Manain 0 Denunciar post Postado Janeiro 8, 2011 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:48:37, on 7/1/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Ares\Ares.exe C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\mfevtps.exe C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSoft.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\ScriptSn.20101207191131.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Arquivos de programas\Softonic_Brasil\tbSoft.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast5] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mcui_exe] "C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O4 - HKCU\..\Run: [Nokia Internet Modem] "C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background (User 'Usuario') O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Usuario') O4 - HKUS\S-1-5-21-746137067-823518204-682003330-1003\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Usuario') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Suellen\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203 O16 - DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} (ValidaUsuario Class) - https://cpne.bradesco.com.br/certifexp.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe -- End of file - 14239 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 8, 2011 Olá! Seja bem vinda à seção de Remoção de Malwares da IMasters Fóruns! Por favor, siga as instruções abaixo: Faça o Download do DDS e salve no Desktop (Área de trabalho). Temporariamente desative os seus programas de proteção. Duplo clique em dds.scr. Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde! Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt. Salve o resultado e cole-o no seu tópico. OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Janeiro 9, 2011 Segue DDS.txt DDS (Ver_10-12-12.02) - NTFSx86 Run by Suellen at 16:30:00,82 on dom 09/01/2011 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.326 [GMT -2:00] AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\mfevtps.exe C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Ares\Ares.exe C:\Arquivos de programas\Nokia\Nokia Internet Modem\wellphone2.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe C:\Documents and Settings\Suellen\Desktop\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.com.br/ uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll BHO: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - c:\arquivos de programas\scpad\scpsssh2.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\arquivos de programas\conduitengine\ConduitEngine.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\arquiv~1\spybot~1\SDHelper.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\arquivos de programas\arquivos comuns\mcafee\systemcore\ScriptSn.20101207191131.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\arquivos de programas\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\arquivos de programas\free download manager\iefdm2.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll TB: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\arquivos de programas\conduitengine\ConduitEngine.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {EDBCA961-4BF8-4CBE-8C63-A11DFF9ED2D9} - No File TB: {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background uRun: [ares] "c:\arquivos de programas\ares\Ares.exe" -h uRun: [Nokia Internet Modem] "c:\arquivos de programas\nokia\nokia internet modem\wellphone2.exe" /background uRun: [MSMSGS] "c:\arquivos de programas\messenger\msmsgs.exe" /background uRun: [swg] "c:\arquivos de programas\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [avast5] "c:\arquivos de programas\alwil software\avast5\avastUI.exe" /nogui mRun: [iTunesHelper] "c:\arquivos de programas\itunes\iTunesHelper.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\qttask.exe" -atboottime mRun: [mcui_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\mcafee~1.lnk - c:\arquivos de programas\mcafee security scan\2.0.181\SSScheduler.exe mPolicies-explorer: HonorAutoRunSetting = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\documents and settings\suellen\dados de aplicativos\dvdvideosoftiehelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\arquivos de programas\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\arquivos de programas\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\arquiv~1\spybot~1\SDHelper.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - c:\arquivos de programas\scpad\scpLIB.dll STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - c:\arquivos de programas\scpad\scpLIB.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\suellen\dadosd~1\mozilla\firefox\profiles\ncg7gp7g.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13642 FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.twitter.com/ FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q= FF - prefs.js: network.proxy.type - 0 FF - component: c:\arquivos de programas\mcafee\siteadvisor\components\McFFPlg.dll FF - component: c:\arquivos de programas\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - plugin: c:\arquivos de programas\google\picasa3\npPicasa3.dll FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\microsoft\office live\npOLW.dll FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\mozilla firefox 4.0 beta 5\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Quick Starter: jqs@sun.com - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\arquivos de programas\mcafee\SiteAdvisor FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com ============= SERVICES / DRIVERS =============== R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-19 386840] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-9 165584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-11-19 84072] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-9 17744] R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-8-10 54760] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\mcafee\siteadvisor\McSACore.exe [2010-3-19 88176] R2 McMPFSvc;McAfee Personal Firewall;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480] R2 McProxy;McAfee Proxy Service;"c:\arquivos de programas\arquivos comuns\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-11-19 271480] R2 McShield;McShield;c:\arquivos de programas\arquivos comuns\mcafee\systemcore\mcshield.exe [2010-11-19 171168] R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\arquivos comuns\mcafee\systemcore\mfefire.exe [2010-11-19 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-11-19 141792] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-27 50704] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-11-19 55840] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-11-19 152960] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-19 52104] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-11-19 313288] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-11-19 88544] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2010-10-9 136176] S3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384] S3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-9 40384] S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\arquivos de programas\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-11-19 88544] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-11-19 84264] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-3-19 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-3-19 40552] S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [2009-6-22 18688] S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [2009-6-22 27008] S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [2009-10-9 98432] =============== Created Last 30 ================ 2011-01-07 23:44:33 388608 ----a-w- C:\HiJackThis.exe 2011-01-04 17:00:46 -------- d-----w- c:\docume~1\suellen\dadosd~1\PhotoScape 2010-12-16 02:50:39 -------- d-----w- c:\windows\system32\Logs ==================== Find3M ==================== 2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-18 18:15:22 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 16:17:32 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-11-06 00:21:10 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21:08 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21:08 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:27:25 385024 ----a-w- c:\windows\system32\html.iec 2010-10-28 13:09:04 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:58:48 1853440 ----a-w- c:\windows\system32\win32k.sys =================== ROOTKIT ==================== Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo. device: opened successfully user: error reading MBR Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x83B912F0] 3 CLASSPNP[0xF7612FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x83B6F940] kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; } user != kernel MBR !!! ============= FINISH: 16:36:52,06 =============== Segue Attach.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 8/10/2009 14:47:13 System Uptime: 9/1/2011 13:21:32 (3 hours ago) Motherboard: Acer, Inc. | | Prespa M Processor: Mobile AMD Sempron Processor 3500+ | Socket M2/S1G1 | 1799/133mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 112 GiB total, 49,536 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP54: 23/10/2010 13:04:42 - Instalado iTunes RP55: 24/10/2010 17:21:34 - Ponto de verificação do sistema RP56: 25/10/2010 20:10:51 - Ponto de verificação do sistema RP57: 26/10/2010 20:57:29 - Ponto de verificação do sistema RP58: 28/10/2010 16:44:15 - Ponto de verificação do sistema RP59: 29/10/2010 17:27:42 - Ponto de verificação do sistema RP60: 30/10/2010 18:35:26 - Ponto de verificação do sistema RP61: 1/11/2010 14:22:58 - Ponto de verificação do sistema RP62: 3/11/2010 13:02:00 - Ponto de verificação do sistema RP63: 4/11/2010 21:25:17 - Ponto de verificação do sistema RP64: 6/11/2010 10:05:58 - Ponto de verificação do sistema RP65: 7/11/2010 15:22:48 - Ponto de verificação do sistema RP66: 9/11/2010 16:01:44 - Ponto de verificação do sistema RP67: 10/11/2010 16:04:28 - Ponto de verificação do sistema RP68: 11/11/2010 19:38:11 - Ponto de verificação do sistema RP69: 11/11/2010 22:48:43 - Software Distribution Service 3.0 RP70: 12/11/2010 23:28:15 - Ponto de verificação do sistema RP71: 14/11/2010 15:27:57 - Removido QuickTime RP72: 14/11/2010 15:31:33 - Removed Adobe Reader 9.4.0 - Português. RP73: 14/11/2010 22:04:06 - Instalado QuickTime RP74: 15/11/2010 23:05:11 - Ponto de verificação do sistema RP75: 17/11/2010 20:07:48 - Ponto de verificação do sistema RP76: 18/11/2010 20:54:47 - Ponto de verificação do sistema RP77: 19/11/2010 20:59:51 - Ponto de verificação do sistema RP78: 21/11/2010 01:05:29 - Ponto de verificação do sistema RP79: 22/11/2010 14:10:22 - Ponto de verificação do sistema RP80: 22/11/2010 19:56:12 - Installed Windows XP -- Software Updates KB952011. RP81: 24/11/2010 14:19:59 - Ponto de verificação do sistema RP82: 25/11/2010 15:23:19 - Ponto de verificação do sistema RP83: 26/11/2010 16:10:26 - Ponto de verificação do sistema RP84: 27/11/2010 16:31:49 - Ponto de verificação do sistema RP85: 28/11/2010 16:57:54 - Ponto de verificação do sistema RP86: 30/11/2010 23:14:26 - Ponto de verificação do sistema RP87: 2/12/2010 22:10:15 - Ponto de verificação do sistema RP88: 3/12/2010 22:52:56 - Ponto de verificação do sistema RP89: 5/12/2010 17:40:52 - Ponto de verificação do sistema RP90: 6/12/2010 18:45:44 - Ponto de verificação do sistema RP91: 7/12/2010 19:04:32 - Ponto de verificação do sistema RP92: 8/12/2010 19:08:44 - Ponto de verificação do sistema RP93: 9/12/2010 19:18:05 - Ponto de verificação do sistema RP94: 10/12/2010 19:46:19 - Ponto de verificação do sistema RP95: 11/12/2010 20:16:58 - Ponto de verificação do sistema RP96: 12/12/2010 20:30:40 - Ponto de verificação do sistema RP97: 13/12/2010 22:03:48 - Ponto de verificação do sistema RP98: 14/12/2010 22:40:02 - Ponto de verificação do sistema RP99: 16/12/2010 23:46:35 - Software Distribution Service 3.0 RP100: 17/12/2010 12:00:05 - Software Distribution Service 3.0 RP101: 18/12/2010 12:59:41 - Ponto de verificação do sistema RP102: 19/12/2010 16:22:51 - Ponto de verificação do sistema RP103: 20/12/2010 03:00:25 - Software Distribution Service 3.0 RP104: 21/12/2010 12:35:24 - Ponto de verificação do sistema RP105: 22/12/2010 15:02:05 - Ponto de verificação do sistema RP106: 23/12/2010 01:24:31 - Software Distribution Service 3.0 RP107: 27/12/2010 16:18:53 - Ponto de verificação do sistema RP108: 28/12/2010 18:44:20 - Ponto de verificação do sistema RP109: 29/12/2010 19:09:55 - Ponto de verificação do sistema RP110: 30/12/2010 19:52:45 - Ponto de verificação do sistema RP111: 31/12/2010 20:18:48 - Ponto de verificação do sistema RP112: 2/1/2011 13:08:45 - Ponto de verificação do sistema RP113: 3/1/2011 19:08:21 - Ponto de verificação do sistema RP114: 5/1/2011 15:36:51 - Ponto de verificação do sistema RP115: 6/1/2011 15:57:06 - Ponto de verificação do sistema RP116: 7/1/2011 16:04:08 - Ponto de verificação do sistema RP117: 8/1/2011 19:42:52 - Ponto de verificação do sistema ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop 7.0 Adobe Shockwave Player 11.5 Aplicativos SEFAZ 2002 Apple Application Support Apple Mobile Device Support Apple Software Update Ares 2.1.1 Arquivo do WinRAR Assistente de Conexão do Windows Live Atheros Wireless LAN ATI - Utilitário de desinstalação de software ATI Catalyst Control Center ATI Display Driver ATI Parental Control & Encoder Atualização de Segurança para o Windows Media Player (KB2378111) Atualização de Segurança para o Windows Media Player (KB952069) Atualização de Segurança para o Windows Media Player (KB954155) Atualização de Segurança para o Windows Media Player (KB968816) Atualização de Segurança para o Windows Media Player (KB973540) Atualização de Segurança para o Windows Media Player (KB975558) Atualização de Segurança para o Windows Media Player (KB978695) Atualização de Segurança para o Windows Media Player 11 (KB954154) Atualização de Segurança para Windows Internet Explorer 8 (KB2183461) Atualização de Segurança para Windows Internet Explorer 8 (KB2360131) Atualização de Segurança para Windows Internet Explorer 8 (KB2416400) Atualização de Segurança para Windows Internet Explorer 8 (KB971961) Atualização de Segurança para Windows Internet Explorer 8 (KB974455) Atualização de Segurança para Windows Internet Explorer 8 (KB976325) Atualização de Segurança para Windows Internet Explorer 8 (KB978207) Atualização de Segurança para Windows Internet Explorer 8 (KB981332) Atualização de Segurança para Windows Internet Explorer 8 (KB982381) Atualização de Segurança para Windows XP (KB2079403) Atualização de Segurança para Windows XP (KB2115168) Atualização de Segurança para Windows XP (KB2121546) Atualização de Segurança para Windows XP (KB2160329) Atualização de Segurança para Windows XP (KB2229593) Atualização de Segurança para Windows XP (KB2259922) Atualização de Segurança para Windows XP (KB2279986) Atualização de Segurança para Windows XP (KB2286198) Atualização de Segurança para Windows XP (KB2296011) Atualização de Segurança para Windows XP (KB2296199) Atualização de Segurança para Windows XP (KB2347290) Atualização de Segurança para Windows XP (KB2360937) Atualização de Segurança para Windows XP (KB2387149) Atualização de Segurança para Windows XP (KB2423089) Atualização de Segurança para Windows XP (KB2436673) Atualização de Segurança para Windows XP (KB2440591) Atualização de Segurança para Windows XP (KB2443105) Atualização de Segurança para Windows XP (KB923561) Atualização de Segurança para Windows XP (KB938464-v2) Atualização de Segurança para Windows XP (KB941569) Atualização de Segurança para Windows XP (KB946648) Atualização de Segurança para Windows XP (KB950762) Atualização de Segurança para Windows XP (KB950974) Atualização de Segurança para Windows XP (KB951066) Atualização de Segurança para Windows XP (KB951376-v2) Atualização de Segurança para Windows XP (KB951748) Atualização de Segurança para Windows XP (KB952004) Atualização de Segurança para Windows XP (KB952954) Atualização de Segurança para Windows XP (KB954459) Atualização de Segurança para Windows XP (KB954600) Atualização de Segurança para Windows XP (KB955069) Atualização de Segurança para Windows XP (KB956572) Atualização de Segurança para Windows XP (KB956744) Atualização de Segurança para Windows XP (KB956802) Atualização de Segurança para Windows XP (KB956803) Atualização de Segurança para Windows XP (KB956844) Atualização de Segurança para Windows XP (KB957097) Atualização de Segurança para Windows XP (KB958644) Atualização de Segurança para Windows XP (KB958687) Atualização de Segurança para Windows XP (KB958869) Atualização de Segurança para Windows XP (KB959426) Atualização de Segurança para Windows XP (KB960225) Atualização de Segurança para Windows XP (KB960803) Atualização de Segurança para Windows XP (KB960859) Atualização de Segurança para Windows XP (KB961371-v2) Atualização de Segurança para Windows XP (KB961501) Atualização de Segurança para Windows XP (KB968537) Atualização de Segurança para Windows XP (KB969059) Atualização de Segurança para Windows XP (KB969947) Atualização de Segurança para Windows XP (KB970238) Atualização de Segurança para Windows XP (KB970430) Atualização de Segurança para Windows XP (KB971468) Atualização de Segurança para Windows XP (KB971486) Atualização de Segurança para Windows XP (KB971557) Atualização de Segurança para Windows XP (KB971633) Atualização de Segurança para Windows XP (KB971657) Atualização de Segurança para Windows XP (KB972270) Atualização de Segurança para Windows XP (KB973346) Atualização de Segurança para Windows XP (KB973354) Atualização de Segurança para Windows XP (KB973507) Atualização de Segurança para Windows XP (KB973525) Atualização de Segurança para Windows XP (KB973869) Atualização de Segurança para Windows XP (KB973904) Atualização de Segurança para Windows XP (KB974112) Atualização de Segurança para Windows XP (KB974318) Atualização de Segurança para Windows XP (KB974392) Atualização de Segurança para Windows XP (KB974571) Atualização de Segurança para Windows XP (KB975025) Atualização de Segurança para Windows XP (KB975467) Atualização de Segurança para Windows XP (KB975560) Atualização de Segurança para Windows XP (KB975561) Atualização de Segurança para Windows XP (KB975562) Atualização de Segurança para Windows XP (KB975713) Atualização de Segurança para Windows XP (KB977165) Atualização de Segurança para Windows XP (KB977816) Atualização de Segurança para Windows XP (KB977914) Atualização de Segurança para Windows XP (KB978037) Atualização de Segurança para Windows XP (KB978251) Atualização de Segurança para Windows XP (KB978262) Atualização de Segurança para Windows XP (KB978338) Atualização de Segurança para Windows XP (KB978542) Atualização de Segurança para Windows XP (KB978601) Atualização de Segurança para Windows XP (KB978706) Atualização de Segurança para Windows XP (KB979309) Atualização de Segurança para Windows XP (KB979482) Atualização de Segurança para Windows