Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

Entre para seguir isso  
Seguidores 0
aninhatrl

virus think point

2 posts neste tópico

Oi,

Eu estava com o virus think point no meu computador, aí li os tópicos a respeito e usei o combofix, porem ele fez toda a atualizaçao e aparentemente não tem mais o virus, pois agora consigo acessar a internet e outros programas que estavam bloqueados. Mas preciso de uma análise do log, pois sou leiga nesse assunto. Como faço?

Agradeço desde já.

ComboFix 10-11-29.05 - iarh 30/11/2010 10:53:42.1.4 - x86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1015.460 [GMT -2:00]

Executando de: c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\ComboFix.exe

AV: avast! antivírus *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\autorun.inf

c:\documents and settings\iarh\Dados de aplicativos\completescan

c:\documents and settings\iarh\Dados de aplicativos\hotfix.exe

c:\documents and settings\iarh\Dados de aplicativos\install

c:\Windows\system32\sshnas21.dll

D:\autorun.inf

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_SSHNAS

-------\Service_SSHNAS

(((((((((((((((( Arquivos/Ficheiros criados de 2010-10-28 to 2010-11-30 ))))))))))))))))))))))))))))

.

2010-11-30 12:40 . 2010-11-30 12:34 3982557 ----a-r- c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\ComboFix.exe

2010-11-30 11:05 . 2010-11-30 11:05 178176 ----a-w- c:\Windows\Wpujaa.exe

2010-11-16 13:07 . 2010-11-16 13:07 -------- d-----w- c:\arquivos de programas\ABSVD

2010-11-13 12:12 . 2010-11-13 12:13 -------- d-----w- c:\Windows\ShellNew

2010-11-13 10:10 . 2010-11-13 10:10 -------- d-----w- c:\documents and settings\iarh\Configurações locais\Dados de aplicativos\Identities

2010-11-12 13:58 . 2010-11-12 13:58 -------- d-----w- c:\documents and settings\iarh\Dados de aplicativos\Thinstall

2010-11-12 10:47 . 2007-03-31 10:04 129165278 ----a-w- c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\CorelDRAW.exe

2010-11-06 13:37 . 2010-11-06 13:37 103864 ----a-w- c:\arquivos de programas\Mozilla Firefox\plugins\nppdf32.dll

2010-11-06 13:37 . 2010-11-06 13:37 103864 ----a-w- c:\arquivos de programas\Internet Explorer\PLUGINS\nppdf32.dll

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-25 11:02 . 2010-09-06 19:52 45472 ----a-w- c:\Windows\system32\drivers\gbpkm.sys

.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asyncmac.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\asyncmac.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\asyncmac.sys

[-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\Windows\system32\dllcache\beep.sys

[-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\Windows\system32\drivers\beep.sys

[-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\kbdclass.sys

[-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ndis.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ndis.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntfs.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ntfs.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ntfs.sys

[-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\Windows\system32\dllcache\null.sys

[-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\Windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\Windows\system32\dllcache\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\Windows\system32\drivers\tcpip.sys

[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\Windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\tcpip.sys

[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB951748$\tcpip.sys

[-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\browser.dll

[-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\Windows\system32\browser.dll

[-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\browser.dll

[-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\lsass.exe

[-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\Windows\system32\lsass.exe

[-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\netman.dll

[-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\Windows\system32\netman.dll

[-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\netman.dll

[-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\qmgr.dll

[-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\Windows\system32\qmgr.dll

[-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\Windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . B5AE6227853C4B6A723567A8DEF68F03 . 401408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll

[-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\Windows\system32\rpcss.dll

[-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\Windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . CB6BBDCCC9F7984E2CA6CA5842746635 . 401408 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll

[-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\rpcss.dll

[-] 2004-08-04 . 7461E79FD81D467A03CD35091D384D2B . 395776 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\rpcss.dll

[-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\services.exe

[-] 2009-02-09 . 38867483E0CB504BB8F277E05729881E . 111104 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\services.exe

[-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\Windows\system32\services.exe

[-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\Windows\system32\dllcache\services.exe

[-] 2009-02-09 . E64296F1D45C776FAC6EE8F89EF3C303 . 111104 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\services.exe

