Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» Sophos Virus Removal Tool ( ... by Sophos.com )
Dom Maio 21, 2017 4:44 pm por joram

» 9-Lab Malware Removal Tool ( ... by 9-lab.com )
Sab Dez 31, 2016 4:24 am por joram

» SFCFix ( ... de niemiro )
Sab Dez 24, 2016 9:29 am por joram

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

Maio 2017

SegTerQuaQuiSexSabDom
1234567
891011121314
15161718192021
22232425262728
293031    

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Log para analise pc muito lento.

    Compartilhe
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Log para analise pc muito lento.

    Mensagem por Edvan em Qua Jul 03, 2013 3:47 pm

    Após passar todas essas ferramentas abaixo, aqui está o log [Você precisa estar registrado e conectado para ver este link.]

    # AdwCleaner v2.303 - Relatório criado em 03/07/2013 às 10:33:11
    # Atualizado em 08/06/2013 por Xplode
    # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
    # Usuário : f003272 - FUN0116
    # Modo de Boot : Normal
    # Executado de : C:\Documents and Settings\f003272\Configurações locais\Temporary Internet Files\Content.IE5\GV9VM6M9\adwcleaner[1].exe
    # Opção [Remover]


    ***** [Serviços] *****

    Encerrado & Removido : BrowserDefendert

    ***** [Arquivos/Pastas] *****

    Arquivo Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\bprotector_extensions.sqlite
    Arquivo Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\bprotector_prefs.js
    Arquivo Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\searchplugins\Askcom.xml
    Arquivo Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\searchplugins\Babylon.xml
    Arquivo Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\searchplugins\delta.xml
    Arquivo Removido : C:\WINDOWS\Tasks\EPUpdater.job
    Arquivo Removido : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    Pasta Removido : C:\Arquivos de programas\Ask.com
    Pasta Removido : C:\Arquivos de programas\DealPly
    Pasta Removido : C:\Arquivos de programas\Delta
    Pasta Removido : C:\Arquivos de programas\FindLyrics
    Pasta Removido : C:\Arquivos de programas\Show-Lyrics
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Ask
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Babylon
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\BrowserDefender
    Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
    Pasta Removido : C:\Documents and Settings\f003272\Configurações locais\Dados de aplicativos\AskToolbar
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\BabSolution
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Babylon
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\DealPly
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Delta
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\ffxtlbr@delta.com
    Pasta Removido : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com
    Pasta Removido : C:\Documents and Settings\f003272\Menu Iniciar\Programas\BrowserDefender
    Pasta Removido : C:\Documents and Settings\f003272\Menu Iniciar\Programas\DealPly
    Pasta Removido : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    ***** [Registro] *****

    Chave Removida : HKCU\Software\8558fd9b73beb14
    Chave Removida : HKCU\Software\APN
    Chave Removida : HKCU\Software\Ask.com
    Chave Removida : HKCU\Software\AskToolbar
    Chave Removida : HKCU\Software\BabSolution
    Chave Removida : HKCU\Software\DealPly
    Chave Removida : HKCU\Software\Delta
    Chave Removida : HKCU\Software\delta LTD
    Chave Removida : HKCU\Software\InstallCore
    Chave Removida : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90609D82-77C3-4391-8915-CF5638CF4605}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90609D82-77C3-4391-8915-CF5638CF4605}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Chave Removida : HKCU\Software\YahooPartnerToolbar
    Chave Removida : HKLM\SOFTWARE\8558fd9b73beb14
    Chave Removida : HKLM\Software\APN
    Chave Removida : HKLM\Software\AskToolbar
    Chave Removida : HKLM\Software\BabylonToolbar
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Chave Removida : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaappCore
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltadskBnd
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaHlpr
    Chave Removida : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
    Chave Removida : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Chave Removida : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Chave Removida : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
    Chave Removida : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
    Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Chave Removida : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Chave Removida : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Chave Removida : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Chave Removida : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Chave Removida : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
    Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Chave Removida : HKLM\Software\DealPly
    Chave Removida : HKLM\Software\Delta
    Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
    Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
    Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\findlyrics@findlyrics.co
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
    Chave Removida : HKLM\Software\Tarma Installer
    Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
    Valor Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
    Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Removida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
    Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

    ***** [Navegadores] *****

    -\\ Internet Explorer v8.0.6001.18702

    Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = [Você precisa estar registrado e conectado para ver este link.] --> [Você precisa estar registrado e conectado para ver este link.]
    Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = [Você precisa estar registrado e conectado para ver este link.] --> [Você precisa estar registrado e conectado para ver este link.]

    -\\ Mozilla Firefox v12.0 (pt-BR)

    Arquivo : C:\Documents and Settings\f003564\Dados de aplicativos\Mozilla\Firefox\Profiles\i4ye2mco.default\prefs.js

    [OK] Arquivo está limpo.

    Arquivo : C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\prefs.js

    C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\user.js ... Removido !