XP (KB979559) Atualização de Segurança para Windows XP (KB979683) Atualização de Segurança para Windows XP (KB979687) Atualização de Segurança para Windows XP (KB980195) Atualização de Segurança para Windows XP (KB980218) Atualização de Segurança para Windows XP (KB980232) Atualização de Segurança para Windows XP (KB980436) Atualização de Segurança para Windows XP (KB981322) Atualização de Segurança para Windows XP (KB981852) Atualização de Segurança para Windows XP (KB981957) Atualização de Segurança para Windows XP (KB981997) Atualização de Segurança para Windows XP (KB982132) Atualização de Segurança para Windows XP (KB982214) Atualização de Segurança para Windows XP (KB982665) Atualização de Segurança para Windows XP (KB982802) Atualização para Windows Internet Explorer 8 (KB976662) Atualização para Windows Internet Explorer 8 (KB976749) Atualização para Windows XP (KB2141007) Atualização para Windows XP (KB2345886) Atualização para Windows XP (KB2467659) Atualização para Windows XP (KB898461) Atualização para Windows XP (KB951978) Atualização para Windows XP (KB955759) Atualização para Windows XP (KB961503) Atualização para Windows XP (KB967715) Atualização para Windows XP (KB968389) Atualização para Windows XP (KB971737) Atualização para Windows XP (KB973687) Atualização para Windows XP (KB973815) avast! Free Antivirus Bibliotecas de sistema 2.08.0000 Bonjour BufferChm CCleaner Conduit Engine Conectividade Social Contab v5.2 Destinations DeviceFunctionQFolder DeviceManagementQFolder DigiSignDoc Leitor DVD Shrink 3.2 DVD Suite eSupportQFolder Ferramenta de Carregamento do Windows Live Free Audio CD Burner version 1.4 Free Download Manager 3.4 BETA Free YouTube to MP3 Converter version 3.9 GeoVision ADPCM GeoVision H264 GeoVision JPEG GeoVision MPEG2 GeoVision MPEG4 GeoVision MPEG4 ASP GeoVision MPEG4 AVC Google Toolbar for Internet Explorer Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix para o Windows Media Player 11 (KB939683) Hotfix para Windows XP (KB2158563) Hotfix para Windows XP (KB2443685) Hotfix para Windows XP (KB952287) Hotfix para Windows XP (KB961118) Hotfix para Windows XP (KB970653-v3) Hotfix para Windows XP (KB976098-v2) Hotfix para Windows XP (KB981793) HP Deskjet 3900 series HP Imaging Device Functions 5.0 HP Software Update HP Solution Center & Imaging Support Tools 5.0 HPDeskjet3900Series HPProductAssistant iTunes J2SE Runtime Environment 5.0 Update 10 Java Auto Updater Java 6 Update 18 JDownloader Junk Mail filter update Launch Manager McAfee Security Scan Plus McAfee SecurityCenter MCESimplificado Messenger Plus! Live Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Professional Edição 2003 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft WSE 3.0 Runtime Mozilla Firefox 4.0b5 (x86 pt-BR) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Essentials neroxml Nokia Internet Modem OGA Notifier 2.0.0048.0 Pacote de Compatibilidade para o sistema Office 2007 PhotoScape Picasa 3 PowerDVD PowerProducer QuickTime REALTEK GbE & FE Ethernet NIC Driver Realtek High Definition Audio Driver Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) SEFIP 8.40 Segoe UI Skype™ 4.2 Softonic_Brasil Toolbar Software WIDCOMM Bluetooth SolutionCenter Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy Status The KMPlayer (remove only) TrayApp Uninstall 1.0.0.1 Uninstall Dual Mode Camera Update for Microsoft .NET Framework 3.5 SP1 (KB963707) WebFldrs XP WebReg Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Galeria de Fotos Windows Live Mail Windows Live Messenger Windows Live Proteção para a Família Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 WinPcap 4.1.1 XP Codec Pack ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 11, 2011 Olá! Por favor, ao realizar as instruções abaixo, siga tudo na ordem dada. Caso tiver alguma dúvida, não pule a etapa, pare e me pergunte. << 1 >> Siga o tutorial abaixo e execute o Malwarebyte's Anti-malware (faça um scan completo). Poste o log gerado. Tutorial do Malwarebyte's Anti-Malware << 2 >> Siga o tutorial abaixo e execute o Ad-Remover. Poste o log gerado. Tutorial do Ad-Remover << 3 >> Por favor, siga o tutorial no link abaixo: #### Como usar o ComboFix #### Sugiro que imprima as instruções abaixo pois não poderá lê-las enquanto utiliza a ferramenta. Siga o tutorial e execute o ComboFix. Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta. NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador. Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações. De forma alguma saia do ComboFix usando o "X" do programa. Caso queira sair, tecle "N". Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão. Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão. << 4 >> Poste um novo log do DDS. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Janeiro 15, 2011 Aqui estao os Log na squencia solicitada 1- Log Malwarebytes Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Versão da Base de Dados: 5510 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 13/01/2011 13:23:22 mbam-log-2011-01-13 (13-23-22).txt Tipo de Verificação: Verificação Completa (C:\|) Objetos escaneados: 419677 Tempo decorrido: 5 hora(s), 55 minuto(s), 33 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 0 Valores de Registro Infectados: 0 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 0 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: (Não foram detectados ítens maliciosos) Valores de Registro Infectados: (Não foram detectados ítens maliciosos) Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: (Não foram detectados ítens maliciosos) ----------------------------------------------------------------------- 2- log do Ad-Report-Clean ======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/01/11 at 19:00 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 02:44:48 on 15/01/2011, Normal boot Microsoft Windows XP Professional Service Pack 3 (X86) Suellen@ACER ( ) ============== ACTION(S) ============== Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\extensions\toolbar@ask.com File deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\searchplugins\askcom.xml Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\ConduitEngine Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\extensions\engine@conduit.com Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\Bandoo Folder deleted: C:\Documents and Settings\Suellen\Configurações locais\Dados de aplicativos\Conduit Folder deleted: C:\Arquivos de programas\Conduit Folder deleted: C:\Documents and Settings\Suellen\Configurações locais\Dados de aplicativos\ConduitEngine Folder deleted: C:\Arquivos de programas\ConduitEngine Folder deleted: C:\Documents and Settings\Suellen\Dados de aplicativos\PriceGong Folder deleted: C:\Documents and Settings\Usuario\Dados de aplicativos\PriceGong (!) -- Temporary files deleted. -- File opened: C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\Prefs.js -- Line deleted: Line deleted: Line deleted: user_pref("browser.search.defaultengine", "Ask.com"); Line deleted: user_pref("extensions.asktb.cbid", "RY"); Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}... Line deleted: user_pref("extensions.asktb.fresh-install", false); Line deleted: user_pref("extensions.asktb.l", "dis"); Line deleted: user_pref("extensions.asktb.last-config-req", "1287932782765"); Line deleted: user_pref("extensions.asktb.locale", "en_US"); Line deleted: user_pref("extensions.asktb.o", "15184"); Line deleted: user_pref("extensions.asktb.options-lang", "en"); Line deleted: user_pref("extensions.asktb.options-locale", "US"); Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line deleted: user_pref("extensions.asktb.qsrc", "2871"); Line deleted: user_pref("extensions.asktb.r", "3"); Line deleted: user_pref("extensions.asktb.save-searches", false); Line deleted: user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li... Line deleted: user_pref("extensions.enabledAddons", "toolbar@ask.com:3.5.0.145,testpilot@labs.mozilla.com:1.0.3,jq... Line deleted: user_pref("extensions.enabledItems", "toolbar@ask.com:3.5.0.145,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCB... Line deleted: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-... Line deleted: user_pref("extensions.toolbar@ask.com.install-event-fired", true); Line deleted: user_pref("keyword.URL", "hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&local... -- File closed -- -- File opened: C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\Prefs.js -- Line deleted: Line deleted: Line deleted: user_pref("CT2552374.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT255... Line deleted: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2552374&SearchSource=13"); Line deleted: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2552374&q="); -- File closed -- Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKLM\Software\Classes\CLSID\{4DC61C00-DEFC-49C2-ADEE-5345A7A6871B} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4DC61C00-DEFC-49C2-ADEE-5345A7A6871B} Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Key deleted: HKLM\Software\Classes\BandooCore.BandooCore Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1 Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Key deleted: HKLM\Software\Classes\Toolbar.CT1460988 Key deleted: HKLM\Software\Classes\Toolbar.CT2552374 Key deleted: HKLM\Software\Classes\Toolbar.CT2567694 Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Key deleted: HKLM\Software\bandoo Key deleted: HKLM\Software\Conduit Key deleted: HKLM\Software\conduitEngine Key deleted: HKCU\Software\Ask.com Key deleted: HKCU\Software\AskToolbar Key deleted: HKCU\Software\Conduit Key deleted: HKCU\Software\conduitEngine Key deleted: HKCU\Software\PriceGong Key deleted: HKCU\Software\AppDataLow\AskBarDis Key deleted: HKCU\Software\AppDataLow\AskHomePage Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{834AA5F3-3DF9-427E-9499-3CD007EFDFE3} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [4.0b5 (pt-BR)] ** -- C:\Documents and Settings\Suellen\Dados de aplicativos\Mozilla\FireFox\Profiles\ncg7gp7g.default\Prefs.js -- browser.download.lastDir, C:\\Documents and Settings\\Suellen\\Meus documentos\\Minhas imagens\\Fake browser.search.defaultenginename, Search the web (Babylon) browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13642 browser.search.selectedEngine, Google browser.startup.homepage, hxxp://www.twitter.com/ browser.startup.homepage_override.buildID, 20100831070808 browser.startup.homepage_override.mstone, rv:2.0b5 -- C:\Documents and Settings\Usuario\Dados de aplicativos\Mozilla\FireFox\Profiles\bk6df2gu.default\Prefs.js -- browser.startup.homepage_override.buildID, 20100831070808 browser.startup.homepage_override.mstone, rv:2.0b5 ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Arquivos de programas\Ad-Remover\Quarantine: 285 File(s) C:\Arquivos de programas\Ad-Remover\Backup: 15 File(s) C:\Ad-Report-CLEAN[1].txt - 15/01/2011 (6878 Byte(s)) End at: 02:46:41, 15/01/2011 ============== E.O.F ============== Log do ComboFix ComboFix 11-01-14.01 - Usuario 15/01/2011 4:37.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.315 [GMT -2:00] Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: McAfee Anti-Virus e Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} * AV residente está ativo . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\ST6UNST.000 c:\windows\system32\logs c:\windows\system32\logs\Settings.dat . (((((((((((((((( Arquivos/Ficheiros criados de 2010-12-15 to 2011-01-15 )))))))))))))))))))))))))))) . 2011-01-15 04:43 . 2011-01-15 04:44 -------- d-----w- c:\arquivos de programas\Ad-Remover 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin7.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin6.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin5.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin4.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin3.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin2.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin.dll 2011-01-13 09:25 . 2011-01-13 09:25 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Malwarebytes 2011-01-13 09:24 . 2010-12-20 20:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes 2011-01-13 09:24 . 2010-12-20 20:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2011-01-07 23:44 . 2011-01-07 23:44 388608 ----a-w- C:\HiJackThis.exe 2011-01-04 17:00 . 2011-01-04 17:00 -------- d-----w- c:\documents and settings\Suellen\Dados de aplicativos\PhotoScape 2011-01-03 03:11 . 2011-01-03 03:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-29 19:38 . 2010-11-29 19:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 19:38 . 2010-11-29 19:38 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-18 18:15 . 2009-10-08 17:41 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 16:17 . 2010-11-19 20:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-11-12 16:17 . 2010-11-19 20:00 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-11-12 16:17 . 2010-11-19 20:00 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-11-12 16:17 . 2010-11-19 20:00 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-11-12 16:17 . 2010-11-19 20:00 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-11-12 16:17 . 2010-11-19 20:00 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-11-12 16:17 . 2010-11-19 20:00 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-11-12 16:17 . 2010-11-19 20:00 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-11-12 16:17 . 2010-11-19 20:00 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-11-12 16:17 . 2010-03-19 20:39 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-11-12 16:17 . 2010-03-19 20:39 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:27 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:58 . 2008-04-14 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((( SnapShot@2010-09-18_14.00.19 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-12 03:02 . 2009-07-12 03:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-12 03:02 . 2009-07-12 03:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-12 03:02 . 2009-07-12 03:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-12 03:02 . 2009-07-12 03:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-12 03:02 . 2009-07-12 03:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-12 03:02 . 2009-07-12 03:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-12 03:02 . 2009-07-12 03:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-12 03:02 . 2009-07-12 03:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-12 03:02 . 2009-07-12 03:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-12 03:02 . 2009-07-12 03:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-12 03:02 . 2009-07-12 03:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-12 03:02 . 2009-07-12 03:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2009-07-12 03:05 . 2009-07-12 03:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-12 03:05 . 2009-07-12 03:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2010-10-28 20:50 . 2008-07-07 14:08 53248 c:\windows\twain_32\JL2005C\jltwdec.dll + 2010-10-28 20:50 . 2007-09-21 12:02 49152 c:\windows\twain_32\JL2005C\dec_jl6.dll + 2010-10-28 20:50 . 2008-04-17 13:14 49152 c:\windows\twain_32\913D Camera\TransTwain.exe + 2011-01-15 05:37 . 2011-01-15 05:37 16384 c:\windows\Temp\Perflib_Perfdata_4f8.dat + 2010-10-28 20:51 . 2008-04-13 21:20 54784 c:\windows\system32\vfwwdm32.dll - 2008-04-14 12:00 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe + 2008-04-14 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe + 2008-04-14 12:00 . 2010-08-27 05:53 99840 c:\windows\system32\srvsvc.dll + 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe + 2010-01-27 02:09 . 2010-01-27 02:09 53299 c:\windows\system32\pthreadVC.dll - 2008-04-14 12:00 . 2010-08-24 09:45 80526 c:\windows\system32\perfc016.dat + 2008-04-14 12:00 . 2010-11-02 11:21 80526 c:\windows\system32\perfc016.dat - 2008-04-14 12:00 . 2010-08-24 09:45 68668 c:\windows\system32\perfc009.dat + 2008-04-14 12:00 . 2010-11-02 11:21 68668 c:\windows\system32\perfc009.dat - 2008-04-14 12:00 . 2009-03-08 07:31 66560 c:\windows\system32\mshtmled.dll + 2008-04-14 12:00 . 2010-11-06 00:21 66560 c:\windows\system32\mshtmled.dll + 2009-03-08 07:31 . 2010-11-06 00:21 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 07:31 . 2010-05-06 10:34 55296 c:\windows\system32\msfeedsbs.dll + 2011-01-01 13:57 . 2011-01-01 13:57 58732 c:\windows\system32\mlfcache.dat - 2008-04-14 12:00 . 2010-05-06 10:34 25600 c:\windows\system32\jsproxy.dll + 2008-04-14 12:00 . 2010-11-06 00:21 25600 c:\windows\system32\jsproxy.dll - 2008-04-14 12:00 . 2008-04-14 12:00 80384 c:\windows\system32\iccvid.dll + 2008-04-14 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll + 2010-12-04 02:30 . 2010-09-28 17:44 41984 c:\windows\system32\DRVSTORE\usbaapl_DECA0B114863448FE4957E5F5676B09528A18C9F\usbaapl.sys + 2010-12-04 02:31 . 2010-04-19 22:29 18432 c:\windows\system32\DRVSTORE\netaapl_A0C073C4137716F9478B8B08B2873A7AB3AECF72\netaapl.sys + 2010-10-28 20:52 . 2008-04-13 13:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS + 2010-10-28 20:52 . 2008-04-13 13:46 15232 c:\windows\system32\drivers\StreamIP.sys + 2010-10-28 20:52 . 2008-04-13 13:46 11136 c:\windows\system32\drivers\SLIP.sys + 2010-01-27 02:09 . 2010-01-27 02:09 50704 c:\windows\system32\drivers\npf.sys + 2010-10-28 20:52 . 2008-04-13 13:46 10880 c:\windows\system32\drivers\NdisIP.sys + 2010-10-28 20:51 . 2008-04-13 13:46 85248 c:\windows\system32\drivers\NABTSFEC.sys + 2010-10-28 20:50 . 2008-03-11 18:18 68762 c:\windows\system32\drivers\jl2005c.sys + 2010-10-28 20:51 . 2008-04-13 13:46 17024 c:\windows\system32\drivers\CCDECODE.sys + 2010-10-09 22:03 . 2010-09-07 14:52 46672 c:\windows\system32\drivers\aswTdi.sys + 2010-10-09 22:03 . 2010-09-07 14:47 23376 c:\windows\system32\drivers\aswRdr.sys + 2010-10-09 22:03 . 2010-09-07 14:47 94544 c:\windows\system32\drivers\aswmon.sys + 2010-10-09 22:03 . 2010-09-07 14:47 17744 c:\windows\system32\drivers\aswFsBlk.sys + 2010-10-09 22:03 . 2010-09-07 14:46 28880 c:\windows\system32\drivers\aavmker4.sys - 2010-02-12 14:46 . 2010-02-12 14:46 91424 c:\windows\system32\dnssd.dll + 2010-07-27 20:44 . 2010-07-27 20:44 91424 c:\windows\system32\dnssd.dll - 2009-10-16 12:53 . 2010-05-06 10:34 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-10-16 12:53 . 2010-11-06 00:21 12800 c:\windows\system32\dllcache\xpshims.dll + 2010-10-28 20:52 . 2008-04-13 13:46 19200 c:\windows\system32\dllcache\wstcodec.sys - 2010-03-19 18:50 . 2008-04-13 14:46 19200 c:\windows\system32\dllcache\wstcodec.sys + 2009-10-08 17:41 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe - 2010-03-19 18:49 . 2008-04-13 22:20 54784 c:\windows\system32\dllcache\vfwwdm32.dll + 2010-10-28 20:51 . 2008-04-13 21:20 54784 c:\windows\system32\dllcache\vfwwdm32.dll - 2010-03-19 18:45 . 2008-04-13 14:46 15232 c:\windows\system32\dllcache\streamip.sys + 2010-10-28 20:52 . 2008-04-13 13:46 15232 c:\windows\system32\dllcache\streamip.sys + 2008-04-14 12:00 . 2010-08-27 05:53 99840 c:\windows\system32\dllcache\srvsvc.dll + 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe - 2010-03-19 18:43 . 