[-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\services.exe

[-] 2004-08-04 . CC73C4430C2FC27FDE16A0A4E3678148 . 108544 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\spoolsv.exe

[-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\Windows\system32\spoolsv.exe

[-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\spoolsv.exe

[-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\winlogon.exe

[-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\Windows\system32\winlogon.exe

[-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\winlogon.exe

[-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\comctl32.dll

[-] 2008-04-14 . 3356DF9145BC1AD45B43C528F9F7527C . 1054208 . . [6.0] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asms\60\msft\Windows\common\controls\comctl32.dll

[-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\Windows\system32\comctl32.dll

[-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\Windows\system32\dllcache\comctl32.dll

[-] 2004-08-04 . 3680CF24C64348BFDC89E290790398E7 . 1050624 . . [6.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[-] 2001-10-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\cryptsvc.dll

[-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\Windows\system32\cryptsvc.dll

[-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\Windows\system32\es.dll

[-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\Windows\system32\dllcache\es.dll

[-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\Windows\$hf_mig$\KB950974\SP3GDR\es.dll

[-] 2008-07-07 20:25 . 58586EB44E6FD9A711943647C8451741 . 253952 . . [2001.12.4414.706] . . c:\Windows\$hf_mig$\KB950974\SP3QFE\es.dll

[-] 2008-07-07 20:18 . 788A6C475F332290217C33921623CF48 . 253952 . . [2001.12.4414.320] . . c:\Windows\$hf_mig$\KB950974\SP2QFE\es.dll

[-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\es.dll

[-] 2004-08-04 03:45 . 74C397E17E946D61012C301186C84124 . 243200 . . [2001.12.4414.258] . . c:\Windows\$NtUninstallKB950974$\es.dll

[-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\imm32.dll

[-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\Windows\system32\imm32.dll

[-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\Windows\system32\kernel32.dll

[-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\Windows\system32\dllcache\kernel32.dll

[-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\Windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll

[-] 2009-03-21 . 03DA51CE83B0D693A10C91B139BBD221 . 1030656 . . [5.1.2600.5781] . . c:\Windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[-] 2009-03-21 . 424919C0378FD828E0FE4683B480BE9B . 1028096 . . [5.1.2600.3541] . . c:\Windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll

[-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\kernel32.dll

[-] 2004-08-04 . AD72A244955E89EBBB8FABF02F8041C6 . 1022464 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB959426$\kernel32.dll

[-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\linkinfo.dll

[-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\linkinfo.dll

[-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\linkinfo.dll

[-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\lpk.dll

[-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\Windows\system32\lpk.dll

[-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\lpk.dll

[-] 2010-04-16 . 434769906DF2EAAECE48E9D8AC39A6C2 . 3094016 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll

[-] 2010-04-16 . 323D7959E60C22A0603A4960E36EBEE4 . 3094528 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll

[-] 2010-04-16 . 65DFAA6586101DBD31102AEE98C83159 . 3086336 . . [6.00.2900.3698] . . c:\Windows\system32\mshtml.dll

[-] 2010-04-16 . 65DFAA6586101DBD31102AEE98C83159 . 3086336 . . [6.00.2900.3698] . . c:\Windows\system32\dllcache\mshtml.dll

[-] 2010-04-16 . F2C502DFB5CCC3002854B8F809E9E269 . 3094016 . . [6.00.2900.3698] . . c:\Windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll

[-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mshtml.dll

[-] 2004-08-04 . 2D36439FE3C0FBD30F5ABD8FDBAA31B5 . 3003392 . . [6.00.2900.2180] . . c:\Windows\$NtUninstallKB982381$\mshtml.dll

[-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\msvcrt.dll

[-] 2008-04-14 . 25E2B1C5D3CE1EC3517C755A1FCD3B0E . 343040 . . [7.0.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asms\70\msft\Windows\mswincrt\msvcrt.dll

[-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\Windows\system32\msvcrt.dll

[-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\Windows\system32\dllcache\msvcrt.dll

[-] 2004-08-04 . B7BDD03E2D7422CE226DA4029CE8C13C . 343040 . . [7.0.2600.2180] . . c:\Windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

[-] 2001-10-28 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\Windows\system32\mswsock.dll