    Removida : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=CCA0001D7DE18B07&a[...]
    Removida : user_pref("browser.search.defaultengine", "Ask.com");
    Removida : user_pref("browser.search.order.1", "Ask.com");
    Removida : user_pref("browser.search.selectedEngine", "Delta Search");
    Removida : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
    Removida : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
    Removida : user_pref("extensions.asktb.cbid", "^U3");
    Removida : user_pref("extensions.asktb.config-updated", false);
    Removida : user_pref("extensions.asktb.crumb", "2013.06.13+10.07.44-toolbar018iad-BR-U2FvIFBhdWxvLEJyYXppbA%3D%[...]
    Removida : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://br.ask.com/web?q={query}&qsrc={qsrc}&[...]
    Removida : user_pref("extensions.asktb.displaybehavior", "");
    Removida : user_pref("extensions.asktb.displaytext", "");
    Removida : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^BR");
    Removida : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
    Removida : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "BRXX0232");
    Removida : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
    Removida : user_pref("extensions.asktb.ff-original-keyword-url", "");
    Removida : user_pref("extensions.asktb.ff19-config-first-run", "true");
    Removida : user_pref("extensions.asktb.fresh-install", false);
    Removida : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
    Removida : user_pref("extensions.asktb.keyword-toggled-in-session", false);
    Removida : user_pref("extensions.asktb.l", "dis");
    Removida : user_pref("extensions.asktb.last-config-req", "1372764804606");
    Removida : user_pref("extensions.asktb.locale", "pt_BR");
    Removida : user_pref("extensions.asktb.location", "Sao Paulo,Brazil");
    Removida : user_pref("extensions.asktb.lstation", "");
    Removida : user_pref("extensions.asktb.new-tab-opt-out", true);
    Removida : user_pref("extensions.asktb.news-native-on", true);
    Removida : user_pref("extensions.asktb.o", "100000027");
    Removida : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Removida : user_pref("extensions.asktb.pstate", "");
    Removida : user_pref("extensions.asktb.qsrc", "2871");
    Removida : user_pref("extensions.asktb.r", "20");
    Removida : user_pref("extensions.asktb.search-suggestions-enabled", true);
    Removida : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
    Removida : user_pref("extensions.asktb.slwo", "1");
    Removida : user_pref("extensions.asktb.socialmini-first", true);
    Removida : user_pref("extensions.asktb.socialmini-interval", "1200000");
    Removida : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
    Removida : user_pref("extensions.asktb.socialmini-max-items", "30");
    Removida : user_pref("extensions.asktb.socialmini-native-on", true);
    Removida : user_pref("extensions.asktb.socialmini-speed", "10000");
    Removida : user_pref("extensions.asktb.socialmini-transition-first-open", false);
    Removida : user_pref("extensions.asktb.to", "");
    Removida : user_pref("extensions.asktb.v", "3.15.23.100013");
    Removida : user_pref("extensions.asktb.volume", "");
    Removida : user_pref("extensions.delta.admin", false);
    Removida : user_pref("extensions.delta.aflt", "babsst");
    Removida : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
    Removida : user_pref("extensions.delta.autoRvrt", "false");
    Removida : user_pref("extensions.delta.bbDpng", "2");
    Removida : user_pref("extensions.delta.cntry", "BR");
    Removida : user_pref("extensions.delta.dfltLng", "pt");
    Removida : user_pref("extensions.delta.excTlbr", false);
    Removida : user_pref("extensions.delta.ffxUnstlRst", true);
    Removida : user_pref("extensions.delta.hdrMd5", "DBA19D3DF7E0D5567DD836FE98E3FF61");
    Removida : user_pref("extensions.delta.id", "cca0377e000000000000001d7de18b07");
    Removida : user_pref("extensions.delta.instlDay", "15887");
    Removida : user_pref("extensions.delta.instlRef", "sst");
    Removida : user_pref("extensions.delta.lastVrsnTs", "1.8.21.516:52:27");
    Removida : user_pref("extensions.delta.newTab", false);
    Removida : user_pref("extensions.delta.prdct", "delta");
    Removida : user_pref("extensions.delta.prtnrId", "delta");
    Removida : user_pref("extensions.delta.rvrt", "false");
    Removida : user_pref("extensions.delta.sg", "azb");
    Removida : user_pref("extensions.delta.smplGrp", "azb");
    Removida : user_pref("extensions.delta.tlbrId", "base");
    Removida : user_pref("extensions.delta.tlbrSrchUrl", "");
    Removida : user_pref("extensions.delta.vrsn", "1.8.21.5");
    Removida : user_pref("extensions.delta.vrsnTs", "1.8.21.516:52:27");
    Removida : user_pref("extensions.delta.vrsni", "1.8.21.5");
    Removida : user_pref("extensions.delta_i.babExt", "");
    Removida : user_pref("extensions.delta_i.babTrack", "affID=121225&tsp=4930");
    Removida : user_pref("extensions.delta_i.srcExt", "ss");
    Removida : user_pref("extensions.enabledAddons", "wrc@avast.com:8.0.1483,{87F8774F-B485-47E2-A755-A40A8A5E886C}[...]

    *************************

    AdwCleaner[S1].txt - [20806 octets] - [03/07/2013 10:33:11]

    ########## EOF - C:\AdwCleaner[S1].txt - [20867 octets] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.9.4 (05.06.2013:1)
    OS: Microsoft Windows XP x86
    Ran by f003272 on 03/07/2013 at 10:57:34,93
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D14C0603-1668-4423-8849-993F33B09CF0}



    ~~~ Files

    Successfully deleted: [File] C:\WINDOWS\prefetch\APNSTUB.EXE-044AB07B.pf
    Successfully deleted: [File] C:\WINDOWS\prefetch\APNTOOLBARINSTALLER.EXE-305C80C9.pf



    ~~~ Folders





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 03/07/2013 at 11:01:45,92
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Log para analise pc muito lento.

    Mensagem por Edvan em Qua Jul 03, 2013 3:49 pm

    P>S: Continuação pôs não coube na primeira pagina:

    ComboFix 13-07-02.03 - f003272 03/07/2013  11:28:54.1.2 - x86
    Microsoft Windows XP Professional  5.1.2600.3.1252.55.1046.18.1015.547 [GMT -3:00]
    Executando de: c:\documents and settings\f003272\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ADS - system32: deleted 4 bytes in 2 streams.
    ADS - drivers: deleted 310 bytes in 1 streams.
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Dados de aplicativos\TEMP
    c:\documents and settings\All Users\Dados de aplicativos\TEMP\gbplugin_ie_bb_setup.exe
    c:\documents and settings\All Users\Dados de aplicativos\TEMP\gbplugin_mz_bb_setup.xpi
    c:\documents and settings\f003272\Dados de aplicativos\Wplugin.dll
    c:\windows\IsUn0416.exe
    c:\windows\system\chron32.dll
    c:\windows\system32\SET3B.tmp
    c:\windows\system32\SET3F.tmp
    c:\windows\system32\SET47.tmp
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2013-06-03 to 2013-07-03  ))))))))))))))))))))))))))))
    .
    .
    2013-07-03 13:57 . 2013-07-03 13:57 -------- d-----w- c:\windows\ERUNT
    2013-07-03 13:57 . 2013-07-03 13:57 -------- d-----w- C:\JRT
    2013-07-01 19:51 . 2013-07-01 19:51 -------- d-----w- c:\documents and settings\f003272\Configurações locais\Dados de aplicativos\DealPlyLive
    2013-07-01 19:51 . 2013-07-01 19:51 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DealPlyLive
    2013-07-01 19:51 . 2013-07-01 19:51 -------- d-----w- c:\arquivos de programas\DealPlyLive
    2013-07-01 19:51 . 2013-07-01 19:51 -------- d-----w- c:\arquivos de programas\LyricsOn
    2013-06-21 13:42 . 2013-06-21 13:42 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\gas
    2013-06-20 14:03 . 2013-06-20 14:03 -------- d-sh--w- c:\documents and settings\f003272\IECompatCache
    2013-06-13 16:56 . 2013-06-13 16:56 -------- d-----w- c:\documents and settings\f003272\Configurações locais\Dados de aplicativos\Sun
    2013-06-13 16:55 . 2013-06-13 16:55 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
    2013-06-13 16:55 . 2013-06-13 16:55 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-06-13 16:55 . 2013-06-13 16:55 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-07-03 13:41 . 2013-04-04 19:07 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-07-03 13:41 . 2011-06-16 17:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-07-03 13:41 . 2010-05-20 12:44 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2013-06-13 16:55 . 2010-05-24 19:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
    2013-06-13 16:55 . 2010-05-24 12:58 788896 ----a-w- c:\windows\system32\deployJava1.dll
    2013-06-12 13:39 . 2013-05-24 19:40 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-12 13:39 . 2013-05-24 19:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-05-09 08:59 . 2013-04-04 19:07 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-05-09 08:59 . 2010-05-20 12:44 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2013-05-09 08:59 . 2013-04-04 19:07 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-05-09 08:59 . 2010-05-20 12:44 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2013-05-09 08:59 . 2010-05-20 12:44 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2013-05-09 08:58 . 2010-08-19 14:59 41664 ----a-w- c:\windows\avastSS.scr
    2013-05-09 08:58 . 2010-05-20 12:44 229648 ----a-w- c:\windows\system32\aswBoot.exe
    2013-05-08 12:52 . 2010-05-24 13:00 49536 ----a-w- c:\windows\system32\drivers\gbpkm.sys
    2013-06-20 14:04 . 2013-06-20 14:04 97208 ----a-w- c:\arquivos de programas\mozilla firefox\components\browsercomps.dll
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
    [-] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
    [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
    .
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
    [-] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
    .
    [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
    [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
    .
    [-] 2008-04-13 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
    [-] 2008-04-13 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
    [-] 2006-03-02 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
    .
    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
    [-] 2006-03-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
    .
    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
    [-] 2006-03-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
    .
    [-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
    [-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
    .
    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
    [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
    [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
    [-] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
    .
    [-] 2012-07-06 . CA55414844420DD7798AAEFBB58E1439 . 78336 . . [5.1.2600.6260] . . c:\windows\SoftwareDistribution\Download\3b2e6c3ca7043b9b9916c4fb91ccd4f3\sp3gdr\browser.dll
    [-] 2012-07-06 . CA55414844420DD7798AAEFBB58E1439 . 78336 . . [5.1.2600.6260] . . c:\windows\SoftwareDistribution\Download\b8f41f33d2c5da79510877a4acd1b8bf\sp3gdr\browser.dll
    [-] 2012-07-06 . 8684F9EFDFE46A62309C934FC5EC1FB7 . 78336 . . [5.1.2600.6260] . . c:\windows\SoftwareDistribution\Download\3b2e6c3ca7043b9b9916c4fb91ccd4f3\sp3qfe\browser.dll
    [-] 2012-07-06 . 8684F9EFDFE46A62309C934FC5EC1FB7 . 78336 . . [5.1.2600.6260] . . c:\windows\SoftwareDistribution\Download\b8f41f33d2c5da79510877a4acd1b8bf\sp3qfe\browser.dll
    [-] 2008-04-13 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
    [-] 2008-04-13 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
    [-] 2006-03-02 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
    .
    [-] 2008-04-13 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
    [-] 2008-04-13 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
    [-] 2006-03-02 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
    .
    [-] 2008-04-13 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
    [-] 2008-04-13 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
    [-] 2006-03-02 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
    .
    [-] 2008-04-13 22:20 . D3F8E8DBE93A80440CAC78B305B40A67 . 821760 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
    [-] 2008-04-13 22:20 . D3F8E8DBE93A80440CAC78B305B40A67 . 821760 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
    [-] 2006-03-02 12:00 . FB93B504600DA3EC407ED0252EEF97AB . 821760 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
    .
    [-] 2008-04-13 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
    [-] 2008-04-13 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
    [-] 2008-04-13 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
    [-] 2006-03-02 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
    .
    [-] 2008-04-13 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
    [-] 2008-04-13 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
    [-] 2006-03-02 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
    .
    [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
    [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
    [-] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
    .
    [-] 2008-04-13 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
    [-] 2008-04-13 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
    [-] 2006-03-02 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
    .
    [-] 2008-04-13 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