2008-04-13 14:46 11136 c:\windows\system32\dllcache\slip.sys + 2010-10-28 20:52 . 2008-04-13 13:46 11136 c:\windows\system32\dllcache\slip.sys + 2008-04-14 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys + 2010-10-28 20:52 . 2008-04-13 13:46 10880 c:\windows\system32\dllcache\ndisip.sys - 2010-03-19 18:36 . 2008-04-13 14:46 10880 c:\windows\system32\dllcache\ndisip.sys - 2010-03-19 18:36 . 2008-04-13 14:46 85248 c:\windows\system32\dllcache\nabtsfec.sys + 2010-10-28 20:51 . 2008-04-13 13:46 85248 c:\windows\system32\dllcache\nabtsfec.sys + 2008-04-14 12:00 . 2010-11-06 00:21 66560 c:\windows\system32\dllcache\mshtmled.dll - 2008-04-14 12:00 . 2009-03-08 07:31 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-10-16 12:53 . 2010-11-06 00:21 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-10-16 12:53 . 2010-05-06 10:34 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-04-14 12:00 . 2010-11-06 00:21 43520 c:\windows\system32\dllcache\licmgr10.dll + 2008-04-14 12:00 . 2010-11-06 00:21 25600 c:\windows\system32\dllcache\jsproxy.dll - 2008-04-14 12:00 . 2010-05-06 10:34 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-10-08 17:41 . 2008-04-14 12:00 86016 c:\windows\system32\dllcache\isign32.dll + 2009-10-08 17:41 . 2010-11-18 18:15 86016 c:\windows\system32\dllcache\isign32.dll - 2010-03-19 18:24 . 2008-04-13 14:46 17024 c:\windows\system32\dllcache\ccdecode.sys + 2010-10-28 20:51 . 2008-04-13 13:46 17024 c:\windows\system32\dllcache\ccdecode.sys + 2011-01-03 03:11 . 2011-01-14 22:42 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat + 2010-09-24 23:29 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2010-03-20 01:23 . 2010-09-18 13:32 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-10-08 17:48 . 2010-09-18 13:32 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat + 2009-10-08 17:48 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat - 2009-10-08 17:48 . 2010-09-18 13:32 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat + 2009-10-08 17:48 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat + 2010-09-22 12:43 . 2010-09-22 12:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe - 2010-03-23 08:31 . 2010-03-23 08:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2010-10-20 16:19 . 2010-10-20 16:19 21504 c:\windows\Installer\da51e.msi + 2010-10-18 02:47 . 2010-10-18 02:47 24064 c:\windows\Installer\b0e4cd.msi + 2010-11-12 00:59 . 2010-11-12 00:59 34632 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe - 2010-07-04 00:29 . 2010-07-04 00:29 34632 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 23040 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2009-10-08 18:32 . 2010-12-17 14:03 23040 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2009-10-08 18:32 . 2010-12-17 14:03 61440 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2009-10-08 18:32 . 2010-07-04 00:32 61440 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2009-10-08 18:32 . 2010-12-17 14:03 27136 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 27136 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 11264 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2009-10-08 18:32 . 2010-12-17 14:03 11264 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2009-10-08 18:32 . 2010-12-17 14:03 86016 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 86016 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2009-10-08 18:32 . 2010-12-17 14:03 12288 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 12288 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2010-06-10 20:00 . 2010-12-17 01:58 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2010-06-10 20:00 . 2010-06-10 20:00 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2010-12-23 03:27 . 2010-09-10 05:51 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll + 2010-12-23 03:27 . 2010-09-10 05:51 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll + 2010-12-23 03:27 . 2010-09-10 05:51 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll + 2010-12-23 03:27 . 2010-09-10 05:51 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll + 2010-12-23 03:27 . 2010-09-10 05:51 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll + 2010-10-14 03:54 . 2010-06-24 12:24 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll + 2010-10-14 03:54 . 2009-03-08 07:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll + 2010-10-14 03:54 . 2010-06-24 12:24 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll + 2010-10-14 03:54 . 2009-03-08 07:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll + 2010-10-14 03:54 . 2010-06-24 12:24 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll + 2010-10-10 02:17 . 2010-05-06 10:34 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll + 2010-10-10 02:17 . 2010-05-06 10:34 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll + 2010-10-10 02:17 . 2010-05-06 10:34 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll + 2010-10-09 22:03 . 2010-09-07 15:12 38848 c:\windows\avastSS.scr + 2010-10-10 16:20 . 2010-10-10 16:20 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\4b76ee7cffa5a925f16967eb6d44d79e\WindowsLiveWriter.ni.exe + 2010-10-10 16:21 . 2010-10-10 16:21 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0f3ef21a166df82d34e0147cfa308256\WindowsLive.Writer.Api.ni.dll + 2010-10-10 13:11 . 2010-10-10 13:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll + 2010-10-10 02:23 . 2010-10-10 02:23 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe + 2010-10-10 02:22 . 2010-10-10 02:22 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe + 2010-10-10 13:20 . 2010-10-10 13:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll - 2010-07-04 00:25 . 2010-07-04 00:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2010-07-04 00:25 . 2010-07-04 00:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2010-10-10 02:20 . 2010-10-10 02:20 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2010-07-04 00:26 . 2010-07-04 00:26 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-10-10 02:20 . 2010-10-10 02:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2010-07-04 00:26 . 2010-07-04 00:26 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2010-10-10 02:20 . 2010-10-10 02:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2010-07-04 00:26 . 2010-07-04 00:26 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2010-10-10 02:20 . 2010-10-10 02:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2010-10-10 02:20 . 2010-10-10 02:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2010-07-04 00:26 . 2010-07-04 00:26 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2010-07-04 00:26 . 2010-07-04 00:26 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-10-10 02:20 . 2010-10-10 02:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2010-07-04 00:26 . 2010-07-04 00:26 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-10-10 02:20 . 2010-10-10 02:20 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2010-07-04 00:26 . 2010-07-04 00:26 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2010-07-04 00:26 . 2010-07-04 00:26 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-10-10 02:20 . 2010-10-10 02:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-10-10 02:20 . 2010-10-10 02:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2010-07-04 00:26 . 2010-07-04 00:26 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2010-10-10 02:20 . 2010-10-10 02:20 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2010-07-04 00:26 . 2010-07-04 00:26 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-10-10 02:20 . 2010-10-10 02:20 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2010-07-04 00:26 . 2010-07-04 00:26 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-10-10 01:53 . 2008-04-14 12:00 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll + 2010-10-10 02:23 . 2008-04-14 12:00 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe + 2010-10-14 03:55 . 2008-04-14 12:00 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll + 2010-10-10 01:53 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe + 2010-10-10 01:53 . 2010-06-23 00:57 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll + 2010-10-10 02:21 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll + 2010-10-10 02:21 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982802\spmsg.dll + 2010-10-10 01:53 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll + 2010-10-10 01:53 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982665\spmsg.dll + 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll + 2010-10-10 02:27 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll + 2010-10-10 02:27 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB982214\spmsg.dll + 2010-10-14 03:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll + 2010-10-14 03:55 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB982132\spmsg.dll + 2010-10-10 01:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll + 2010-10-10 01:53 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB981997\spmsg.dll + 2010-10-14 03:48 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll + 2010-10-14 03:48 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB981957\spmsg.dll + 2010-10-10 02:22 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll + 2010-10-09 22:52 . 2010-06-17 13:45 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll + 2010-10-10 02:22 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB981852\spmsg.dll + 2010-10-10 02:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll + 2010-10-10 02:02 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB981322\spmsg.dll + 2010-10-10 02:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll + 2010-10-10 02:03 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB980436\spmsg.dll + 2010-10-14 03:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll + 2010-10-14 03:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB979687\spmsg.dll + 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll + 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2387149\spmsg.dll + 2010-10-14 03:46 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll + 2010-10-14 03:46 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2360937\spmsg.dll + 2010-10-14 03:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll + 2010-10-14 03:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll + 2010-10-13 21:40 . 2010-09-10 05:49 12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll + 2010-10-13 21:40 . 2010-09-10 05:49 66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll + 2010-10-13 21:40 . 2010-09-10 05:49 55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll + 2010-10-13 21:40 . 2010-09-10 05:49 43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll + 2010-10-13 21:40 . 2010-09-10 05:49 25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll + 2010-10-10 02:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll + 2010-10-10 02:23 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2347290\spmsg.dll + 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe + 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll + 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2345886\spmsg.dll + 2010-08-27 06:01 . 2010-08-27 06:01 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll + 2010-10-10 01:54 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll + 2010-10-10 01:54 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2286198\spmsg.dll + 2010-10-14 03:55 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll + 2010-10-14 03:55 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2279986\spmsg.dll + 2010-10-10 02:26 . 2009-05-26 09:00 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll + 2010-10-10 02:26 . 2009-05-26 09:00 18296 c:\windows\$hf_mig$\KB2259922\spmsg.dll + 2010-10-10 02:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll + 2010-10-10 02:26 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2229593\spmsg.dll + 2010-10-10 02:17 . 2009-05-26 09:00 26488 c:\windows\$hf_mig$\KB2183461-IE8\update\spcustom.dll + 2010-10-10 02:17 . 2009-05-26 09:00 18296 c:\windows\$hf_mig$\KB2183461-IE8\spmsg.dll + 2010-10-09 23:29 . 2010-06-24 12:29 12800 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\xpshims.dll + 2010-10-09 23:29 . 2010-06-24 12:28 55296 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeedsbs.dll + 2010-10-09 23:29 . 2010-06-24 12:28 25600 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\jsproxy.dll + 2010-10-10 02:10 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll + 2010-10-10 02:10 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2160329\spmsg.dll + 2010-10-10 01:53 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll + 2010-10-10 01:53 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2141007\spmsg.dll + 2010-10-10 02:22 . 2010-02-22 14:19 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll + 2010-10-10 02:22 . 2010-02-22 14:19 18296 c:\windows\$hf_mig$\KB2121546\spmsg.dll + 2010-10-10 02:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll + 2010-10-10 02:26 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2115168\spmsg.dll + 2010-10-10 02:22 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll + 2010-10-10 02:22 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB2079403\spmsg.dll - 2010-07-04 00:26 . 2010-07-04 00:26 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2010-10-10 02:20 . 2010-10-10 02:20 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2008-05-05 10:24 . 2010-08-27 01:43 5120 c:\windows\system32\xpsp4res.dll + 2010-10-28 20:52 . 2008-04-13 13:39 5504 c:\windows\system32\drivers\MSTEE.sys - 2010-03-19 18:35 . 2008-04-13 14:39 5504 c:\windows\system32\dllcache\mstee.sys + 2010-10-28 20:52 . 2008-04-13 13:39 5504 c:\windows\system32\dllcache\mstee.sys + 2009-10-08 18:32 . 2010-12-17 14:03 4096 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 4096 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2010-10-10 02:20 . 2010-10-10 02:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2010-07-04 00:26 . 2010-07-04 00:26 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2010-10-10 02:20 . 2010-10-10 02:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2010-07-04 00:26 . 2010-07-04 00:26 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2010-07-04 00:26 . 2010-07-04 00:26 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-10-10 02:20 . 2010-10-10 02:20 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2010-07-04 00:26 . 2010-07-04 00:26 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-10-10 02:20 . 2010-10-10 02:20 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-10-10 02:21 . 2008-05-05 10:24 3072 c:\windows\$NtUninstallKB982802$\xpsp4res.dll + 2010-10-14 03:46 . 2010-07-22 06:19 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll + 2010-10-14 03:55 . 2010-08-13 21:44 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll + 2010-07-22 06:19 . 2010-07-22 06:19 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\sprv0416.dll + 2010-07-12 13:19 . 2010-07-12 13:19 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\sprv0416.dll + 2010-10-13 21:36 . 2010-08-13 21:44 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\sprv0416.dll + 2010-08-27 01:43 . 2010-08-27 01:43 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\sprv0416.dll - 2010-07-04 00:26 . 2010-07-04 00:26 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-10-10 02:20 . 2010-10-10 02:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2010-07-04 00:26 . 2010-07-04 00:26 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2009-07-12 03:02 . 2009-07-12 03:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-12 03:02 . 2009-07-12 03:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-12 03:05 . 2009-07-12 03:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2009-07-12 03:02 . 2009-07-12 03:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll + 2010-10-28 20:50 . 2008-08-08 19:55 348160 c:\windows\twain_32\JL2005C\jlisp.dll + 2010-10-28 20:50 . 2007-11-07 20:03 696320 c:\windows\twain_32\JL2005C\jl2005_ip.dll + 2010-01-27 02:09 . 2010-01-27 02:09 281104 c:\windows\system32\wpcap.dll - 2008-04-14 12:00 . 2008-04-14 12:00 293888 c:\windows\system32\winsrv.dll + 2008-04-14 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\winsrv.dll - 2008-04-14 12:00 . 2008-04-14 12:00 406016 c:\windows\system32\usp10.dll + 2008-04-14 12:00 . 2010-04-16 15:37 406016 c:\windows\system32\usp10.dll - 2008-04-14 12:00 . 2009-10-15 16:32 119808 c:\windows\system32\t2embed.dll + 2008-04-14 12:00 . 2010-08-27 08:03 119808 c:\windows\system32\t2embed.dll + 2008-04-14 12:00 . 2010-06-30 12:32 149504 c:\windows\system32\schannel.dll + 2008-04-14 12:00 . 2010-08-16 08:44 590848 c:\windows\system32\rpcrt4.dll + 2008-04-14 12:00 . 2010-11-02 11:21 471592 c:\windows\system32\perfh016.dat - 2008-04-14 12:00 . 2010-08-24 09:45 471592 c:\windows\system32\perfh016.dat - 2008-04-14 12:00 . 2010-08-24 09:45 435772 c:\windows\system32\perfh009.dat + 2008-04-14 12:00 . 2010-11-02 11:21 435772 c:\windows\system32\perfh009.dat + 2010-01-27 02:09 . 2010-01-27 02:09 100880 c:\windows\system32\Packet.dll + 2008-04-14 12:00 . 2010-11-06 00:21 206848 c:\windows\system32\occache.dll - 2008-04-14 12:00 . 2010-05-06 10:34 206848 c:\windows\system32\occache.dll - 2008-04-14 12:00 . 2010-05-06 10:34 611840 c:\windows\system32\mstime.dll + 2008-04-14 12:00 . 2010-11-06 00:21 611840 c:\windows\system32\mstime.dll + 2009-03-08 07:32 . 2010-11-06 00:21 602112 c:\windows\system32\msfeeds.dll - 2006-10-19 00:47 . 2006-10-19 00:47 317440 c:\windows\system32\MP4SDECD.dll + 2006-10-19 00:47 . 2010-03-30 15:24 317440 c:\windows\system32\mp4sdecd.dll + 2008-04-14 12:00 . 2010-09-18 15:23 974848 c:\windows\system32\mfc42u.dll + 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll + 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll + 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll + 2010-11-22 21:41 . 2010-11-22 21:41 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe + 2010-11-02 23:51 . 2010-11-02 23:51 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe + 2010-11-02 23:51 . 2010-11-02 23:51 311760 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.dll + 2010-08-25 17:32 . 2010-08-25 17:32 552960 c:\windows\system32\Logof.dll + 2010-10-28 20:50 . 2005-12-15 19:34 135168 c:\windows\system32\jl_jdct.drv + 2009-10-08 17:41 . 2010-06-09 07:44 692736 c:\windows\system32\inetcomm.dll + 2010-06-11 00:40 . 2010-06-11 00:40 922112 c:\windows\system32\imapi2fs.dll + 2010-06-11 00:40 . 2010-06-11 00:40 426496 c:\windows\system32\imapi2.dll - 2008-04-14 12:00 . 2010-05-06 10:34 184320 c:\windows\system32\iepeers.dll + 2008-04-14 12:00 . 2010-11-06 00:21 184320 c:\windows\system32\iepeers.dll + 2008-04-14 12:00 . 2010-11-06 00:21 387584 c:\windows\system32\iedkcs32.dll - 2008-04-14 12:00 . 2010-05-06 10:34 387584 c:\windows\system32\iedkcs32.dll + 2008-04-14 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe + 2009-10-08 14:31 . 