[-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\Windows\system32\dllcache\mswsock.dll

[-] 2008-06-20 . E8C71AECFD3B76407430A22C9EB371FF . 247808 . . [5.1.2600.3394] . . c:\Windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mswsock.dll

[-] 2004-08-04 . DB19E9D916B10319A17572B3E7E63FAC . 247808 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB951748$\mswsock.dll

[-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\netlogon.dll

[-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\Windows\system32\netlogon.dll

[-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\netlogon.dll

[-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\powrprof.dll

[-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\Windows\system32\powrprof.dll

[-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\scecli.dll

[-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\Windows\system32\scecli.dll

[-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\sfc.dll

[-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\Windows\system32\sfc.dll

[-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\svchost.exe

[-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\svchost.exe

[-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\tapisrv.dll

[-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\Windows\system32\tapisrv.dll

[-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\tapisrv.dll

[-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\user32.dll

[-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\Windows\system32\user32.dll

[-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\user32.dll

[-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\userinit.exe

[-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\Windows\system32\userinit.exe

[-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\userinit.exe

[-] 2010-04-16 . 64CB96D9C7F4ACBD1CFC6952885353AD . 669184 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3GDR\wininet.dll

[-] 2010-04-16 . 354E4C3993B9B841828EB1F5231EE30C . 670720 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3QFE\wininet.dll

[-] 2010-04-16 . 2057F34641A97E76BAB5618AA8B7BC40 . 664064 . . [6.00.2900.3698] . . c:\Windows\system32\wininet.dll

[-] 2010-04-16 . 2057F34641A97E76BAB5618AA8B7BC40 . 664064 . . [6.00.2900.3698] . . c:\Windows\system32\dllcache\wininet.dll

[-] 2010-04-16 . 3A9839645E1935CF024010556EFBFF6B . 670720 . . [6.00.2900.3698] . . c:\Windows\$hf_mig$\KB982381\SP2QFE\wininet.dll

[-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\wininet.dll

[-] 2004-08-04 . 398A619CE60090303042D1F8CC68F712 . 658432 . . [6.00.2900.2180] . . c:\Windows\$NtUninstallKB982381$\wininet.dll

[-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ws2_32.dll

[-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\Windows\system32\ws2_32.dll

[-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ws2help.dll

[-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\Windows\system32\ws2help.dll

[-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ws2help.dll

[-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\explorer.exe

[-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\Windows\explorer.exe

[-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\explorer.exe

[-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ole32.dll

[-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\Windows\system32\ole32.dll

[-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ole32.dll

[-] 2008-04-14 . A380011155FA92E1B374D9EA7FFA20CD . 406016 . . [1.0420.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\usp10.dll

[-] 2004-08-04 . 96405954A94A3890670D2648FBF22CC8 . 406528 . . [1.0420.2600.2180] . . c:\Windows\system32\usp10.dll

[-] 2004-08-04 . 96405954A94A3890670D2648FBF22CC8 . 406528 . . [1.0420.2600.2180] . . c:\Windows\system32\dllcache\usp10.dll

[-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\srsvc.dll

[-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\Windows\system32\srsvc.dll

[-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\srsvc.dll

[-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\wscntfy.exe

[-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\Windows\system32\wscntfy.exe

[-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\xmlprov.dll

[-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\Windows\system32\xmlprov.dll

[-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\eventlog.dll

[-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\Windows\system32\eventlog.dll

[-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\eventlog.dll

[-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\sfcfiles.dll

[-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\Windows\system32\sfcfiles.dll

[-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ctfmon.exe

[-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\Windows\system32\ctfmon.exe

[-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\shsvcs.dll

[-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\Windows\system32\shsvcs.dll

[-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\shsvcs.dll

[-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\regsvc.dll

[-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\Windows\system32\regsvc.dll

[-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\schedsvc.dll

[-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\Windows\system32\schedsvc.dll

[-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ssdpsrv.dll

[-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\Windows\system32\ssdpsrv.dll

[-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\termsrv.dll

[-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\Windows\system32\termsrv.dll

[-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\termsrv.dll

[-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\appmgmts.dll

[-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\Windows\system32\appmgmts.dll

[-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\appmgmts.dll

[-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\Windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\aec.sys