    [-] 2008-04-13 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
    [-] 2006-03-02 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
    .
    [-] 2008-04-13 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
    [-] 2008-04-13 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
    [-] 2006-03-02 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
    .
    [-] 2008-04-13 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
    [-] 2008-04-13 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
    [-] 2006-03-02 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
    .
    [-] 2008-04-13 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
    [-] 2008-04-13 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
    [-] 2008-04-13 . 25E2B1C5D3CE1EC3517C755A1FCD3B0E . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
    [-] 2006-03-02 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
    [-] 2006-03-02 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
    [-] 2006-03-02 . B7BDD03E2D7422CE226DA4029CE8C13C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
    .
    [-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
    [-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
    [-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    [-] 2008-06-20 . 070E2A3C3F8715C806BCACF1AB0E47F4 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
    [-] 2008-06-20 . 070E2A3C3F8715C806BCACF1AB0E47F4 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
    [-] 2008-04-13 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
    [-] 2008-04-13 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
    [-] 2006-03-02 . DB19E9D916B10319A17572B3E7E63FAC . 247808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
    .
    [-] 2008-04-13 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
    [-] 2008-04-13 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
    [-] 2006-03-02 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
    .
    [-] 2008-04-13 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
    [-] 2008-04-13 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
    [-] 2006-03-02 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
    .
    [-] 2008-04-13 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
    [-] 2008-04-13 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
    [-] 2006-03-02 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
    .
    [-] 2008-04-13 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
    [-] 2008-04-13 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
    [-] 2006-03-02 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
    .
    [-] 2008-04-13 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
    [-] 2008-04-13 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
    [-] 2006-03-02 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
    .
    [-] 2008-04-13 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
    [-] 2008-04-13 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
    [-] 2006-03-02 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
    .
    [-] 2008-04-13 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
    [-] 2008-04-13 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
    [-] 2006-03-02 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
    .
    [-] 2008-04-13 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
    [-] 2008-04-13 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
    [-] 2006-03-02 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
    .
    [-] 2008-04-13 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2008-04-13 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
    [-] 2006-03-02 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
    .
    [-] 2008-04-13 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
    [-] 2008-04-13 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
    [-] 2006-03-02 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
    .
    [-] 2008-04-13 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\explorer.exe
    [-] 2008-04-13 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
    [-] 2006-03-02 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
    .
    [-] 2008-04-13 . B01DFF9DDE3A5155D7121BF813AC6DB0 . 150528 . . [5.1.2600.5512] . . c:\windows\regedit.exe
    [-] 2008-04-13 . B01DFF9DDE3A5155D7121BF813AC6DB0 . 150528 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
    [-] 2006-03-02 . 60710F6AA52D335F7A3560703E597F6A . 150528 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
    .
    [-] 2008-04-13 . 9B1CCC2EB2E18985A9153A983E335AAF . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
    [-] 2008-04-13 . 9B1CCC2EB2E18985A9153A983E335AAF . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
    [-] 2004-08-04 . 46B1E1944FB3BE789A9A1F6A9FBC8A1C . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
    .
    [-] 2008-04-13 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
    [-] 2008-04-13 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
    [-] 2006-03-02 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
    .
    [-] 2009-07-27 . B2EC6D6CC31ABF1862801DFBD1C7219E . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
    [-] 2009-07-27 . B2EC6D6CC31ABF1862801DFBD1C7219E . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
    [-] 2009-07-27 . 49E3691B7B320381D264D3D9950620AE . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
    [-] 2008-04-13 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
    [-] 2008-04-13 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
    [-] 2006-03-02 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
    .
    [-] 2008-04-13 . CB379439A2D0139E765B47D54B12F14B . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
    [-] 2008-04-13 . CB379439A2D0139E765B47D54B12F14B . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
    [-] 2006-03-02 . 00EA09445F06EBDC9D499E989F12B7DA . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
    .
    [-] 2008-04-13 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-13 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
    [-] 2006-03-02 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
    .
    [-] 2008-04-13 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
    [-] 2008-04-13 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
    [-] 2006-03-02 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
    .
    [-] 2008-04-13 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
    [-] 2008-04-13 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
    [-] 2006-03-02 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
    .
    [-] 2010-12-09 . 8862374ABB9C3B74C4CAF27BC5E4CE25 . 734208 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
    [-] 2010-12-09 . B7F4168A13D253DDACB9C04A9434857C . 734208 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
    [-] 2010-12-09 . B7F4168A13D253DDACB9C04A9434857C . 734208 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
    [7] 2009-02-09 . 57BAAF8C6BE977FD376863A9FF7C6207 . 731136 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
    [-] 2008-04-13 . EC6F999F3D32F951B4EA08BDFBC7B705 . 721920 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
    [-] 2008-04-13 . EC6F999F3D32F951B4EA08BDFBC7B705 . 721920 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
    [-] 2006-03-02 . 887F30B21FD68DEA4EEDBBE5E0A2200A . 723968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
    .
    [-] 2009-02-27 . C8C9B4D99521BE8FB60EC2C48B26FAD8 . 177152 . . [5.1.2600.3531] . . c:\windows\SoftwareDistribution\Download\64c67fac8d60394a8797fae1931a5507\SP2GDR\msctfime.ime