2010-12-17 13:54 290088 c:\windows\system32\FNTCACHE.DAT + 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys + 2010-10-09 22:03 . 2010-09-07 14:52 165584 c:\windows\system32\drivers\aswSP.sys + 2010-10-09 22:03 . 2010-09-07 14:47 100176 c:\windows\system32\drivers\aswmon2.sys - 2010-02-12 14:46 . 2010-02-12 14:46 107808 c:\windows\system32\dns-sd.exe + 2010-07-27 20:44 . 2010-07-27 20:44 107808 c:\windows\system32\dns-sd.exe + 2009-10-08 17:39 . 2010-07-16 11:57 218624 c:\windows\system32\dllcache\wordpad.exe - 2008-04-14 12:00 . 2008-04-14 12:00 293888 c:\windows\system32\dllcache\winsrv.dll + 2008-04-14 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\dllcache\winsrv.dll + 2008-04-14 12:00 . 2010-11-06 00:21 916480 c:\windows\system32\dllcache\wininet.dll - 2008-04-14 12:00 . 2010-05-06 10:34 916480 c:\windows\system32\dllcache\wininet.dll - 2008-04-14 12:00 . 2008-04-14 12:00 406016 c:\windows\system32\dllcache\usp10.dll + 2008-04-14 12:00 . 2010-04-16 15:37 406016 c:\windows\system32\dllcache\usp10.dll + 2008-04-14 12:00 . 2010-08-27 08:03 119808 c:\windows\system32\dllcache\t2embed.dll - 2008-04-14 12:00 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll + 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys + 2008-04-14 12:00 . 2010-06-30 12:32 149504 c:\windows\system32\dllcache\schannel.dll + 2008-04-14 12:00 . 2010-08-16 08:44 590848 c:\windows\system32\dllcache\rpcrt4.dll - 2008-04-14 12:00 . 2008-04-14 12:00 249856 c:\windows\system32\dllcache\odbc32.dll + 2008-04-14 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll + 2008-04-14 12:00 . 2010-11-06 00:21 206848 c:\windows\system32\dllcache\occache.dll - 2008-04-14 12:00 . 2010-05-06 10:34 206848 c:\windows\system32\dllcache\occache.dll - 2008-04-14 12:00 . 2010-05-06 10:34 611840 c:\windows\system32\dllcache\mstime.dll + 2008-04-14 12:00 . 2010-11-06 00:21 611840 c:\windows\system32\dllcache\mstime.dll + 2009-10-08 17:41 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll - 2009-10-08 17:41 . 2008-04-14 12:00 102400 c:\windows\system32\dllcache\msjro.dll + 2009-10-16 12:53 . 2010-11-06 00:21 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-10-08 17:41 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll - 2009-10-08 17:41 . 2008-04-14 12:00 200704 c:\windows\system32\dllcache\msadox.dll - 2009-10-08 17:41 . 2008-04-14 12:00 180224 c:\windows\system32\dllcache\msadomd.dll + 2009-10-08 17:41 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll + 2009-10-08 17:41 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll - 2009-10-08 17:41 . 2008-04-14 12:00 536576 c:\windows\system32\dllcache\msado15.dll - 2009-10-08 17:41 . 2008-04-14 12:00 143360 c:\windows\system32\dllcache\msadco.dll + 2009-10-08 17:41 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll + 2010-03-30 15:24 . 2010-03-30 15:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll + 2008-04-14 12:00 . 2010-09-18 15:23 974848 c:\windows\system32\dllcache\mfc42u.dll + 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll + 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll + 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll + 2009-10-08 17:41 . 2010-06-09 07:44 692736 c:\windows\system32\dllcache\inetcomm.dll + 2010-06-11 00:40 . 2010-06-11 00:40 922112 c:\windows\system32\dllcache\imapi2fs.dll + 2010-06-11 00:40 . 2010-06-11 00:40 426496 c:\windows\system32\dllcache\imapi2.dll - 2009-10-16 12:53 . 2010-05-06 10:34 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-10-16 12:53 . 2010-11-06 00:21 247808 c:\windows\system32\dllcache\ieproxy.dll - 2008-04-14 12:00 . 2010-05-06 10:34 184320 c:\windows\system32\dllcache\iepeers.dll + 2008-04-14 12:00 . 2010-11-06 00:21 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-07-03 18:25 . 2010-11-06 00:21 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-07-03 18:25 . 2010-05-06 10:34 743424 c:\windows\system32\dllcache\iedvtool.dll - 2008-04-14 12:00 . 2010-05-06 10:34 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-14 12:00 . 2010-11-06 00:21 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-14 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2009-10-08 17:41 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe - 2009-10-08 17:41 . 2008-04-14 12:00 744448 c:\windows\system32\dllcache\helpsvc.exe - 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\dllcache\comctl32.dll + 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll + 2008-04-14 12:00 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll - 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\comctl32.dll + 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll + 2010-10-09 22:03 . 2010-09-07 15:11 167592 c:\windows\system32\aswBoot.exe - 2009-10-08 17:41 . 2008-04-14 12:00 744448 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe + 2009-10-08 17:41 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe + 2010-09-22 12:43 . 2010-09-22 12:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2010-03-23 08:31 . 2010-03-23 08:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2010-05-11 09:40 . 2010-05-11 09:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2009-08-08 02:51 . 2009-08-08 02:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2010-05-11 09:40 . 2010-05-11 09:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2010-11-12 14:23 . 2010-11-12 14:23 884736 c:\windows\Installer\c34c65.msp + 2010-09-24 00:02 . 2010-09-24 00:02 798208 c:\windows\Installer\43d12.msp + 2010-10-09 22:03 . 2010-10-09 22:03 219648 c:\windows\Installer\264f63.msi + 2010-12-04 01:57 . 2010-12-04 01:57 811008 c:\windows\Installer\2103495.msi + 2009-10-08 18:32 . 2010-12-17 14:03 409600 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2009-10-08 18:32 . 2010-07-04 00:32 409600 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2009-10-08 18:32 . 2010-12-17 14:03 286720 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 286720 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 249856 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2009-10-08 18:32 . 2010-12-17 14:03 249856 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2009-10-08 18:32 . 2010-07-04 00:32 794624 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2009-10-08 18:32 . 2010-12-17 14:03 794624 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2009-10-08 18:32 . 2010-07-04 00:32 135168 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe + 2009-10-08 18:32 . 2010-12-17 14:03 135168 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe + 2009-10-08 18:32 . 2010-12-17 14:03 593920 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2009-10-08 18:32 . 2010-07-04 00:32 593920 c:\windows\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2010-10-23 16:32 . 2010-10-23 20:30 380928 c:\windows\Installer\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}\iTunesIco.exe + 2007-04-19 16:01 . 2007-04-19 16:01 238424 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL + 2007-01-16 22:32 . 2007-01-16 22:32 136032 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL + 2007-04-19 15:54 . 2007-04-19 15:54 169312 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL + 2010-12-23 03:27 . 2010-09-10 05:51 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll + 2010-12-23 03:27 . 2010-07-05 13:12 395128 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll + 2010-12-23 03:27 . 2010-02-22 14:19 233336 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe + 2010-12-23 03:27 . 2010-09-10 05:51 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll + 2010-12-23 03:27 . 2010-09-10 05:51 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll + 2010-12-23 03:27 . 2010-09-10 05:51 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll + 2010-12-23 03:27 . 2010-09-10 05:51 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll + 2010-12-23 03:27 . 2010-09-10 05:51 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll + 2010-12-23 03:27 . 2010-09-10 05:51 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll + 2010-12-23 03:27 . 2010-09-10 05:51 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll + 2010-12-23 03:27 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe + 2010-10-14 03:54 . 2010-06-24 12:24 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll + 2010-10-14 03:54 . 2010-07-05 13:12 395128 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll + 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe + 2010-10-14 03:54 . 2010-06-24 12:24 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll + 2010-10-14 03:54 . 2010-06-24 12:24 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll + 2010-10-14 03:54 . 2010-06-24 12:24 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll + 2010-10-14 03:54 . 2010-06-24 12:24 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll + 2010-10-14 03:54 . 2010-06-24 12:24 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll + 2010-10-14 03:54 . 2010-06-24 12:24 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll + 2010-10-14 03:54 . 2010-06-24 12:24 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll + 2010-10-14 03:54 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe + 2010-10-10 02:17 . 2010-05-06 10:34 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll + 2010-10-10 02:17 . 2010-02-22 14:20 395128 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll + 2010-10-10 02:17 . 2009-05-26 09:00 233336 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe + 2010-10-10 02:17 . 2010-05-06 10:34 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll + 2010-10-10 02:17 . 2010-05-06 10:34 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll + 2010-10-10 02:17 . 2010-05-06 10:34 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll + 2010-10-10 02:17 . 2010-05-06 10:34 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll + 2010-10-10 02:17 . 2010-05-06 10:34 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll + 2010-10-10 02:17 . 2010-05-06 10:34 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll + 2010-10-10 02:17 . 2010-05-06 10:34 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll + 2010-10-10 02:17 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe + 2010-10-10 02:07 . 2010-10-10 02:07 835584 c:\windows\assembly\tmp\T4CJRZ6E\System.Web.Mobile.dll + 2010-10-10 02:20 . 2010-10-10 02:20 835584 c:\windows\assembly\tmp\5FMU2AIQ\System.Web.Mobile.dll + 2010-10-10 16:21 . 2010-10-10 16:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe + 2010-10-10 16:21 . 2010-10-10 16:21 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\cf67b75a1da96795723d2034e48ba183\WindowsLiveLocal.WriterPlugin.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f7eecdbf8f73f127df632e81bc835484\WindowsLive.Writer.Interop.Mshtml.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd5335b13b4ce8f10990c752f3c0a6b9\WindowsLive.Writer.HtmlEditor.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cf5151086dd038a82602c9167c9acad5\WindowsLive.Writer.Passport.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc7d0d688ca1fb7bd0e0ba3f17e3add1\WindowsLive.Writer.HtmlParser.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c46d84073499887c745801bda334c97f\WindowsLive.Writer.Interop.SHDocVw.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\879fd6f22250247f79ee663b80199b73\WindowsLive.Writer.Localization.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\80ce7f3c877dff36e07711517ed49b19\WindowsLive.Writer.BrowserControl.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\796b11733fd16a0128c89ae37abce0f4\WindowsLive.Writer.Instrumentation.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\70cc2bbf8d87c63f36d05bf7a4a01a69\WindowsLive.Writer.Mshtml.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\69968aa6fb3a6fb47df1b2dd59f1e1a2\WindowsLive.Writer.FileDestinations.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5efde99101ca1afd5ad2b21f793e2854\WindowsLive.Writer.BlogClient.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36888cd642eab375b37c2d8ae121d2ad\WindowsLive.Writer.Controls.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\323d5898b41430c73305874d4b93bf25\WindowsLive.Writer.Extensibility.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0e5d49b051e355c696ed7a2b5b24a623\WindowsLive.Writer.Interop.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0d82d08289c6b8f928d8804f69f959ec\WindowsLive.Writer.SpellChecker.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b34623aa698e02b699e5b4706b1cd248\WindowsLive.Client.ni.dll + 2010-10-10 13:12 . 2010-10-10 13:12 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll + 2010-10-10 13:11 . 2010-10-10 13:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll + 2010-10-10 13:11 . 2010-10-10 13:11 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll + 2010-10-10 16:19 . 2010-10-10 16:19 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll + 2010-10-10 16:19 . 2010-10-10 16:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll + 2010-10-10 16:20 . 2010-10-10 16:20 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll + 2010-10-10 02:28 . 2010-10-10 02:28 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe + 2010-10-10 16:21 . 2010-10-10 16:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe + 2010-10-10 02:25 . 2010-10-10 02:25 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll + 2010-10-10 02:25 . 2010-10-10 02:25 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll + 2010-10-10 02:25 . 2010-10-10 02:25 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll + 2010-10-10 02:25 . 2010-10-10 02:25 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe + 2010-10-10 16:21 . 2010-10-10 16:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe + 2010-10-10 13:22 . 2010-10-10 13:22 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll - 2010-07-04 00:25 . 2010-07-04 00:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-10-10 02:20 . 2010-10-10 02:20 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-10-10 02:20 . 2010-10-10 02:20 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2010-07-04 00:26 . 2010-07-04 00:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2010-07-04 00:26 . 2010-07-04 00:26 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2010-07-04 00:26 . 2010-07-04 00:26 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-10-10 02:20 . 2010-10-10 02:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-10-10 02:20 . 2010-10-10 02:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2010-07-04 00:26 . 2010-07-04 00:26 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2010-07-04 00:26 . 2010-07-04 00:26 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-10-10 02:20 . 2010-10-10 02:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2010-07-04 00:26 . 2010-07-04 00:26 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-10-10 02:20 . 2010-10-10 02:20 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2010-07-04 00:26 . 2010-07-04 00:26 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2010-07-04 00:26 . 2010-07-04 00:26 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-10-10 02:20 . 2010-10-10 02:20 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2010-07-04 00:26 . 2010-07-04 00:26 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2010-10-10 02:20 . 2010-10-10 02:20 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2010-07-04 00:26 . 2010-07-04 00:26 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-10-10 02:20 . 2010-10-10 02:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-10-10 02:20 . 2010-10-10 02:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2010-07-04 00:26 . 2010-07-04 00:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2010-07-04 00:26 . 2010-07-04 00:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-10-10 02:20 . 2010-10-10 02:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2010-07-04 00:26 . 2010-07-04 00:26 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-10-10 02:20 . 2010-10-10 02:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-10-10 02:20 . 2010-10-10 02:20 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2010-07-04 00:26 . 2010-07-04 00:26 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-10-10 02:20 . 2010-10-10 02:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2010-07-04 00:26 . 2010-07-04 00:26 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2010-10-10 02:20 . 2010-10-10 02:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2010-07-04 00:26 . 2010-07-04 00:26 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-10-10 02:20 . 2010-10-10 02:20 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2010-07-04 00:26 . 2010-07-04 00:26 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2010-07-04 00:26 . 2010-07-04 00:26 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-10-10 02:20 . 2010-10-10 02:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2010-07-04 00:26 . 2010-07-04 00:26 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-10-10 02:20 . 2010-10-10 02:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2010-07-04 00:25 . 2010-07-04 00:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2010-10-10 02:20 . 2010-10-10 02:20 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2010-07-04 00:26 . 2010-07-04 00:26 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2010-10-10 02:20 . 2010-10-10 02:20 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2010-07-04 00:26 . 2010-07-04 00:26 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-10-10 02:20 . 2010-10-10 02:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-10-10 02:20 . 2010-10-10 02:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2010-07-04 00:26 . 2010-07-04 00:26 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-10-10 02:20 . 2010-10-10 02:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2010-07-04 00:26 . 2010-07-04 00:26 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2010-10-10 02:21 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982802$\spuninst\updspapi.dll + 2010-10-10 02:21 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982802$\spuninst\spuninst.exe + 2010-10-10 02:21 . 2009-04-15 14:53 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll + 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll + 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe + 2010-10-10 02:27 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys + 2010-10-10 02:27 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll + 2010-10-10 02:27 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2009-10-15 16:32 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll + 2010-10-14 03:55 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe + 2010-10-10 01:53 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll + 2010-10-10 01:53 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe + 2010-10-14 03:48 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll + 2010-10-14 03:48 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe + 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll + 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe + 2010-10-10 02:02 . 