agora. Depois posta o resultado aqui! Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Setembro 24, 2010 Para uma melhor organização no fórum e uma posśivel resolução do seu problema, o seu tópico foi dividido. Tópico de Origem'>http://forum.imasters.com.br/index.php?/topic/405976-problema-com-navegador-eu-achu/"]Origem >> Tópico de Destino'>http://forum.imasters.com.br/index.php?/topic/410095-problema-com-o-navegador-firefox/"]Destino Forte Abraço! Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Outubro 13, 2010 Bom galera nao sei quem foi mais excluiram, meu antivirus Micrisolft Security Essentials e deoiis dissu nao consigo instalar ele! sempre da esse erro!0x80070643 alguem poderia me ajudar! fikarei no aguardo! Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Outubro 18, 2010 Bom dia Ragde! Desculpe a demora pela resposta... Leia o tópico abaixo e veja se resolve o seu problema: - Clique'>http://social.answers.microsoft.com/Forums/pt-BR/msestartpt/thread/56a3cce6-8250-4969-9794-48fa5561cdd7"]Clique Aqui No aguardo! Compartilhar este post Link para o post Compartilhar em outros sites
Ragde 0 Denunciar post Postado Outubro 26, 2010 Bom esse Topico nao pode me ajudar pois meu pc é dividido em 3 usuarios e mor esse motivo nao consegui executar o Prompt de Comando no modulo de Adiministrador! AQguardo mais instruçoes! Compartilhar este post Link para o post Compartilhar em outros sites