    [-] 2009-02-27 . AB17A80ADF50A4F06ADF1F3BC6849325 . 177152 . . [5.1.2600.5768] . . c:\windows\SoftwareDistribution\Download\64c67fac8d60394a8797fae1931a5507\SP3GDR\msctfime.ime
    [-] 2009-02-27 . 1A0FB9CBBB82529A7004CF258D95D612 . 177152 . . [5.1.2600.3531] . . c:\windows\SoftwareDistribution\Download\64c67fac8d60394a8797fae1931a5507\SP2QFE\msctfime.ime
    [-] 2009-02-27 . 07A93C94F7B2709787E0DF3EA72D2712 . 177152 . . [5.1.2600.5768] . . c:\windows\SoftwareDistribution\Download\64c67fac8d60394a8797fae1931a5507\SP3QFE\msctfime.ime
    [-] 2008-04-13 . 609222D86984FC7A48A6AA5CB491D24F . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
    [-] 2008-04-13 . 609222D86984FC7A48A6AA5CB491D24F . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
    [-] 2006-03-02 . 855C0DEB5F89018CE7D2C94FBE2D8406 . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
    .
    [-] 2008-04-13 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
    [-] 2008-04-13 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
    [-] 2006-03-02 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
    .
    [-] 2008-04-13 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
    [-] 2008-04-13 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
    [-] 2006-03-02 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
    .
    [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
    [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
    [-] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
    .
    [-] 2008-04-13 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
    [-] 2008-04-13 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
    [-] 2006-03-02 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
    .
    [-] 2008-04-13 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
    [-] 2008-04-13 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
    [-] 2006-03-02 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
    .
    [-] 2008-04-13 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    [-] 2008-04-13 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
    [-] 2006-03-02 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
    .
    [-] 2008-04-13 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
    [-] 2008-04-13 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
    [-] 2006-03-02 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
    .
    [-] 2008-04-13 . 4059795B00B6B23B7814018D2FBB84FB . 346624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
    [-] 2008-04-13 . 4059795B00B6B23B7814018D2FBB84FB . 346624 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
    [-] 2006-03-02 . 9DBE4E9D0686F1C82A8D4F1210B5F47E . 346624 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
    .
    [-] 2008-04-13 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
    [-] 2008-04-13 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
    [-] 2006-03-02 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
    .
    [-] 2006-03-02 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
    .
    [-] 2008-04-13 12:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
    [-] 2008-04-13 12:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
    [-] 2004-08-04 01:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
    .
    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
    .
    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
    [-] 2006-03-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
    .
    [-] 2008-04-13 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
    [-] 2008-04-13 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
    [-] 2006-03-02 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
    .
    [-] 2009-01-30 23:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\mspmsnsv.dll
    [-] 2009-01-30 23:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\dllcache\mspmsnsv.dll
    [-] 2008-04-13 22:20 . 60103CA5992F18B1EEF8D4511318C4B3 . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
    [-] 2006-03-02 12:00 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
    .
    [-] 2013-05-03 . 4EAFB287B28AC1B8FCDA8665566AA12D . 2074368 . . [5.1.2600.6387] . . c:\windows\SoftwareDistribution\Download\6d9a45db60348d2fb79addb7f7740ef9\sp3qfe\ntkrnlpa.exe
    [-] 2013-03-07 . 1CCAC480216F3C41E690C68E778FAEC2 . 2074240 . . [5.1.2600.6368] . . c:\windows\SoftwareDistribution\Download\08159ac61d9bb7927ce5c0dda07b0ce6\sp3gdr\ntkrnlpa.exe
    [-] 2013-03-07 . DD3479ABD480E008CB479EE3289834CB . 2074240 . . [5.1.2600.6368] . . c:\windows\SoftwareDistribution\Download\08159ac61d9bb7927ce5c0dda07b0ce6\sp3qfe\ntkrnlpa.exe
    [-] 2013-01-07 . D1DD7547F77DDD8198F260129DEAC97A . 2073984 . . [5.1.2600.6335] . . c:\windows\SoftwareDistribution\Download\6445ae5eb02ff7d796f0f58bff4c6cd1\sp3gdr\ntkrnlpa.exe
    [-] 2013-01-07 . 896A9454A823CF70E9C630B4D59D2DD9 . 2073984 . . [5.1.2600.6335] . . c:\windows\SoftwareDistribution\Download\6445ae5eb02ff7d796f0f58bff4c6cd1\sp3qfe\ntkrnlpa.exe
    [-] 2012-08-23 . CAD816C7EB1356983115950A8CB7F31B . 2073856 . . [5.1.2600.6284] . . c:\windows\SoftwareDistribution\Download\7bbbb71bdcc0038f8416258df6a5576d\sp3gdr\ntkrnlpa.exe
    [-] 2012-08-23 . 0DF053F7BEAF42BBF25A4920A5F44B38 . 2073856 . . [5.1.2600.6284] . . c:\windows\SoftwareDistribution\Download\7bbbb71bdcc0038f8416258df6a5576d\sp3qfe\ntkrnlpa.exe
    [-] 2012-05-05 . 38C47712DAAE791801C4CC2EC706324E . 2073344 . . [5.1.2600.6223] . . c:\windows\SoftwareDistribution\Download\94d164140b7473ab1699a9abf26f878b\sp3gdr\ntkrnlpa.exe
    [-] 2012-05-05 . F8216080B1214302018E2E85BB7E9253 . 2073344 . . [5.1.2600.6223] . . c:\windows\SoftwareDistribution\Download\94d164140b7473ab1699a9abf26f878b\sp3qfe\ntkrnlpa.exe
    [-] 2012-04-11 . 24CAB197916E4D03F05C560CA498716D . 2073344 . . [5.1.2600.6206] . . c:\windows\SoftwareDistribution\Download\41ed1c4b2ab0c54b1b5d070069c00ccf\sp3gdr\ntkrnlpa.exe
    [-] 2012-04-11 . 88E045578B063169710362852A77FBD9 . 2073344 . . [5.1.2600.6206] . . c:\windows\SoftwareDistribution\Download\41ed1c4b2ab0c54b1b5d070069c00ccf\sp3qfe\ntkrnlpa.exe
    [-] 2011-10-26 . 9CE47532C9EF5495BAACF6B7FD11D450 . 2073600 . . [5.1.2600.6165] . . c:\windows\SoftwareDistribution\Download\4192119e50c8710fc245dd8b266c0fcc\sp3gdr\ntkrnlpa.exe
    [-] 2011-10-26 . 5D27F916B661EB4644D23FD92EEA31D1 . 2073600 . . [5.1.2600.6165] . . c:\windows\SoftwareDistribution\Download\4192119e50c8710fc245dd8b266c0fcc\sp3qfe\ntkrnlpa.exe
    [-] 2010-12-09 . 0B5A27CABC4518515663F20FFB96AC7A . 2073600 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
    [-] 2010-12-09 . 963F4DDC060A7063CCA6598C83A045C6 . 2031104 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
    [-] 2010-12-09 . A266E1C9E3813DD112E02F4E22AA5042 . 2073600 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
    [-] 2010-12-09 . A266E1C9E3813DD112E02F4E22AA5042 . 2073600 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
    [-] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\86b5c3c27c0785fd65488773795ea324\SP3QFE\ntkrnlpa.exe
    [-] 2010-04-28 . 1E4A43698D5FCEE3776A1487C43D99AB . 2071040 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\86b5c3c27c0785fd65488773795ea324\SP3GDR\ntkrnlpa.exe
    [-] 2010-02-17 . E82629C3A6FA6BD524A91A68E430C461 . 2067968 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP2QFE\ntkrnlpa.exe
    [-] 2010-02-16 . 87D05BF79B9BF6352B0C13CC8020037B . 2062592 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP2GDR\ntkrnlpa.exe
    [-] 2010-02-16 . 1F54DE75A9C8EC46E9FB53C1890C9ED3 . 2071040 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP3GDR\ntkrnlpa.exe