2008-04-14 12:00 406016 c:\windows\$NtUninstallKB981322$\usp10.dll + 2010-10-10 02:02 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll + 2010-10-10 02:02 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe + 2010-10-10 02:03 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll + 2010-10-10 02:03 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe + 2010-10-10 02:03 . 2009-06-25 08:27 147456 c:\windows\$NtUninstallKB980436$\schannel.dll + 2010-10-14 03:54 . 2008-04-21 21:15 216064 c:\windows\$NtUninstallKB979687$\wordpad.exe + 2010-10-14 03:54 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll + 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe + 2010-10-10 02:26 . 2007-07-28 02:11 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll + 2010-10-10 02:26 . 2007-07-28 00:07 233336 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe + 2010-10-10 02:26 . 2006-10-19 00:47 317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll + 2010-11-22 21:55 . 2010-06-11 00:40 379184 c:\windows\$NtUninstallKB952011$\spuninst\updspapi.dll + 2010-11-22 21:55 . 2010-06-11 00:40 221488 c:\windows\$NtUninstallKB952011$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2008-04-14 12:00 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll + 2010-10-14 03:55 . 2008-04-14 12:00 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll + 2010-10-14 03:55 . 2008-04-14 12:00 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll + 2010-10-14 03:55 . 2007-07-28 02:11 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2007-07-28 00:07 233336 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe + 2010-10-14 03:46 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll + 2010-10-14 03:46 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe + 2010-10-14 03:46 . 2010-07-22 15:46 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll + 2010-10-10 02:23 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll + 2010-10-10 02:23 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2010-06-21 15:27 354304 c:\windows\$NtUninstallKB2345886$\srv.sys + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2008-04-14 12:00 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll + 2010-10-10 01:54 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll + 2010-10-10 01:54 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe + 2010-10-14 03:55 . 2010-04-20 05:31 285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll + 2010-10-10 02:26 . 2009-05-26 09:00 395128 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll + 2010-10-10 02:26 . 2009-05-26 09:00 233336 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe + 2010-10-10 02:26 . 2010-02-22 22:50 395128 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll + 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe + 2010-10-10 02:26 . 2008-04-14 12:00 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe + 2010-10-10 02:10 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll + 2010-10-10 02:10 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe + 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll + 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe + 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll + 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe + 2010-10-10 01:53 . 2010-01-29 15:00 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll + 2010-10-10 02:22 . 2008-04-14 12:00 293888 c:\windows\$NtUninstallKB2121546$\winsrv.dll + 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll + 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe + 2010-10-10 02:26 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll + 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe + 2010-10-10 02:22 . 2009-05-26 11:40 395128 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll + 2010-10-10 02:22 . 2009-05-26 11:40 233336 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe + 2010-10-10 02:21 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982802\update\updspapi.dll + 2010-10-10 02:21 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982802\update\update.exe + 2010-10-10 02:21 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982802\spuninst.exe + 2010-07-23 06:17 . 2010-07-23 06:17 590848 c:\windows\$hf_mig$\KB982802\SP3QFE\rpcrt4.dll + 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982665\update\updspapi.dll + 2010-10-10 01:53 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982665\update\update.exe + 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982665\spuninst.exe + 2010-10-10 02:27 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB982214\update\updspapi.dll + 2010-10-10 02:27 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB982214\update\update.exe + 2010-10-10 02:27 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB982214\spuninst.exe + 2010-10-09 23:04 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys + 2010-10-14 03:55 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB982132\update\updspapi.dll + 2010-10-14 03:55 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB982132\update\update.exe + 2010-10-14 03:55 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB982132\spuninst.exe + 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll + 2010-10-10 01:53 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB981997\update\updspapi.dll + 2010-10-10 01:53 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB981997\update\update.exe + 2010-10-10 01:53 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB981997\spuninst.exe + 2010-10-14 03:48 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB981957\update\updspapi.dll + 2010-10-14 03:48 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB981957\update\update.exe + 2010-10-14 03:48 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB981957\spuninst.exe + 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB981852\update\updspapi.dll + 2010-10-10 02:22 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB981852\update\update.exe + 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB981852\spuninst.exe + 2010-10-10 02:02 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB981322\update\updspapi.dll + 2010-10-10 02:02 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB981322\update\update.exe + 2010-10-10 02:02 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB981322\spuninst.exe + 2010-04-16 15:30 . 2010-04-16 15:30 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll + 2010-10-10 02:03 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB980436\update\updspapi.dll + 2010-10-10 02:03 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB980436\update\update.exe + 2010-10-10 02:03 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB980436\spuninst.exe + 2010-06-30 12:24 . 2010-06-30 12:24 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll + 2010-10-14 03:54 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB979687\update\updspapi.dll + 2010-10-14 03:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB979687\update\update.exe + 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB979687\spuninst.exe + 2010-07-16 11:56 . 2010-07-16 11:56 218624 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll + 2010-10-14 03:55 . 2010-07-05 13:12 760696 c:\windows\$hf_mig$\KB2387149\update\update.exe + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2387149\spuninst.exe + 2010-10-13 21:36 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll + 2010-10-13 21:36 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll + 2010-10-13 21:36 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll + 2010-10-13 21:36 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll + 2010-10-14 03:46 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll + 2010-10-14 03:46 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2360937\update\update.exe + 2010-10-14 03:46 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2360937\spuninst.exe + 2010-10-13 21:36 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll + 2010-10-14 03:54 . 2010-07-05 13:12 395128 c:\windows\$hf_mig$\KB2360131-IE8\update\updspapi.dll + 2010-10-14 03:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2360131-IE8\update\update.exe + 2010-10-14 03:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2360131-IE8\spuninst.exe + 2010-10-13 21:40 . 2010-09-10 05:49 919552 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll + 2010-10-13 21:40 . 2010-09-10 05:49 206848 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\occache.dll + 2010-10-13 21:40 . 2010-09-10 05:49 611840 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mstime.dll + 2010-10-13 21:40 . 2010-09-10 05:49 602112 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeeds.dll + 2010-10-13 21:40 . 2010-09-10 05:49 247808 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieproxy.dll + 2010-10-13 21:40 . 2010-09-10 05:49 184320 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iepeers.dll + 2010-10-13 21:40 . 2010-09-10 05:49 743424 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedvtool.dll + 2010-10-13 21:40 . 2010-09-10 05:49 387584 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedkcs32.dll + 2010-10-13 21:40 . 2010-09-08 15:49 173056 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ie4uinit.exe + 2010-10-10 02:23 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll + 2010-10-10 02:23 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2347290\update\update.exe + 2010-10-10 02:23 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2347290\spuninst.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2345886\update\update.exe + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2345886\spuninst.exe + 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys + 2010-10-10 01:54 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll + 2010-10-10 01:54 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2286198\update\update.exe + 2010-10-10 01:54 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2286198\spuninst.exe + 2010-10-14 03:55 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll + 2010-10-14 03:55 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2279986\update\update.exe + 2010-10-14 03:55 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2279986\spuninst.exe + 2010-09-01 11:49 . 2010-09-01 11:49 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll + 2010-10-10 02:26 . 2009-05-26 09:00 395128 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll + 2010-10-10 02:26 . 2009-05-26 09:00 760696 c:\windows\$hf_mig$\KB2259922\update\update.exe + 2010-10-10 02:26 . 2009-05-26 09:00 233336 c:\windows\$hf_mig$\KB2259922\spuninst.exe + 2010-10-10 02:26 . 2010-02-22 22:50 395128 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll + 2010-10-10 02:26 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2229593\update\update.exe + 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2229593\spuninst.exe + 2010-10-09 22:25 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe + 2010-10-10 02:17 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2183461-IE8\update\updspapi.dll + 2010-10-10 02:17 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2183461-IE8\update\update.exe + 2010-10-10 02:17 . 2009-05-26 09:00 233336 c:\windows\$hf_mig$\KB2183461-IE8\spuninst.exe + 2010-10-09 23:29 . 2010-06-24 12:29 919040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll + 2010-10-09 23:29 . 2010-06-24 12:29 206848 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\occache.dll + 2010-10-09 23:29 . 2010-06-24 12:29 611840 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mstime.dll + 2010-10-09 23:29 . 2010-06-24 12:28 599040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeeds.dll + 2010-10-09 23:29 . 2010-06-24 12:28 247808 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieproxy.dll + 2010-10-09 23:29 . 2010-06-24 12:28 184320 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iepeers.dll + 2010-10-09 23:29 . 2010-06-24 12:28 743424 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedvtool.dll + 2010-10-09 23:29 . 2010-06-24 12:28 387584 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedkcs32.dll + 2010-10-09 23:29 . 2010-06-23 11:31 173056 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ie4uinit.exe + 2010-10-10 02:10 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll + 2010-10-10 02:10 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2160329\update\update.exe + 2010-10-10 02:10 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2160329\spuninst.exe + 2010-10-10 01:53 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll + 2010-10-10 01:53 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2141007\update\update.exe + 2010-10-10 01:53 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2141007\spuninst.exe + 2010-06-09 07:42 . 2010-06-09 07:42 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll + 2010-10-10 02:22 . 2010-02-22 14:20 395128 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll + 2010-10-10 02:22 . 2010-02-22 14:19 760696 c:\windows\$hf_mig$\KB2121546\update\update.exe + 2010-10-10 02:22 . 2010-02-22 14:19 233336 c:\windows\$hf_mig$\KB2121546\spuninst.exe + 2010-06-18 17:46 . 2010-06-18 17:46 293888 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll + 2010-10-10 02:26 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll + 2010-10-10 02:26 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2115168\update\update.exe + 2010-10-10 02:26 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2115168\spuninst.exe + 2010-10-10 02:22 . 2009-05-26 11:40 395128 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll + 2010-10-10 02:22 . 2009-05-26 11:40 760696 c:\windows\$hf_mig$\KB2079403\update\update.exe + 2010-10-10 02:22 . 2009-05-26 11:40 233336 c:\windows\$hf_mig$\KB2079403\spuninst.exe + 2010-10-13 21:35 . 2010-08-23 16:11 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll + 2009-07-12 03:02 . 2009-07-12 03:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-12 03:02 . 2009-07-12 03:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2008-04-14 12:00 . 2010-11-06 00:21 1210880 c:\windows\system32\urlmon.dll + 2008-04-14 12:00 . 2010-07-27 06:29 8492032 c:\windows\system32\shell32.dll + 2008-04-14 12:00 . 2010-07-16 12:00 1287680 c:\windows\system32\ole32.dll - 2008-04-14 12:00 . 2010-02-17 17:07 2194176 c:\windows\system32\ntoskrnl.exe + 2008-04-14 12:00 . 2010-04-28 18:13 2194176 c:\windows\system32\ntoskrnl.exe - 2008-04-13 19:00 . 2010-02-16 19:07 2071040 c:\windows\system32\ntkrnlpa.exe + 2008-04-13 19:00 . 2010-04-28 05:43 2071040 c:\windows\system32\ntkrnlpa.exe - 2008-04-14 12:00 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll + 2008-04-14 12:00 . 2010-06-14 07:42 1172480 c:\windows\system32\msxml3.dll + 2008-04-14 12:00 . 2010-11-06 00:21 5959168 c:\windows\system32\mshtml.dll + 2010-11-22 21:41 . 2010-11-22 21:41 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2009-03-08 07:32 . 2010-11-06 00:21 1991680 c:\windows\system32\iertutil.dll + 2010-12-04 02:30 . 2010-09-28 17:44 4184352 c:\windows\system32\DRVSTORE\usbaapl_DECA0B114863448FE4957E5F5676B09528A18C9F\usbaaplrc.dll + 2010-12-04 02:31 . 2010-04-19 22:29 1461992 c:\windows\system32\DRVSTORE\netaapl_A0C073C4137716F9478B8B08B2873A7AB3AECF72\wdfcoinstaller01009.dll + 2008-04-14 12:00 . 2010-10-26 13:58 1853440 c:\windows\system32\dllcache\win32k.sys + 2008-04-14 12:00 . 2010-11-06 00:21 1210880 c:\windows\system32\dllcache\urlmon.dll + 2008-04-14 12:00 . 2010-07-27 06:29 8492032 c:\windows\system32\dllcache\shell32.dll + 2008-04-14 12:00 . 2010-07-16 12:00 1287680 c:\windows\system32\dllcache\ole32.dll - 2008-04-14 12:00 . 2010-02-17 17:07 2194176 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-04-14 12:00 . 2010-04-28 18:13 2194176 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-10-12 00:56 . 2010-04-28 05:43 2028544 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-10-12 00:56 . 2010-02-16 19:07 2028544 c:\windows\system32\dllcache\ntkrpamp.exe - 2008-04-13 19:00 . 2010-02-16 19:07 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-04-13 19:00 . 2010-04-28 05:43 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe - 2009-10-12 00:56 . 2010-02-16 19:07 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-10-12 00:56 . 2010-04-28 05:43 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-04-14 12:00 . 2010-06-14 07:42 1172480 c:\windows\system32\dllcache\msxml3.dll - 2008-04-14 12:00 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll + 2008-04-14 12:00 . 2010-11-06 00:21 5959168 c:\windows\system32\dllcache\mshtml.dll - 2009-10-08 17:41 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe + 2009-10-08 17:41 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe + 2009-10-16 12:53 . 2010-11-06 00:21 1991680 c:\windows\system32\dllcache\iertutil.dll + 2010-09-22 12:44 . 2010-09-22 12:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll - 2010-03-23 08:32 . 2010-03-23 08:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll - 2009-08-08 02:51 . 2009-08-08 02:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2010-05-11 09:40 . 2010-05-11 09:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2010-05-11 09:40 . 2010-05-11 09:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2010-10-22 17:45 . 2010-10-22 17:45 8444928 c:\windows\Installer\c34c85.msp + 2010-10-01 23:53 . 2010-10-01 23:53 4147712 c:\windows\Installer\c34c4c.msp + 2010-12-06 17:02 . 2010-12-06 17:02 5518848 c:\windows\Installer\7108b.msp + 2010-10-23 16:32 . 2010-10-23 16:32 6333440 c:\windows\Installer\67324d.msi + 2010-08-05 16:16 . 2010-08-05 16:16 4034560 c:\windows\Installer\43d8e.msp + 2010-06-28 19:01 . 2010-06-28 19:01 7677952 c:\windows\Installer\43d6d.msp + 2010-05-25 14:45 . 2010-05-25 14:45 8445440 c:\windows\Installer\43d58.msp + 2010-06-11 20:55 . 2010-06-11 20:55 1827328 c:\windows\Installer\43d40.msp + 2010-06-29 01:53 . 2010-06-29 01:53 6819840 c:\windows\Installer\43d27.msp + 2010-08-20 16:50 . 2010-08-20 16:50 5518848 c:\windows\Installer\43cf7.msp + 2010-09-23 10:39 . 2010-09-23 10:39 4265472 c:\windows\Installer\43ce2.msp + 2010-08-04 18:12 . 2010-08-04 18:12 1004544 c:\windows\Installer\43cd8.msp + 2010-08-25 20:06 . 2010-08-25 20:06 6479360 c:\windows\Installer\43cd1.msp + 2010-07-10 23:14 . 2010-07-10 23:14 2850816 c:\windows\Installer\43cbd.msp + 2010-10-23 14:53 . 2010-10-23 14:53 1984000 c:\windows\Installer\33e1a4.msi + 2011-01-13 20:04 . 2011-01-13 20:04 9472000 c:\windows\Installer\270c17f.msi + 2010-09-17 08:04 . 2010-09-17 08:04 9401856 c:\windows\Installer\23294c7.msp + 2010-10-01 19:42 . 2010-10-01 19:42 5054464 c:\windows\Installer\23294aa.msp + 2010-10-22 15:25 . 2010-10-22 15:25 5521408 c:\windows\Installer\2329495.msp + 2010-12-04 02:31 . 2010-12-04 02:32 3085312 c:\windows\Installer\21034e2.msi + 2010-08-13 20:59 . 2010-08-13 20:59 8182272 c:\windows\Installer\19daa11.msp + 2010-08-13 21:02 . 2010-08-13 21:02 2545664 c:\windows\Installer\19daa09.msp + 2010-08-23 20:09 . 2010-08-23 20:09 7673344 c:\windows\Installer\19daa01.msp + 2010-10-04 19:32 . 2010-10-04 19:32 5517824 c:\windows\Installer\19da9ec.msp + 2010-08-24 12:49 . 2010-08-24 12:49 6825472 c:\windows\Installer\19da9d7.msp + 2007-05-10 15:43 . 