[-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\Windows\system32\dllcache\aec.sys

[-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\Windows\system32\drivers\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ip6fw.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ip6fw.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mfc40u.dll

[-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\Windows\system32\mfc40u.dll

[-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\Windows\system32\dllcache\mfc40u.dll

[-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\msgsvc.dll

[-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\Windows\system32\msgsvc.dll

[-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\msgsvc.dll

[-] 2008-04-14 02:20 . 60103CA5992F18B1EEF8D4511318C4B3 . 52736 . . [9.0.1.56] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mspmsnsv.dll

[-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\Windows\system32\mspmsnsv.dll

[-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\Windows\system32\dllcache\mspmsnsv.dll

[-] 2010-02-17 . E82629C3A6FA6BD524A91A68E430C461 . 2067968 . . [5.1.2600.3670] . . c:\Windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe

[-] 2010-02-16 . 87D05BF79B9BF6352B0C13CC8020037B . 2062592 . . [5.1.2600.3670] . . c:\Windows\Driver Cache\i386\ntkrnlpa.exe

[-] 2010-02-16 . 87D05BF79B9BF6352B0C13CC8020037B . 2062592 . . [5.1.2600.3670] . . c:\Windows\system32\dllcache\ntkrnlpa.exe

[-] 2010-02-16 . FC992F26DA531CB100319A4103F05C7D . 2020864 . . [5.1.2600.3670] . . c:\Windows\system32\ntkrnlpa.exe

[-] 2010-02-16 . 1F54DE75A9C8EC46E9FB53C1890C9ED3 . 2071040 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe

[-] 2010-02-16 . E94AC126E7ADFD40DC4E38D2E91236D8 . 2071168 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[-] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe

[-] 2009-02-09 . 22557C1B42929B1C5A0A42541C668D5A . 2019840 . . [5.1.2600.3520] . . c:\Windows\$NtUninstallKB979683$\ntkrnlpa.exe

[-] 2009-02-09 . 9CFC9992BF7C7AFE6FF7E5DE76D74A5F . 2067200 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe

[-] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[-] 2008-04-14 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntkrnlpa.exe

[-] 2004-08-04 . 31DFE96B6B6FA4C9CA098CEAF21B29A5 . 2019328 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\ntkrnlpa.exe

[-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntmssvc.dll

[-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\Windows\system32\ntmssvc.dll

[-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\Windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\upnphost.dll

[-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\Windows\system32\upnphost.dll

[-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\upnphost.dll

[-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\dsound.dll

[-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\Windows\system32\dsound.dll

[-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\Windows\system32\dllcache\dsound.dll

[-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\d3d9.dll

[-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\Windows\system32\d3d9.dll

[-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\Windows\system32\dllcache\d3d9.dll

[-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ddraw.dll

[-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\Windows\system32\ddraw.dll

[-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\Windows\system32\dllcache\ddraw.dll

[-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\olepro32.dll

[-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\Windows\system32\olepro32.dll

[-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\olepro32.dll

[-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\perfctrs.dll

[-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\Windows\system32\perfctrs.dll

[-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\perfctrs.dll

[-] 2008-04-14 . 5383E4C03D7AAE01AA653E756CF20D2E . 18944 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\version.dll

[-] 2004-08-04 . EDF655E907022DF8006221DFF1C2439A . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\version.dll

[-] 2004-08-04 . EDF655E907022DF8006221DFF1C2439A . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\version.dll

[-] 2008-04-14 . 04CABAD69BE78EB9C03CD4346D776DA5 . 93184 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\iexplore.exe

[-] 2004-08-04 . 69E3202DCB3F4C432262100A2175BDD5 . 93184 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\iexplore.exe

[-] 2010-02-17 . 124F4EC97A7683D1A67B3AECFE258ABD . 2194176 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe

[-] 2010-02-16 . E3AB5BB31F1E60E3E1E6121A85CBE281 . 2185600 . . [5.1.2600.3670] . . c:\Windows\Driver Cache\i386\ntoskrnl.exe

[-] 2010-02-16 . 0821020298A361B905343CE80B5BE2A3 . 2141184 . . [5.1.2600.3670] . . c:\Windows\system32\ntoskrnl.exe