    [-] 2010-02-16 . E94AC126E7ADFD40DC4E38D2E91236D8 . 2071168 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP3QFE\ntkrnlpa.exe
    [7] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
    [-] 2008-04-13 . 763EE1C250EC83EFD11FBF51AC4A6D82 . 2028032 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
    [-] 2008-04-13 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
    [-] 2006-03-02 . 31DFE96B6B6FA4C9CA098CEAF21B29A5 . 2019328 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
    .
    [-] 2008-04-13 22:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
    [-] 2008-04-13 22:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
    [-] 2006-03-02 12:00 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
    .
    [-] 2008-04-13 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
    [-] 2008-04-13 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
    [-] 2006-03-02 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
    .
    [-] 2008-04-13 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
    [-] 2008-04-13 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
    [-] 2006-03-02 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
    .
    [-] 2008-04-13 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
    [-] 2008-04-13 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
    [-] 2006-03-02 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
    .
    [-] 2008-04-13 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
    [-] 2008-04-13 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
    [-] 2006-03-02 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
    .
    [-] 2008-04-13 22:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
    [-] 2008-04-13 22:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
    [-] 2006-03-02 12:00 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
    .
    [-] 2008-04-13 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
    [-] 2008-04-13 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
    [-] 2006-03-02 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
    .
    [-] 2008-04-13 . 5383E4C03D7AAE01AA653E756CF20D2E . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
    [-] 2008-04-13 . 5383E4C03D7AAE01AA653E756CF20D2E . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
    [-] 2006-03-02 . EDF655E907022DF8006221DFF1C2439A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
    .
    [-] 2013-05-03 . 3010F6719F5916A83A3FDB384DC93F88 . 2197760 . . [5.1.2600.6387] . . c:\windows\SoftwareDistribution\Download\6d9a45db60348d2fb79addb7f7740ef9\sp3qfe\ntoskrnl.exe
    [-] 2013-03-07 . BF2B466D539E1988D6F5A558135D140B . 2197632 . . [5.1.2600.6368] . . c:\windows\SoftwareDistribution\Download\08159ac61d9bb7927ce5c0dda07b0ce6\sp3gdr\ntoskrnl.exe
    [-] 2013-03-07 . 9E08DE1EA2356295564E964D71CDEBDD . 2197760 . . [5.1.2600.6368] . . c:\windows\SoftwareDistribution\Download\08159ac61d9bb7927ce5c0dda07b0ce6\sp3qfe\ntoskrnl.exe
    [-] 2013-01-07 . AA0C8384CA7AD77467E2BA421FC8E8E2 . 2197248 . . [5.1.2600.6335] . . c:\windows\SoftwareDistribution\Download\6445ae5eb02ff7d796f0f58bff4c6cd1\sp3gdr\ntoskrnl.exe
    [-] 2013-01-07 . DA2292B00BFE155BA9904C258A9C5F8D . 2197376 . . [5.1.2600.6335] . . c:\windows\SoftwareDistribution\Download\6445ae5eb02ff7d796f0f58bff4c6cd1\sp3qfe\ntoskrnl.exe
    [-] 2012-08-23 . A44990C626AC14E2D5CE8B63ADB3B659 . 2197120 . . [5.1.2600.6284] . . c:\windows\SoftwareDistribution\Download\7bbbb71bdcc0038f8416258df6a5576d\sp3gdr\ntoskrnl.exe
    [-] 2012-08-23 . 56A3342EC3831AC76FE94B9DD1A19268 . 2197248 . . [5.1.2600.6284] . . c:\windows\SoftwareDistribution\Download\7bbbb71bdcc0038f8416258df6a5576d\sp3qfe\ntoskrnl.exe
    [-] 2012-05-05 . 0C4B13874692DD6643EA9F49F4D3B17A . 2196864 . . [5.1.2600.6223] . . c:\windows\SoftwareDistribution\Download\94d164140b7473ab1699a9abf26f878b\sp3gdr\ntoskrnl.exe
    [-] 2012-05-05 . 5C69074C733DF58333EE924B213121DB . 2196864 . . [5.1.2600.6223] . . c:\windows\SoftwareDistribution\Download\94d164140b7473ab1699a9abf26f878b\sp3qfe\ntoskrnl.exe
    [-] 2012-04-11 . ECCC7CBDAA1B124608738736175E50FD . 2196864 . . [5.1.2600.6206] . . c:\windows\SoftwareDistribution\Download\41ed1c4b2ab0c54b1b5d070069c00ccf\sp3gdr\ntoskrnl.exe
    [-] 2012-04-11 . DDEA1E8C2A9CC5DADC62D86BA3CF6452 . 2196864 . . [5.1.2600.6206] . . c:\windows\SoftwareDistribution\Download\41ed1c4b2ab0c54b1b5d070069c00ccf\sp3qfe\ntoskrnl.exe
    [-] 2011-10-26 . 75187009E861AD76C313A7EE0B875B5C . 2196992 . . [5.1.2600.6165] . . c:\windows\SoftwareDistribution\Download\4192119e50c8710fc245dd8b266c0fcc\sp3gdr\ntoskrnl.exe
    [-] 2011-10-26 . 0485EFF2A4A9B5FCE919E9DC63F65119 . 2196992 . . [5.1.2600.6165] . . c:\windows\SoftwareDistribution\Download\4192119e50c8710fc245dd8b266c0fcc\sp3qfe\ntoskrnl.exe
    [-] 2010-12-09 . 08AAFC3BB2264BE857E1459F39064D0D . 2196992 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
    [-] 2010-12-09 . C34677CDA2DC6AB7E21F2E13082948C7 . 2196992 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
    [-] 2010-12-09 . C34677CDA2DC6AB7E21F2E13082948C7 . 2196992 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
    [-] 2010-12-09 . D380DFF71D5B89F328AD6B1D63979070 . 2152960 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
    [-] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\86b5c3c27c0785fd65488773795ea324\SP3GDR\ntoskrnl.exe
    [-] 2010-04-28 . 2B14801C5D196E8BEC3EA573B3B2DA44 . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\86b5c3c27c0785fd65488773795ea324\SP3QFE\ntoskrnl.exe
    [-] 2010-02-17 . 124F4EC97A7683D1A67B3AECFE258ABD . 2194176 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP3GDR\ntoskrnl.exe
    [-] 2010-02-16 . E3AB5BB31F1E60E3E1E6121A85CBE281 . 2185600 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP2GDR\ntoskrnl.exe
    [-] 2010-02-16 . BB99D86301E766593A9E7398B942DC89 . 2191104 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP2QFE\ntoskrnl.exe
    [-] 2010-02-16 . 8A47EB27E99109826F8A54BB64BE8131 . 2194304 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\05c2118f5b256c43481f1ea27db6bb68\SP3QFE\ntoskrnl.exe
    [7] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
    [-] 2008-04-13 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
    [-] 2008-04-13 . 0ED0AB8E279126064A46A73A5ED59069 . 2149376 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
    [-] 2006-03-02 . 91448D27F6DFAF50DD1D5FD3D8C1F3BD . 2152448 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
    .
    [-] 2008-04-13 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-13 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
    [-] 2006-03-02 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
    .
    [-] 2008-04-13 . E41419F44AC35DD414D436479A0ED211 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
    [-] 2008-04-13 . E41419F44AC35DD414D436479A0ED211 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
    [-] 2006-03-02 . F0F4530EEE8D703C4471B37CA7C2C827 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
    .
    [-] 2008-04-13 . 8BCDAECAB7BC90E116ED6BB104EEDBEC . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
    [-] 2008-04-13 . 8BCDAECAB7BC90E116ED6BB104EEDBEC . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
    [-] 2006-03-02 . E1E55789A51A088830E67F8B71312309 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
    .
    [-] 2008-04-13 . F70CCB59E0A325896D679A4935E4F835 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
    [-] 2008-04-13 . F70CCB59E0A325896D679A4935E4F835 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