2007-05-10 15:43 6688096 c:\windows\Installer\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE + 2009-08-20 19:23 . 2009-08-20 19:23 4672872 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6514\WRD12CNV.DLL + 2010-12-23 03:27 . 2010-09-10 05:51 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll + 2010-12-23 03:27 . 2010-09-10 05:51 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll + 2010-12-23 03:27 . 2010-09-10 05:51 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll + 2010-10-14 03:54 . 2010-06-24 12:24 1210368 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll + 2010-10-14 03:54 . 2010-06-24 12:24 5951488 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll + 2010-10-14 03:54 . 2010-06-24 12:24 1986560 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll + 2010-10-10 02:17 . 2010-05-06 10:34 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll + 2010-10-10 02:17 . 2010-05-06 10:34 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll + 2010-10-10 02:17 . 2010-05-06 10:34 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll - 2009-10-12 00:56 . 2010-02-17 17:07 2194176 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-10-12 00:56 . 2010-04-28 18:13 2194176 c:\windows\Driver Cache\i386\ntoskrnl.exe - 2009-10-12 00:56 . 2010-02-16 19:07 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2009-10-12 00:56 . 2010-04-28 05:43 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2009-02-10 22:07 . 2010-04-28 05:43 2071040 c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2009-02-10 22:07 . 2010-02-16 19:07 2071040 c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2009-10-12 00:56 . 2010-02-16 19:07 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-10-12 00:56 . 2010-04-28 05:43 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2010-10-10 02:09 . 2010-10-10 02:09 3182592 c:\windows\assembly\tmp\X7FNV3AI\System.dll + 2010-10-10 16:20 . 2010-10-10 16:20 2018816 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ec6601e9b75d691ee7339616559b5232\WindowsLive.Writer.CoreServices.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7226cd21c68247fa3b23612fa1b848f9\WindowsLive.Writer.PostEditor.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4f183789843f054fba4ea676b9637b04\WindowsLive.Writer.ApplicationFramework.ni.dll + 2010-10-10 02:22 . 2010-10-10 02:22 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll + 2010-10-10 13:11 . 2010-10-10 13:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll + 2010-10-10 02:22 . 2010-10-10 02:22 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll + 2010-10-10 13:11 . 2010-10-10 13:11 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll + 2010-10-10 16:27 . 2010-10-10 16:27 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll + 2010-10-10 16:19 . 2010-10-10 16:19 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll + 2010-10-10 02:28 . 2010-10-10 02:28 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll + 2010-10-10 16:19 . 2010-10-10 16:19 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll + 2010-10-10 02:28 . 2010-10-10 02:28 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll + 2010-10-10 02:26 . 2010-10-10 02:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll + 2010-10-10 02:26 . 2010-10-10 02:26 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll + 2010-10-10 16:22 . 2010-10-10 16:22 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll + 2010-10-10 02:26 . 2010-10-10 02:26 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll + 2010-10-10 02:26 . 2010-10-10 02:26 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll + 2010-10-10 02:25 . 2010-10-10 02:25 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll + 2010-10-10 02:22 . 2010-10-10 02:22 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll + 2010-10-10 16:23 . 2010-10-10 16:23 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll + 2010-10-10 16:21 . 2010-10-10 16:21 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll - 2010-07-04 00:26 . 2010-07-04 00:26 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2010-10-10 02:20 . 2010-10-10 02:20 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2010-10-10 02:20 . 2010-10-10 02:20 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2010-07-04 00:26 . 2010-07-04 00:26 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2010-10-10 02:20 . 2010-10-10 02:20 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2010-07-04 00:25 . 2010-07-04 00:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-10-10 02:22 . 2010-10-10 02:22 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2009-10-13 23:17 . 2009-10-13 23:17 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2010-10-10 02:20 . 2010-10-10 02:20 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2010-07-04 00:25 . 2010-07-04 00:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-10-10 02:20 . 2010-10-10 02:20 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2010-07-04 00:25 . 2010-07-04 00:25 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-10-10 02:20 . 2010-10-10 02:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2010-07-04 00:26 . 2010-07-04 00:26 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2010-10-10 02:20 . 2010-10-10 02:20 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2010-10-10 01:53 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe + 2010-10-14 03:48 . 2010-06-24 09:02 1852032 c:\windows\$NtUninstallKB981957$\win32k.sys + 2010-10-10 02:22 . 2010-02-17 17:07 2194176 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe + 2010-10-10 02:22 . 2010-02-16 19:07 2028544 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe + 2010-10-10 02:22 . 2010-02-16 19:07 2071040 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe + 2010-10-10 02:22 . 2010-02-16 19:07 2150400 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe + 2010-10-14 03:54 . 2008-04-14 12:00 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll + 2010-10-14 03:55 . 2008-04-14 12:00 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll + 2010-10-10 01:54 . 2008-06-17 19:02 8491008 c:\windows\$NtUninstallKB2286198$\shell32.dll + 2010-10-10 02:10 . 2010-05-02 08:08 1851392 c:\windows\$NtUninstallKB2160329$\win32k.sys + 2010-10-10 02:22 . 2009-07-31 04:33 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll + 2010-10-09 23:08 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe + 2010-09-01 07:57 . 2010-09-01 07:57 1862016 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys + 2010-10-09 22:52 . 2010-04-28 05:18 2194304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe + 2010-10-09 22:52 . 2010-04-28 05:17 2028544 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe + 2010-04-29 02:18 . 2010-04-29 02:18 2071168 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe + 2010-10-09 22:52 . 2010-04-28 05:18 2150400 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe + 2010-07-16 11:59 . 2010-07-16 11:59 1288704 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll + 2010-10-13 21:40 . 2010-09-10 05:49 1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll + 2010-10-13 21:40 . 2010-09-10 05:49 5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll + 2010-10-13 21:40 . 2010-09-10 05:49 1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll + 2010-07-27 06:28 . 2010-07-27 06:28 8493056 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll + 2010-10-09 23:29 . 2010-06-24 12:29 1211904 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\urlmon.dll + 2010-10-09 23:29 . 2010-06-24 12:29 5954560 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll + 2010-10-09 23:29 . 2010-06-24 12:28 1987072 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll + 2010-06-24 21:29 . 2010-06-24 21:29 1861248 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys + 2010-06-14 07:40 . 2010-06-14 07:40 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll - 2008-04-14 12:00 . 2009-07-14 02:43 10841088 c:\windows\system32\wmp.dll + 2008-04-14 12:00 . 2010-08-26 02:36 10841088 c:\windows\system32\wmp.dll + 2009-10-13 19:56 . 2011-01-15 05:01 37403080 c:\windows\system32\MRT.exe + 2009-03-08 07:39 . 2010-11-06 00:21 11080704 c:\windows\system32\ieframe.dll + 2008-04-14 12:00 . 2010-08-26 02:36 10841088 c:\windows\system32\dllcache\wmp.dll - 2008-04-14 12:00 . 2009-07-14 02:43 10841088 c:\windows\system32\dllcache\wmp.dll + 2009-10-16 12:53 . 2010-11-06 00:21 11080704 c:\windows\system32\dllcache\ieframe.dll + 2010-12-17 01:57 . 2010-12-17 01:57 20304384 c:\windows\Installer\c34c70.msp + 2010-06-11 20:52 . 2010-06-11 20:52 45542912 c:\windows\Installer\43d41.msp + 2010-05-19 16:08 . 2010-05-19 16:08 11408896 c:\windows\Installer\43d0b.msp + 2010-10-10 02:16 . 2010-10-10 02:16 20303872 c:\windows\Installer\43d02.msp + 2010-10-14 18:57 . 2010-10-14 18:57 11189248 c:\windows\Installer\23294bf.msp + 2010-12-23 03:27 . 2010-09-10 05:51 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll + 2010-10-14 03:54 . 2010-06-24 20:54 11077120 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll + 2010-10-10 02:17 . 2010-05-06 10:34 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll + 2010-10-10 02:29 . 2010-10-10 02:29 12024832 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38B.tmp\System.Windows.Forms.dll + 2010-10-10 13:11 . 2010-10-10 13:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll + 2010-10-10 16:20 . 2010-10-10 16:20 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll + 2010-10-10 16:19 . 2010-10-10 16:19 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll + 2010-10-10 02:27 . 2010-10-10 02:27 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll + 2010-10-10 02:24 . 2010-10-10 02:25 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll + 2010-10-10 02:23 . 2010-10-10 02:23 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll + 2010-10-10 02:22 . 2010-10-10 02:22 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll + 2010-10-14 03:55 . 2009-07-14 02:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll + 2010-09-10 14:19 . 2010-09-10 14:19 11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll + 2010-10-09 23:29 . 2010-06-24 12:28 11079168 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll . -- Snapshot resetado para data atual -- . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}] 2010-10-18 14:26 3908192 ----a-w- c:\arquivos de programas\Softonic_Brasil\tbSoft.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080] "swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-18 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] "iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-09-24 421160] "mcui_exe"="c:\arquivos de programas\McAfee.com\Agent\mcagent.exe" [2010-11-22 1193848] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-11-29 421888] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\ McAfee Security Scan Plus.lnk - c:\arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Atualizador Automatico - Folhamatic.lnk] backup=c:\windows\pss\Atualizador Automatico - Folhamatic.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Auto Backup - Folhamatic.LNK] backup=c:\windows\pss\Auto Backup - Folhamatic.LNKCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk] backup=c:\windows\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] 2006-05-10 14:12 90112 ----a-w- c:\arquivos de programas\ATI Technologies\ATI.ACE\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel] 2006-08-16 03:20 53248 ------w- c:\arquivos de programas\Realtek\InstallShield\AzMixerSel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-05-12 02:12 49152 ----a-w- c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2007-05-15 18:55 1057328 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-17 10:15 221184 ----a-w- c:\arquiv~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-17 10:15 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-24 04:10 421160 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-06 01:55 54832 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] 2006-09-07 11:52 479232 ----a-w- c:\arquiv~1\LAUNCH~1\QtZgAcer.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe] 2010-11-22 20:15 1193848 ----a-w- c:\arquivos de programas\McAfee.com\Agent\mcagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-17 01:12 3872080 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem] 2009-07-29 17:01 1962648 ----a-w- c:\arquivos de programas\Nokia\Nokia Internet Modem\Wellphone2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 19:38 421888 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 18:10 56928 ------w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-08-16 03:23 16248320 ----a-w- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc] 2007-05-15 18:55 1628208 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-08-16 03:21 2879488 ----a-w- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 19:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 17:21 246504 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Ares\\Ares.exe"= "c:\\folhawin\\atualizador\\atualizador.exe"= "c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"= "c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"= "c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "c:\\Arquivos de programas\\iTunes\\iTunes.exe"= "c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= "c:\\Arquivos de programas\\Arquivos comuns\\McAfee\\McSvcHost\\McSvHost.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [09/10/2010 20:03 165584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [19/11/2010 18:00 84072] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/10/2010 20:03 17744] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\McAfee\SiteAdvisor\McSACore.exe [19/03/2010 18:44 88176] R2 McMPFSvc;McAfee Personal Firewall;"c:\arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480] R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe [19/11/2010 18:00 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [19/11/2010 18:00 141792] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 00:09 50704] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [19/11/2010 18:00 55840] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [19/11/2010 18:00 313288] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544] S2 0007201295044842mcinstcleanup;McAfee Application Installer Cleanup (0007201295044842);c:\windows\TEMP\000720~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\000720~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [09/10/2010 20:05 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 10:49 227232] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [19/11/2010 18:00 84264] S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [22/06/2009 14:41 18688] S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [22/06/2009 14:41 27008] S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [09/10/2009 18:29 98432] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01/08/2010 15:10 691696] --- =Outros Serviços/Drivers Na Memória --- *NewlyCreated* - 0007201295044842MCINSTCLEANUP *Deregistered* - mfeavfk01 . Conteúdo da pasta 'Tarefas Agendadas' 2011-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2009-10-22 14:50] 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-10-09 22:04] 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-10-09 22:04] 2011-01-15 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] 2011-01-15 c:\windows\Tasks\User_Feed_Synchronization-{2DFD6A99-60EB-42AE-BE0E-4865A1A7142D}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31] 2011-01-15 c:\windows\Tasks\User_Feed_Synchronization-{A63760CC-2B08-48B6-A9DA-BAA3844E50E8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.google.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\bk6df2gu.default\ . - - - - ORFÃOS REMOVIDOS - - - - MSConfigStartUp-Adobe ARM - c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe MSConfigStartUp-Adobe Reader Speed Launcher - c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-01-15 04:52 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):50,05,62,cd,7b,51,fe,26,e2,1b,22,a3,82,32,a7,8d,3a,da,2d,e6,e3, a9,df,53,d8,64,3a,58,b3,41,43,69,5d,12,51,c3,0f,92,67,70,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8ee7e689-a3ca-4a4c-aaa9-0a24f3ee9427}] @Denied: (Full) (Everyone) "Model"=dword:000000de "Therad"=dword:0000000b [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*] "6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(1020) c:\windows\system32\Ati2evxx.dll . Tempo para conclusão: 2011-01-15 04:57:30 ComboFix-quarantined-files.txt 2011-01-15 06:57 ComboFix2.txt 2010-09-18 15:23 ComboFix3.txt 2010-09-18 14:05 ComboFix4.txt 2010-03-18 21:15 Pré-execução: 27 pasta(s) 51.535.286.272 bytes disponíveis Pós execução: 28 pasta(s) 51.864.711.168 bytes disponíveis - - End Of File - - 00B4DD6E6395606393022AC6A46491D6 Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 15, 2011 Olá! Por favor, siga as instruções abaixo: << 1 >> Acesse o site " Jotti's malware scan " Na caixa que fica em cima (File to upload & scan); Copie e cole o(s) seguinte(s) arquivo(s) um de cada vez: c:\windows\system32\GPhotos.scr c:\windows\system32\drivers\ndproxy.sys [*]Clique no botão [*]O(s) arquivo(s) irá(serão) ser examinado(s) por diferentes softwares antivirus, por favor aguarde. [*]Copie e cole o(s) resultado(s). Se o site acima estiver muito congestionado, tente num desses sites: Alternativa 1 Alternativa 2 << 2 >> Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s). Delete o Combofix.exe do seu desktop e baixe uma nova versão AQUI, salvando no seu Desktop. Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está dentro do "Code":RegLock:: [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8ee7e689-a3ca-4a4c-aaa9-0a24f3ee9427}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*] Registry:: [-HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] Salve este arquivo como: CFScript.txt Tal com exemplificado na foto acima, arraste o arquivo CFScript.txt para dentro do ComboFix.exe. Se solicitado, pressione Enter para iniciar o processo de remoção. Não use o mouse nem o teclado quando o ComboFix estiver rodando. Quando a ferramenta terminar de rodar, gerará um log. Poste esse arquivo C:\ComboFix.txt. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Janeiro 19, 2011 Resultado do scan do arquivo GPhotos.scr Filename: GPhotos.scr Status: Scan finished. 0 out of 18 scanners reported malware. Scan taken on: Wed 19 Jan 2011 22:53:06 (CET) Permalink -------------------------------------------------------------------------------- Additional info File size: 4280320 bytes Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: 27a89e12360ea1f2e894d6c1884e74b7 SHA1: 8876c25e1be840087fb3d318121bfb0e5df520bc Scanners 2011-01-19 Found nothing 2011-01-19 Found nothing Scanner unavailable 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-18 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing ------------------------------------------------------------------------------------------------------ Resultado do scan do arquivo ndproxy.sys Jotti's malware scan Filename: ndproxy.sys Status: Scan finished. 