[-] 2010-02-16 . E3AB5BB31F1E60E3E1E6121A85CBE281 . 2185600 . . [5.1.2600.3670] . . c:\Windows\system32\dllcache\ntoskrnl.exe

[-] 2010-02-16 . BB99D86301E766593A9E7398B942DC89 . 2191104 . . [5.1.2600.3670] . . c:\Windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe

[-] 2010-02-16 . 8A47EB27E99109826F8A54BB64BE8131 . 2194304 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[-] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[-] 2009-02-09 . 514F2B2055B58556ACCFEE763E14D78F . 2140160 . . [5.1.2600.3520] . . c:\Windows\$NtUninstallKB979683$\ntoskrnl.exe

[-] 2009-02-09 . AF8A3B4150C87E692E5CD27836BFA83D . 2190336 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe

[-] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe

[-] 2008-04-14 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntoskrnl.exe

[-] 2004-08-04 . 91448D27F6DFAF50DD1D5FD3D8C1F3BD . 2152448 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\ntoskrnl.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\Windows\system32\igfxtray.exe" [2008-02-15 135168]

"HotKeysCmds"="c:\Windows\system32\hkcmd.exe" [2008-02-15 159744]

"Persistence"="c:\Windows\system32\igfxpers.exe" [2008-02-15 131072]

"HDAudDeck"="c:\arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-09-25 33517568]

"avast5"="c:\arquiv~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-19 2743104]

"HPUsageTracking"="c:\arquivos de programas\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Microsoft Office.lnk - c:\arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows nt\currentversion\winlogon\notify\ GbPluginBb]

2010-10-25 10:59 342816 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-21 02:07 932288 ----a-r- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 17:40 155648 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Documents and Settings\\iarh\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Windows\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"=

"c:\\Windows\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=

R0 GbpKm;Gbp KernelMode;c:\Windows\system32\drivers\gbpkm.sys [6/9/2010 17:52 45472]

R1 aswSP;aswSP;c:\Windows\system32\drivers\aswSP.sys [20/1/2010 10:59 162640]

R2 aswFsBlk;aswFsBlk;c:\Windows\system32\drivers\aswFsBlk.sys [20/1/2010 10:59 19024]

R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [6/9/2010 17:52 55072]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\Windows\system32\drivers\viahduaa.sys [20/1/2010 10:55 874880]

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-11-30 c:\Windows\Tasks\OGALogon.job

- c:\Windows\system32\OGAEXEC.exe [2009-08-03 17:07]

2010-11-30 c:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

- c:\Windows\Wpujaa.exe [2010-11-30 11:05]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000

DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

FF - ProfilePath - c:\documents and settings\iarh\Dados de aplicativos\Mozilla\Firefox\Profiles\aoy49wgr.default\

FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-11-30 10:59

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HDAudDeck = c:\arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????????????

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(540)

c:\arquivos de programas\GbPlugin\gbieh.dll

- - - - - - - > 'explorer.exe'(3972)

c:\arquivos de programas\GbPlugin\gbieh.dll

c:\arquivos de programas\Scpad\scpLIB.dll

c:\arquivos de programas\Scpad\scpMIB.dll

c:\arquivos de programas\Scpad\sshib.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

c:\Windows\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE

c:\Windows\system32\wscntfy.exe

c:\Windows\system32\igfxsrvc.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-11-30 11:03:06 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-11-30 13:03

Pré-execução: 8 pasta(s) 98.021.113.856 bytes disponíveis

Pós execução: 9 pasta(s) 98.575.945.728 bytes disponíveis

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\Windows

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\Windows="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 337B0674097D7FA40300FF4B3D5FC215

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Malwarebytes' Anti-Malware (MBAM) ou aqui.

Salve ou imprima estas instruções:

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.

Se houver atualizações a serem feitas, serão baixadas e instaladas.

Ao final da atualização, com o programa aberto, marque Verificação Rápida e clique no botão Verificar.

Começará então o exame. Aguarde, pois pode demorar.

Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.

Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.

Ao final da desinfecção, abrirá o Bloco de notas com um Log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)

O Log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do Programa.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar

Selecione, copie e cole o conteúdo do Log do MBAM na sua próxima resposta + um novo Log do HijackThis .



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Responda via Facebook

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.