    [-] 2006-03-02 . 7B18451D3827377FA25C547F00461D82 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
    .
    [-] 2008-04-13 . 889A287A7B2393109EA6847AA68CD4E9 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
    [-] 2008-04-13 . 889A287A7B2393109EA6847AA68CD4E9 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
    [-] 2006-03-02 . 8ACB07F9E562B94E1023BC16CBB9668C . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
    .
    [-] 2008-04-13 . 7AC649BA34AF371D30AC3F79104A3015 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
    [-] 2008-04-13 . 7AC649BA34AF371D30AC3F79104A3015 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
    [-] 2006-03-02 . A751D27B7F060ADF13C64418F41334CF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas. 
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2013-05-09 08:58 121968 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
    2013-05-23 13:47 1389096 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
    2012-12-26 16:03 1652584 ----a-w- c:\arquivos de programas\GbPlugin\gbiehcef.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Acrobat Assistant.lnk]
    path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Acrobat Assistant.lnk
    backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-13 22:20 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2008-02-28 07:00 166424 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2008-02-28 07:00 141848 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
    2006-07-30 14:00 98304 ----a-r- c:\arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2008-02-28 07:00 137752 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    2010-03-26 10:01 19522592 ----a-w- c:\windows\RTHDCPL.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-24 19:36 136600 ----a-w- c:\arquivos de programas\Java\jre6\bin\jusched.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    .
    R0 360HookOem;360HookOem;c:\windows\system32\drivers\360HookOem.sys [03/04/2013 15:18 61488]
    R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [04/04/2013 16:07 49376]
    R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [04/04/2013 16:07 175176]
    R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [24/05/2010 10:00 49536]
    R1 360FileOem;360FileOem;c:\windows\system32\drivers\360FileOem.sys [03/04/2013 15:18 152880]
    R1 360RegOem;360RegOem;c:\windows\system32\drivers\360RegOem.sys [03/04/2013 15:18 29744]
    R1 360SpOEM;360SpOEM;c:\windows\system32\drivers\360SpOEM.sys [03/04/2013 15:18 64048]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16/06/2011 14:12 770344]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20/05/2010 09:44 369584]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/05/2010 09:44 29816]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [04/04/2013 16:07 66336]
    R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [24/05/2010 10:00 410152]
    R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 13:21 29432]
    S2 dealplylive;Serviço do DealPly Live (dealplylive);c:\arquivos de programas\DealPlyLive\Update\DealPlyLive.exe [01/07/2013 16:51 148000]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/05/2010 08:47 1691480]
    S3 dealplylivem;Serviço do DealPly Live (dealplylivem);c:\arquivos de programas\DealPlyLive\Update\DealPlyLive.exe [01/07/2013 16:51 148000]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [18/10/2011 02:43 78136]
    S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 13:21 29432]
    S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [18/10/2011 02:43 181432]
    S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [18/10/2011 02:43 181432]
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    .
    2013-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-24 13:39]
    .
    2013-07-03 c:\windows\Tasks\avast! Emergency Update.job
    - c:\arquivos de programas\Alwil Software\Avast5\AvastEmUpdate.exe [2013-04-04 08:58]
    .
    2013-07-03 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
    - c:\arquivos de programas\DealPlyLive\Update\DealPlyLive.exe [2013-07-01 19:51]
    .
    2013-07-03 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
    - c:\arquivos de programas\DealPlyLive\Update\DealPlyLive.exe [2013-07-01 19:51]
    .
    2013-07-03 c:\windows\Tasks\User_Feed_Synchronization-{1FD8253E-B977-4BBA-9C9D-C4B5ECBC9BDD}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]
    .
    .
    ------- Scan Suplementar -------
    .
    uStart Page = [Você precisa estar registrado e conectado para ver este link.]
    uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
    IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
    Trusted Zone: bancobrasil.com.br\www
    Trusted Zone: bancobrasil.com.br\www14
    Trusted Zone: bancobrasil.com.br\www2
    Trusted Zone: bb.com.br\www
    TCP: DhcpNameServer = 10.4.65.16
    DPF: Microsoft XML Parser for Java - [Você precisa estar registrado e conectado para ver este link.]
    FF - ProfilePath - c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\
    FF - prefs.js: browser.startup.homepage - [Você precisa estar registrado e conectado para ver este link.]
    FF - ExtSQL: 2013-06-17 15:54; [Você precisa estar registrado e conectado para ver este link.]; c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com
    FF - ExtSQL: 2013-07-01 16:51; [Você precisa estar registrado e conectado para ver este link.]; c:\arquivos de programas\LyricsBot\116.xpi
    FF - ExtSQL: 2013-07-01 16:52; [Você precisa estar registrado e conectado para ver este link.]; c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\ffxtlbr@delta.com
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    MSConfigStartUp-Adobe ARM - c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
    MSConfigStartUp-ALLUpdate - c:\arquivos de programas\ALLPlayer\ALLUpdate.exe
    MSConfigStartUp-msnmsgr - c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
    MSConfigStartUp-PSafeTray - c:\arquivos de programas\PSafe\PSafeSysTray.exe
    MSConfigStartUp-PSafeWDS - c:\arquivos de programas\PSafe\PSafeWDS.exe
    MSConfigStartUp-Yontoo Desktop - c:\documents and settings\f003272\Dados de aplicativos\Yontoo\YontooDesktop.exe
    AddRemove-Mozilla Thunderbird (3.1.10) - c:\documents and settings\f003272\ThunderBird\App\thunderbird\uninstall\helper.exe
    AddRemove-WinLiveSuite_Wave3 - c:\arquivos de programas\Windows Live\Installer\wlarp.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Você precisa estar registrado e conectado para ver este link.]
    Rootkit scan 2013-07-03 11:38
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    Procurando processos ocultos ... 
    .
    Procurando entradas auto inicializáveis ocultas ... 
    .
    Procurando ficheiros/arquivos ocultos ... 
    .
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    .
    **************************************************************************
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
    .
    - - - - - - - > 'winlogon.exe'(988)
    c:\arquivos de programas\GBPLUGIN\gbieh.dll
    c:\arquivos de programas\GbPlugin\gbiehcef.dll
    .
    Tempo para conclusão: 2013-07-03  11:41:51
    ComboFix-quarantined-files.txt  2013-07-03 14:41
    .
    Pré-execução: 11 pasta(s) 127.147.884.544 bytes disponíveis
    Pós execução: 14 pasta(s) 128.306.741.248 bytes disponíveis
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
    .
    - - End Of File - - ECDDBBDF360A80561E16C12B7292AD90
    239FC8B1C26D5286165A956F5A98D8D7
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 611
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Log para analise pc muito lento.