0 out of 19 scanners reported malware. Scan taken on: Wed 19 Jan 2011 22:59:33 (CET) Permalink -------------------------------------------------------------------------------- Additional info File size: 40960 bytes Filetype: PE32 executable for MS Windows (native) Intel 80386 32-bit MD5: 9282bd12dfb069d3889eb3fcc1000a9b SHA1: f76e50cf3a2a40a2d71437c7662cff8be9be037f Packer (Kaspersky): PE_Patch Scanners 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-18 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing 2011-01-19 Found nothing ----------------------------------------------------------------- Log do ComboFix ComboFix 11-01-18.04 - Usuario 19/01/2011 20:38:18.5.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.440 [GMT -2:00] Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe Comandos utilizados :: c:\documents and settings\Usuario\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: McAfee Anti-Virus e Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((( Arquivos/Ficheiros criados de 2010-12-19 to 2011-01-19 )))))))))))))))))))))))))))) . 2011-01-19 21:37 . 2011-01-19 21:37 -------- d-----w- c:\windows\LastGood 2011-01-15 04:43 . 2011-01-15 04:44 -------- d-----w- c:\arquivos de programas\Ad-Remover 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin7.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin6.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin5.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin4.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin3.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin2.dll 2011-01-13 20:04 . 2011-01-13 20:04 159744 ----a-w- c:\arquivos de programas\Internet Explorer\Plugins\npqtplugin.dll 2011-01-13 09:25 . 2011-01-13 09:25 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Malwarebytes 2011-01-13 09:24 . 2010-12-20 20:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes 2011-01-13 09:24 . 2010-12-20 20:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-13 09:24 . 2011-01-13 09:24 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2011-01-07 23:44 . 2011-01-07 23:44 388608 ----a-w- C:\HiJackThis.exe 2011-01-04 17:00 . 2011-01-04 17:00 -------- d-----w- c:\documents and settings\Suellen\Dados de aplicativos\PhotoScape 2011-01-03 03:11 . 2011-01-03 03:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-29 19:38 . 2010-11-29 19:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 19:38 . 2010-11-29 19:38 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-18 18:15 . 2009-10-08 17:41 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 16:17 . 2010-11-19 20:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-11-12 16:17 . 2010-11-19 20:00 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-11-12 16:17 . 2010-11-19 20:00 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-11-12 16:17 . 2010-11-19 20:00 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-11-12 16:17 . 2010-11-19 20:00 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-11-12 16:17 . 2010-11-19 20:00 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-11-12 16:17 . 2010-11-19 20:00 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-11-12 16:17 . 2010-11-19 20:00 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-11-12 16:17 . 2010-11-19 20:00 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-11-12 16:17 . 2010-03-19 20:39 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-11-12 16:17 . 2010-03-19 20:39 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:27 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:58 . 2008-04-14 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((( SnapShot_2011-01-15_06.52.15 ))))))))))))))))))))))))))))))))))))))))) . + 2011-01-19 20:42 . 2011-01-19 20:42 16384 c:\windows\Temp\Perflib_Perfdata_2b8.dat - 2011-01-03 03:11 . 2011-01-14 22:42 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat + 2011-01-03 03:11 . 2011-01-19 21:38 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat + 2011-01-15 10:32 . 2011-01-19 21:38 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2010-09-24 23:29 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-10-08 17:48 . 2011-01-19 21:38 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat - 2009-10-08 17:48 . 2011-01-14 22:42 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12fc3d37-2a42-4fe3-8489-81296878cba5}] 2010-10-18 14:26 3908192 ----a-w- c:\arquivos de programas\Softonic_Brasil\tbSoft.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{12fc3d37-2a42-4fe3-8489-81296878cba5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{12FC3D37-2A42-4FE3-8489-81296878CBA5}"= "c:\arquivos de programas\Softonic_Brasil\tbSoft.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{12fc3d37-2a42-4fe3-8489-81296878cba5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080] "swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-18 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] "iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-09-24 421160] "mcui_exe"="c:\arquivos de programas\McAfee.com\Agent\mcagent.exe" [2010-11-22 1193848] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-11-29 421888] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\ McAfee Security Scan Plus.lnk - c:\arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Atualizador Automatico - Folhamatic.lnk] backup=c:\windows\pss\Atualizador Automatico - Folhamatic.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Auto Backup - Folhamatic.LNK] backup=c:\windows\pss\Auto Backup - Folhamatic.LNKCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk] backup=c:\windows\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] 2006-05-10 14:12 90112 ----a-w- c:\arquivos de programas\ATI Technologies\ATI.ACE\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel] 2006-08-16 03:20 53248 ------w- c:\arquivos de programas\Realtek\InstallShield\AzMixerSel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-05-12 02:12 49152 ----a-w- c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2007-05-15 18:55 1057328 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-17 10:15 221184 ----a-w- c:\arquiv~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-17 10:15 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-24 04:10 421160 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-06 01:55 54832 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] 2006-09-07 11:52 479232 ----a-w- c:\arquiv~1\LAUNCH~1\QtZgAcer.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe] 2010-11-22 20:15 1193848 ----a-w- c:\arquivos de programas\McAfee.com\Agent\mcagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-17 01:12 3872080 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem] 2009-07-29 17:01 1962648 ----a-w- c:\arquivos de programas\Nokia\Nokia Internet Modem\Wellphone2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 19:38 421888 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 18:10 56928 ------w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-08-16 03:23 16248320 ----a-w- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc] 2007-05-15 18:55 1628208 ----a-w- c:\arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-08-16 03:21 2879488 ----a-w- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 19:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 17:21 246504 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Ares\\Ares.exe"= "c:\\folhawin\\atualizador\\atualizador.exe"= "c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"= "c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"= "c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "c:\\Arquivos de programas\\iTunes\\iTunes.exe"= "c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= "c:\\Arquivos de programas\\Arquivos comuns\\McAfee\\McSvcHost\\McSvHost.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [09/10/2010 20:03 165584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [19/11/2010 18:00 84072] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/10/2010 20:03 17744] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\McAfee\SiteAdvisor\McSACore.exe [19/03/2010 18:44 88176] R2 McMPFSvc;McAfee Serviço Personal Firewall;"c:\arquivos de programas\Arquivos comuns\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [19/11/2010 17:59 271480] R2 mfefire;McAfee Firewall Core Service;c:\arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe [19/11/2010 18:00 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [19/11/2010 18:00 141792] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 00:09 50704] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [19/11/2010 18:00 55840] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [19/11/2010 18:00 313288] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544] S2 0229321295473087mcinstcleanup;McAfee Application Installer Cleanup (0229321295473087);c:\windows\TEMP\022932~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\022932~1.EXE c:\arquiv~1\ARQUIV~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [09/10/2010 20:05 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 10:49 227232] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [19/11/2010 18:00 88544] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [19/11/2010 18:00 84264] S3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\drivers\nokiacpo.sys [22/06/2009 14:41 18688] S3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\drivers\nokiappo.sys [22/06/2009 14:41 27008] S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [09/10/2009 18:29 98432] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01/08/2010 15:10 691696] --- =Outros Serviços/Drivers Na Memória --- *Deregistered* - mfeavfk01 . Conteúdo da pasta 'Tarefas Agendadas' 2011-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2009-10-22 14:50] 2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-10-09 22:04] 2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-10-09 22:04] 2011-01-19 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] 2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{2DFD6A99-60EB-42AE-BE0E-4865A1A7142D}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31] 2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{A63760CC-2B08-48B6-A9DA-BAA3844E50E8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.google.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\bk6df2gu.default\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-01-19 20:48 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo. device: opened successfully user: error reading MBR kernel: MBR read successfully user != kernel MBR !!! ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*] "6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(1024) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3228) c:\windows\system32\WININET.dll c:\arquiv~1\WINDOW~2\wmpband.dll c:\arquivos de programas\Scpad\scpLIB.dll c:\arquivos de programas\Scpad\scpMIB.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tempo para conclusão: 2011-01-19 20:52:05 ComboFix-quarantined-files.txt 2011-01-19 22:52 ComboFix2.txt 2011-01-15 06:57 ComboFix3.txt 2010-09-18 15:23 ComboFix4.txt 2010-09-18 14:05 ComboFix5.txt 2011-01-19 22:35 Pré-execução: 27 pasta(s) 53.636.931.584 bytes disponíveis Pós execução: 28 pasta(s) 53.643.874.304 bytes disponíveis - - End Of File - - A2BB0017BE9BB956FEC52AEF145DB341 Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Janeiro 21, 2011 Olá! << 1 >> Siga o tutorial abaixo e execute o Kaspersky Removal Tool. Depois poste o log gerado. Tutorial do Kaspersky Virus Removal Tool << 2 >> Siga o tutorial abaixo e execute o Spyware Doctor Starter Edition. Depois poste o log gerado. Tutorial do Spyware Doctor Starter Edition Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Janeiro 26, 2011 Segue log do Kaspersky, quanto ao log do PCtools Spyware doctor,'não esta sendo possivel fazer verificaçao completa após tres dias verificando e varias reinicializações atinge no maximo 25% e da erro uma tela azul e o computador reinicia sozinho. Quando reinicia ele abre automaticamente na tela do Kaspersky e em seguinda inicia o Inteli-Scan do Spyware doctor. Verificação automática: concluído 1 dia atrás (eventos: 39, objetos: 3315710, hora: 19:11:46) 22/01/2011 12:22:39 Tarefa iniciada Ação padrão selecionada 22/01/2011 12:24:46 Detectados: Trojan.Win32.AutoRun.abj C:\UsbFix_Upload_Me_ACER.zip/UsbFix_Upload_Me/autorun.inf.UsbFix Ação padrão selecionada 22/01/2011 12:26:18 Excluído: Trojan.Win32.AutoRun.abj C:\UsbFix_Upload_Me_ACER.zip/UsbFix_Upload_Me/autorun.inf.UsbFix Ação padrão selecionada 22/01/2011 12:46:30 Erro de processamento C:\Arquivos de programas\ATI Technologies\ATI.ACE\th\CLI.Aspect.MultiVPU3.Graphics.Dashboard.resources.dll Erro de leitura 22/01/2011 12:56:50 Erro de processamento C:\Arquivos de programas\HP\Digital Imaging\bin\ltefx13n.dll Erro de leitura 22/01/2011 13:14:22 Erro de processamento C:\Arquivos de programas\Mozilla Firefox 4.0 Beta 5\nssckbi.dll Erro de leitura 22/01/2011 13:18:54 Erro de processamento C:\Arquivos de programas\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll Erro de leitura 22/01/2011 16:37:54 Detectados: Worm.Win32.AutoRun.bldz C:\Documents and Settings\Usuario\Meus documentos\Downloads\pcmega_setup.exe/data0000/UPX Ação padrão selecionada 22/01/2011 16:51:50 Excluído: Worm.Win32.AutoRun.bldz C:\Documents and Settings\Usuario\Meus documentos\Downloads\pcmega_setup.exe Ação padrão selecionada 22/01/2011 18:39:12 Detectados: Trojan.Win32.AutoRun.abj C:\UsbFix\Quarantine\E\autorun.inf.UsbFix Ação padrão selecionada 22/01/2011 18:44:05 Erro de processamento C:\WINDOWS\twain_32.dll Erro de leitura 22/01/2011 18:47:04 Erro de processamento C:\WINDOWS\$hf_mig$\KB955069\update\spcustom.dll Erro de leitura 22/01/2011 18:50:22 Excluído: Trojan.Win32.AutoRun.abj C:\UsbFix\Quarantine\E\autorun.inf.UsbFix Ação padrão selecionada 22/01/2011 18:55:58 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll Erro de leitura 22/01/2011 18:57:11 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll Erro de leitura 22/01/2011 19:02:46 Erro de processamento C:\WINDOWS\GeoOCX\WebCam\20090326\PTZ\PtzConfig.dll Erro de leitura 22/01/2011 19:05:05 Erro de processamento C:\WINDOWS\Help\spolsconcepts.chm Erro de leitura 22/01/2011 19:20:25 Erro de processamento C:\WINDOWS\system32\msvidctl.dll Erro de leitura 22/01/2011 19:24:48 Erro de processamento C:\WINDOWS\system32\tapi3.dll Erro de leitura 22/01/2011 19:30:25 Erro de processamento C:\WINDOWS\system32\termmgr.dll Erro de leitura 22/01/2011 19:34:39 Erro de processamento C:\WINDOWS\system32\wavemsp.dll Erro de leitura 22/01/2011 19:43:25 Erro de processamento C:\WINDOWS\system32\wiadss.dll Erro de leitura 22/01/2011 19:54:03 Erro de processamento C:\WINDOWS\system32\dllcache\sysdm.cpl Erro de leitura 22/01/2011 20:57:20 Erro de processamento c:\WINDOWS\system32\msvidctl.dll Erro de leitura 22/01/2011 21:27:59 Erro de processamento C:\Arquivos de programas\ATI Technologies\ATI.ACE\th\CLI.Aspect.MultiVPU3.Graphics.Dashboard.resources.dll Erro de leitura 22/01/2011 21:44:57 Erro de processamento C:\Arquivos de programas\HP\Digital Imaging\bin\ltefx13n.dll Erro de leitura 22/01/2011 22:08:04 Erro de processamento C:\Arquivos de programas\Mozilla Firefox 4.0 Beta 5\nssckbi.dll Erro de leitura 22/01/2011 22:17:26 Erro de processamento C:\Arquivos de programas\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll Erro de leitura 23/01/2011 05:13:10 Erro de processamento C:\WINDOWS\twain_32.dll Erro de leitura 23/01/2011 05:18:06 Erro de processamento C:\WINDOWS\$hf_mig$\KB955069\update\spcustom.dll Erro de leitura 23/01/2011 05:35:47 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll Erro de leitura 23/01/2011 05:37:05 Erro de processamento C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll Erro de leitura 23/01/2011 05:45:16 Erro de processamento C:\WINDOWS\GeoOCX\WebCam\20090326\PTZ\PtzConfig.dll Erro de leitura 23/01/2011 05:47:44 Erro de processamento C:\WINDOWS\Help\spolsconcepts.chm Erro de leitura 23/01/2011 06:40:46 Erro de processamento C:\WINDOWS\system32\msvidctl.dll Erro de leitura 23/01/2011 06:50:28 Erro de processamento C:\WINDOWS\system32\termmgr.dll Erro de leitura 23/01/2011 06:55:00 Erro de processamento C:\WINDOWS\system32\wavemsp.dll Erro de leitura 23/01/2011 07:04:22 Erro de processamento C:\WINDOWS\system32\wiadss.dll Erro de leitura 23/01/2011 07:34:33 Tarefa concluída Ação padrão selecionada Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Fevereiro 2, 2011 Olá! Por favor, poste um novo log do DDS. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Fevereiro 2, 2011 Segue Log DDS.txt DDS (Ver_10-12-12.02) - NTFSx86 Run by Usuario at 19:18:06,90 on 02/02/2011 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.766.320 [GMT -2:00] AV: McAfee Anti-Virus e Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\mfevtps.exe C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.EXE C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\ARQUIV~1\LAUNCH~1\QtZgAcer.EXE C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Spyware Doctor\pctsTray.exe C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Nokia\Nokia Internet Modem\WellPhone2.exe C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe C:\DOCUME~1\Usuario\CONFIG~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe C:\WINDOWS\System32\alg.exe C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\DfrgNtfs.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\Usuario\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll uURLSearchHooks: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll BHO: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - c:\arquivos de programas\scpad\scpsssh2.dll BHO: {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\arquiv~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\arquivos de programas\arquivos comuns\mcafee\systemcore\ScriptSn.20101207191131.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\arquivos de programas\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\arquivos de programas\free download manager\iefdm2.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll TB: Softonic_Brasil Toolbar: {12fc3d37-2a42-4fe3-8489-81296878cba5} - c:\arquivos de programas\softonic_brasil\tbSoft.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\arquivos de programas\google\google toolbar\GoogleToolbar_32.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\MsnMsgr.Exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Nokia Internet Modem] "c:\arquivos de programas\nokia\nokia internet modem\WellPhone2.exe" /background uRun: [spybotSD TeaTimer] c:\arquivos de programas\spybot - search & destroy\TeaTimer.exe uRun: [swg] "c:\arquivos de programas\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [iTunesHelper] "c:\arquivos de programas\itunes\iTunesHelper.exe" mRun: [mcui_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey mRun: [ATICCC] "c:\arquivos de programas\ati technologies\ati.ace\CLIStart.exe" mRun: [AzMixerSel] c:\arquivos de programas\realtek\installshield\AzMixerSel.exe mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe" mRun: [skyTel] SkyTel.EXE mRun: [securDisc] c:\arquivos de programas\nero\nero 7\incd\NBHGui.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe mRun: [iSUSPM Startup] c:\arquiv~1\arquiv~1\instal~1\update~1\isuspm.exe -startup mRun: [inCD] c:\arquivos de programas\nero\nero 7\incd\InCD.exe mRun: [iSUSScheduler] "c:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start mRun: [LanguageShortcut] "c:\arquivos de programas\cyberlink\powerdvd\language\Language.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [LManager] c:\arquiv~1\launch~1\QtZgAcer.EXE mRun: [mcagent_exe] "c:\arquivos de programas\mcafee.com\agent\mcagent.exe" /runkey mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\QTTask.exe" -atboottime mRun: [RemoteControl] "c:\arquivos de programas\cyberlink\powerdvd\PDVDServ.exe" mRun: [iSTray] "c:\arquivos de programas\spyware doctor\pctsTray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-explorer: HonorAutoRunSetting = 0 (0x0) mPolicies-explorer: HonorAutoRunSetting = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\free download manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\free download manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\free download manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\free download manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000 IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\arquivos de programas\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\arquivos de programas\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\arquivos de programas\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\arquivos de programas\widcomm\bluetooth software\btsendto_ie.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\arquivos de programas\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\arquiv~1\spybot~1\SDHelper.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255203921203 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - c:\arquivos de programas\scpad\scpLIB.dll STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - c:\arquivos de programas\scpad\scpLIB.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\usuario\dadosd~1\mozilla\firefox\profiles\bk6df2gu.default\ FF - prefs.js: network.proxy.http - FF - prefs.js: network.proxy.http_port - 0 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\arquivos de programas\google\picasa3\npPicasa3.dll FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\microsoft\office live\npOLW.dll FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll ============= SERVICES / DRIVERS =============== R? fsssvc;Serviço Windows Live Proteção para a Família R? gupdate;Google Update Service (gupdate) R? McComponentHostService;McAfee Security Scan Component Host Service R? mfendisk;McAfee Core NDIS Intermediate Filter R? mferkdet;McAfee Inc. mferkdet R? mferkdk;McAfee Inc. mferkdk R? mfesmfk;McAfee Inc. mfesmfk R? nokiacpo;Nokia Internet Stick Wireless Modem Service Install R? nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service R? utqwodiy;AVZ Kernel Driver R? zteusbser;ZTE USB Device for Legacy Serial Communication S? cfwids;McAfee Inc. cfwids S? fssfltr;fssfltr S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service S? McMPFSvc;McAfee Serviço Personal Firewall S? McNaiAnn;McAfee VirusScan Announcer S? McProxy;McAfee Proxy Service S? McShield;McShield S? mfeavfk;McAfee Inc. mfeavfk S? mfebopk;McAfee Inc. mfebopk S? mfefire;McAfee Firewall Core Service S? mfefirek;McAfee Inc. mfefirek S? mfehidk;McAfee Inc. mfehidk S? mfendiskmp;mfendiskmp S? mfetdi2k;McAfee Inc. mfetdi2k S? mfevtp;McAfee Validation Trust Protection Service S? npf;NetGroup Packet Filter Driver S? PCTCore;PCTools KDS S? sdAuxService;PC Tools Auxiliary Service S? sdCoreService;PC Tools Security Service =============== Created Last 30 ================ 2011-01-24 03:23:53 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2011-01-24 03:22:20 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2011-01-24 03:22:20 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2011-01-24 03:21:21 -------- d-----w- c:\arquivos de programas\arquivos comuns\PC Tools 2011-01-24 03:21:20 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2011-01-24 03:20:21 -------- d-----w- c:\docume~1\usuario\dadosd~1\PC Tools 2011-01-24 03:20:21 -------- d-----w- c:\docume~1\alluse~1\dadosd~1\PC Tools 2011-01-24 03:20:21 -------- d-----w- c:\arquivos de programas\Spyware Doctor 2011-01-13 20:04:46 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin7.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin6.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin5.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin4.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin3.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin2.dll 2011-01-13 20:04:45 159744 ----a-w- c:\arquivos de programas\internet explorer\plugins\npqtplugin.dll 2011-01-13 09:25:20 -------- d-----w- c:\docume~1\usuario\dadosd~1\Malwarebytes 2011-01-13 09:24:49 -------- d-----w- c:\docume~1\alluse~1\dadosd~1\Malwarebytes 2011-01-13 09:24:43 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2011-01-07 23:44:33 388608 ----a-w- C:\HiJackThis.exe ==================== Find3M ==================== 2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-29 19:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 19:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-18 18:15:22 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 16:17:32 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-08 03:20:24 89088 ----a-w- c:\windows\MBR.exe 2010-11-06 00:21:10 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21:08 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21:08 1469440 ----a-w- c:\windows\system32\inetcpl.cpl =================== ROOTKIT ==================== Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo. device: opened successfully user: error reading MBR Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x83B83AB8] 3 CLASSPNP[0xF7612FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x83B73940] kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; } user != kernel MBR !!! ============= FINISH: 19:46:11,28 =============== Segue Log Attach.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 08/10/2009 14:47:13 System Uptime: 02/02/2011 06:36:02 (13 hours ago) Motherboard: Acer, Inc. | | Prespa M Processor: Mobile AMD Sempron Processor 3500+ | Socket M2/S1G1 | 1799/133mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 112 GiB total, 59,319 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Atheros AR5007EG Wireless Network Adapter Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_04281468&REV_01\4&1BF192B7&0&0020 Manufacturer: Atheros Name: Atheros AR5007EG Wireless Network Adapter PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_04281468&REV_01\4&1BF192B7&0&0020 Service: AR5211 ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop 7.0 Adobe Shockwave Player 11.5 Aplicativos SEFAZ 2002 Apple Application Support Apple Mobile Device Support Apple Software Update Ares 2.1.1 Arquivo do WinRAR Assistente de Conexão do Windows Live Atheros Wireless LAN ATI - Utilitário de desinstalação de software ATI Catalyst Control Center ATI Display Driver ATI Parental Control & Encoder Atualização de Segurança para o Windows Media Player (KB2378111) Atualização de Segurança para o Windows Media Player (KB952069) Atualização de Segurança para o Windows Media Player (KB954155) Atualização de Segurança para o Windows Media Player (KB968816) Atualização de Segurança para o Windows Media Player (KB973540) Atualização de Segurança para o Windows Media Player (KB975558) Atualização de Segurança para o Windows Media Player (KB978695) Atualização de Segurança para o Windows Media Player 11 (KB954154) Atualização de Segurança para Windows Internet Explorer 8 (KB2183461) Atualização de Segurança para Windows Internet Explorer 8 (KB2360131) Atualização de Segurança para Windows Internet Explorer 8 (KB2416400) Atualização de Segurança para Windows Internet Explorer 8 (KB971961) Atualização de Segurança para Windows Internet Explorer 8 (KB974455) Atualização de Segurança para Windows Internet Explorer 8 (KB976325) Atualização de Segurança para Windows Internet Explorer 8 (KB978207) Atualização de Segurança para Windows Internet Explorer 8 (KB981332) Atualização de Segurança para Windows Internet Explorer 8 (KB982381) Atualização de Segurança para Windows XP (KB2079403) Atualização de Segurança para Windows XP (KB2115168) Atualização de Segurança para Windows XP (KB2121546) Atualização de Segurança para Windows XP (KB2160329) Atualização de Segurança para Windows XP (KB2229593) Atualização de Segurança para Windows XP (KB2259922) Atualização de Segurança para Windows XP (KB2279986) Atualização de Segurança para Windows XP (KB2286198) Atualização de Segurança para Windows XP (KB2296011) Atualização de Segurança para Windows XP (KB2296199) Atualização de Segurança para Windows XP (KB2347290) Atualização de Segurança para Windows XP (KB2360937) Atualização de Segurança para Windows XP (KB2387149) Atualização de Segurança para Windows XP (KB2419632) Atualização de Segurança para Windows XP (KB2423089) Atualização de Segurança para Windows XP (KB2436673) Atualização de Segurança para Windows XP (KB2440591) Atualização de Segurança para Windows XP (KB2443105) Atualização de Segurança para Windows XP (KB923561) Atualização de Segurança para Windows XP (KB938464-v2) Atualização de Segurança para Windows XP (KB941569) Atualização de Segurança para Windows XP (KB946648) Atualização de Segurança para Windows XP (KB950762) Atualização de Segurança para Windows XP (KB950974) Atualização de Segurança para Windows XP (KB951066) Atualização de Segurança para Windows XP (KB951376-v2) Atualização de Segurança para Windows XP (KB951748) Atualização de Segurança para Windows XP (KB952004) Atualização de Segurança para Windows XP (KB952954) Atualização de Segurança para Windows XP (KB954459) Atualização de Segurança para Windows XP (KB954600) Atualização de Segurança para Windows XP (KB955069) Atualização de Segurança para Windows XP (KB956572) Atualização de Segurança para Windows XP (KB956744) Atualização de Segurança para Windows XP (KB956802) Atualização de Segurança para Windows XP (KB956803) Atualização de Segurança para Windows XP (KB956844) Atualização de Segurança para Windows XP (KB957097) Atualização de Segurança para Windows XP (KB958644) Atualização de Segurança para Windows XP (KB958687) Atualização de Segurança para Windows XP (KB958869) Atualização de Segurança para Windows XP (KB959426) Atualização de Segurança para Windows XP (KB960225) Atualização de Segurança para Windows XP (KB960803) Atualização de Segurança para Windows XP (KB960859) Atualização de Segurança para Windows XP (KB961371-v2) Atualização de Segurança para Windows XP (KB961501) Atualização de Segurança para Windows XP (KB968537) Atualização de Segurança para Windows XP (KB969059) Atualização de Segurança para Windows XP (KB969947) Atualização de Segurança para Windows XP (KB970238) Atualização de Segurança para Windows XP (KB970430) Atualização de Segurança para Windows XP (KB971468) Atualização de Segurança para Windows XP (KB971486) Atualização de Segurança para Windows XP (KB971557) Atualização de Segurança para Windows XP (KB971633) Atualização de Segurança para Windows XP (KB971657) Atualização de Segurança para Windows XP (KB972270) Atualização de Segurança para Windows XP (KB973346) Atualização de Segurança para Windows XP (KB973354) Atualização de Segurança para Windows XP (KB973507) Atualização de Segurança para Windows XP (KB973525) Atualização de Segurança para Windows XP (KB973869) Atualização de Segurança para Windows XP (KB973904) Atualização de Segurança para Windows XP (KB974112) Atualização de Segurança para Windows XP (KB974318) Atualização de Segurança para Windows XP (KB974392) Atualização de Segurança para Windows XP (KB974571) Atualização de Segurança para Windows XP (KB975025) Atualização de Segurança para Windows XP (KB975467) Atualização de Segurança para Windows XP (KB975560) Atualização de Segurança para Windows XP (KB975561) Atualização de Segurança para Windows XP (KB975562) Atualização de Segurança para Windows XP (KB975713) Atualização de Segurança para Windows XP (KB977165) Atualização de Segurança para Windows XP (KB977816) Atualização de Segurança para Windows XP (KB977914) Atualização de Segurança para Windows XP (KB978037) Atualização de Segurança para Windows XP (KB978251) Atualização de Segurança para Windows XP (KB978262) Atualização de Segurança para Windows XP (KB978338) Atualização de Segurança para Windows XP (KB978542) Atualização de Segurança para Windows XP (KB978601) Atualização de Segurança para Windows XP (KB978706) Atualização de Segurança para Windows XP (KB979309) Atualização de Segurança para Windows XP (KB979482) Atualização de Segurança para Windows XP (KB979559) Atualização de Segurança para Windows XP (KB979683) Atualização de Segurança para Windows XP (KB979687) Atualização de Segurança para Windows XP (KB980195) Atualização de Segurança para Windows XP (KB980218) Atualização de Segurança para Windows XP (KB980232) Atualização de Segurança para Windows XP (KB980436) Atualização de Segurança para Windows XP (KB981322) Atualização de Segurança para Windows XP (KB981852) Atualização de Segurança para Windows XP (KB981957) Atualização de Segurança para Windows XP (KB981997) Atualização de Segurança para Windows XP (KB982132) Atualização de Segurança para Windows XP (KB982214) Atualização de Segurança para Windows XP (KB982665) Atualização de Segurança para Windows XP (KB982802) Atualização para Windows Internet Explorer 8 (KB976662) Atualização para Windows Internet Explorer 8 (KB976749) Atualização para Windows XP (KB2141007) Atualização para Windows XP (KB2345886) Atualização para Windows XP (KB2467659) Atualização para Windows XP (KB898461) Atualização para Windows XP (KB951978) Atualização para Windows XP (KB955759) Atualização para Windows XP (KB961503) Atualização para Windows XP (KB967715) Atualização para Windows XP (KB968389) Atualização para Windows XP (KB971737) Atualização para Windows XP (KB973687) Atualização para Windows XP (KB973815) Bonjour BufferChm CCleaner Conectividade Social Destinations DeviceFunctionQFolder DeviceManagementQFolder DigiSignDoc Leitor DVD Shrink 3.2 DVD Suite eSupportQFolder Ferramenta de Carregamento do Windows Live Free Audio CD Burner version 1.4 Free Download Manager 3.4 BETA Free YouTube to MP3 Converter version 3.9 GeoVision ADPCM GeoVision H264 GeoVision JPEG GeoVision MPEG2 GeoVision MPEG4 GeoVision MPEG4 ASP GeoVision MPEG4 AVC Gerenciador de Aplicacoes de Notas Fiscais Google Toolbar for Internet Explorer Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix para o Windows Media Player 11 (KB939683) Hotfix para Windows XP (KB2158563) Hotfix para Windows XP (KB2443685) Hotfix para Windows XP (KB952287) Hotfix para Windows XP (KB961118) Hotfix para Windows XP (KB970653-v3) Hotfix para Windows XP (KB976098-v2) Hotfix para Windows XP (KB981793) HP Deskjet 3900 series HP Imaging Device Functions 5.0 HP Software Update HP Solution Center & Imaging Support Tools 5.0 HPDeskjet3900Series HPProductAssistant iTunes J2SE Runtime Environment 5.0 Update 10 Java Auto Updater Java 6 Update 18 JDownloader Junk Mail filter update Launch Manager McAfee Security Scan Plus McAfee SecurityCenter MCESimplificado Messenger Plus! Live Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Professional Edição 2003 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft WSE 3.0 Runtime Mozilla Firefox 4.0b5 (x86 pt-BR) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Essentials neroxml Nokia Internet Modem OGA Notifier 2.0.0048.0 Pacote de Compatibilidade para o sistema Office 2007 PhotoScape Picasa 3 PowerDVD PowerProducer QuickTime REALTEK GbE & FE Ethernet NIC Driver Realtek High Definition Audio Driver Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) SEFIP 8.40 Segoe UI Skype™ 4.2 Softonic_Brasil Toolbar Software WIDCOMM Bluetooth SolutionCenter Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy Spyware Doctor 6.0 Status The KMPlayer (remove only) TrayApp Uninstall 1.0.0.1 Uninstall Dual Mode Camera Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) WebFldrs XP WebReg Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Galeria de Fotos Windows Live Mail Windows Live Messenger Windows Live Proteção para a Família Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 WinPcap 4.1.1 XP Codec Pack ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Fevereiro 8, 2011 Olá! Seu log não apresenta infecções. Sugiro que limpe o número de complementos do seu navegador (desabilite todos que não forem necessários para você) e faça uma limpeza do registro e de arquivos com programas como o CCleaner. Abraços. Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Fevereiro 11, 2011 OK, obrigado. Porem deixo registrado que após os procedimentos propostos o computador continua lento ao iniciar, mesmo desabilitando programas que inicia junto com o windows e ao abrir navegador (até o chrome), e apreceu uma deficiencia no som ficou rouco e lento ao reproduzir qualquer som mesmos os simples som do windows. Uma vez aberto os navegadores navegar não é problema. Informo que estou formatando a maquina, creio que alguns arquivos do windows estao corrompidos. Obrigado pela atenção. Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Fevereiro 12, 2011 O computador começou a ficar lento ao iniciar, Segue Log para analise Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:20:34, on 12/02/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Users\Silas\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101113013153.dll O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Silas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GoToAssist - Invalid registry found O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Serviço Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SessionLauncher - Unknown owner - c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TipCtrl - Unknown owner - C:\Program Files (x86)\uTIPu\TipCtrl.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14145 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Fevereiro 14, 2011 Olá! Deixe-me entender: Você formatou a máquina e ela está lenta novamente? O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mO4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe Há muitos programas sendo carregados na inicialização do Computador. Deve ser por isso que ele está lento. No CCleaner, vá na guia Ferramentas >> Programas iniciados com o Windows. Clique em DESABILITAR e desabilite as entradas que marquei em vermelho acima. Seu computador deve acelerar. Recomendo que também faça as limpezas já citadas nesse tópico com o CCleaner e que desfragmente & otimize seu pc com o Auslogics Disk Defrag. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Manain 0 Denunciar post Postado Março 5, 2011 Ok, funcionou obrigado. Manain Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Março 10, 2011 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