    Mensagem por joram em Qua Jul 03, 2013 4:39 pm

    Boa Tarde! Edvan

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )
    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    [-HKCU\Software\DealPlyLive];r
    [-HKCU\Software\LyricsBot];r
    [-HKCU\Software\LyricsTab];r
    [-HKLM\Software\360Safe];r
    [-HKLM\Software\DealPlyLive];
    C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineCore.job;f
    C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineUA.job;f
    C:\Arquivos de programas\DealPlyLive;fs
    filesrcm;
    autoclean;
    emptyalltemp;

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script". <- Aguarde!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    Abs!


    Última edição por joram em Seg Jul 08, 2013 8:37 am, editado 1 vez(es)
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Log para analise pc muito lento.

    Mensagem por Edvan em Qui Jul 04, 2013 7:36 am

    Zoek.exe Version 4.0.0.3 Updated 27-June-2013
    Tool run by f003272 on 04/07/2013 at  8:31:56,64.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    ==== System Restore Info ======================
    04/07/2013 08:33:17 Zoek.exe System Restore Point Created Succesfully.
    ==== Suspicious Entries Found ======================
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
    "3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
    "3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================

    ==== FireFox Fix ======================
    ProfilePath: C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default
    user.js not found
    ---- Lines delta removed from prefs.js ----

    ---- Lines delta modified from prefs.js ----
    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email=wrc@avast.com":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Alwil Software\\\\Avast5\\\\WebRep\\\\FF\",\"mtime\":1365102466375}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1371737062953}}},{\"name\":\"winreg-app-user\",\"addons\":{\"D7C802E4-BDDC-4A1F-A790-F4C9D43DA9FD\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\LyricsTab\\\\116.xpi\",\"mtime\":1372243687937},\"[email=lyricsBot@APDMT.net":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\LyricsBot\\\\116.xpi\",\"mtime\":1372708303984}}},{\"name\":\"app-profile\",\"addons\":{\"[email=fdm_ffext@freedownloadmanager.org":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Free Download Manager\\\\Firefox\\\\Extension\",\"mtime\":1275053066859},\"[email=ffxtlbr@delta.com":{"descriptor":"C:\\Documents][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1372708329328},\"[email=toolbar@ask.com":{"descriptor":"C:\\Documents][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1372797437406},\"{87F8774F-B485-47E2-A755-A40A8A5E886C}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\{87F8774F-B485-47E2-A755-A40A8A5E886C}\",\"mtime\":1371822163140}}}]");
    ---- Lines ask.com removed from prefs.js ----

    ---- Lines ask.com modified from prefs.js ----
    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email=wrc@avast.com":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Alwil Software\\\\Avast5\\\\WebRep\\\\FF\",\"mtime\":1365102466375}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1371737062953}}},{\"name\":\"winreg-app-user\",\"addons\":{\"D7C802E4-BDDC-4A1F-A790-F4C9D43DA9FD\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\LyricsTab\\\\116.xpi\",\"mtime\":1372243687937},\"[email=lyricsBot@APDMT.net":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\LyricsBot\\\\116.xpi\",\"mtime\":1372708303984}}},{\"name\":\"app-profile\",\"addons\":{\"[email=fdm_ffext@freedownloadmanager.org":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Free Download Manager\\\\Firefox\\\\Extension\",\"mtime\":1275053066859},\"[email=ffxtlbr@disabled.com":{"descriptor":"C:\\Documents][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1372708329328},\"[email=toolbar@ask.com":{"descriptor":"C:\\Documents][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1372797437406},\"{87F8774F-B485-47E2-A755-A40A8A5E886C}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\{87F8774F-B485-47E2-A755-A40A8A5E886C}\",\"mtime\":1371822163140}}}]");
    user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,fdm_ffext@freedownloadmanager.org:1.3.4,{87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.10.4,wrc@avast.com:8.0.1483,toolbar@ask.com:3.15.23.100013,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28");
    ---- Lines Lyric removed from prefs.js ----

    ---- Lines Lyric modified from prefs.js ----
    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email=wrc@avast.com":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Alwil Software\\\\Avast5\\\\WebRep\\\\FF\",\"mtime\":1365102466375}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1371737062953}}},{\"name\":\"winreg-app-user\",\"addons\":{\"D7C802E4-BDDC-4A1F-A790-F4C9D43DA9FD\":{\"descriptor\":\"C:\\\\Arquivos de programas\\\\LyricsTab\\\\116.xpi\",\"mtime\":1372243687937},\"[email=lyricsBot@APDMT.net":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\LyricsBot\\\\116.xpi\",\"mtime\":1372708303984}}},{\"name\":\"app-profile\",\"addons\":{\"[email=fdm_ffext@freedownloadmanager.org":{"descriptor":"C:\\Arquivos][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Arquivos[/email] de programas\\\\Free Download Manager\\\\Firefox\\\\Extension\",\"mtime\":1275053066859},\"[email=ffxtlbr@disabled.com":{"descriptor":"C:\\Documents][Você precisa estar registrado e conectado para ver este link.]\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1372708329328},\"[email=toolbar@disabled":{"descriptor":"C:\\Documents]toolbar@disabled\":{\"descriptor\":\"C:\\\\Documents[/email] and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\toolbar@disabled\",\"mtime\":1372797437406},\"{87F8774F-B485-47E2-A755-A40A8A5E886C}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\f003272\\\\Dados de aplicativos\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sd67nblb.default\\\\extensions\\\\{87F8774F-B485-47E2-A755-A40A8A5E886C}\",\"mtime\":1371822163140}}}]");
    ---- FireFox user.js and prefs.js backups ----
    prefs_072013_0838_.backup
    ProfilePath: C:\Documents and Settings\f003564\Dados de aplicativos\Mozilla\Firefox\Profiles\i4ye2mco.default
    user.js not found
    ---- Lines delta removed from prefs.js ----

    ---- Lines delta modified from prefs.js ----

    ---- Lines ask.com removed from prefs.js ----

    ---- Lines ask.com modified from prefs.js ----

    ---- Lines Lyric removed from prefs.js ----

    ---- Lines Lyric modified from prefs.js ----

    ---- FireFox user.js and prefs.js backups ----
    prefs_072013_0838_.backup
    ==== Registry Fix Code ======================
    Windows Registry Editor Version 5.00
    [-HKCU\Software\DealPlyLive]
    [-HKCU\Software\LyricsBot]
    [-HKCU\Software\LyricsTab]
    [-HKLM\Software\360Safe]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "bProtectTabs"=-
    ==== Deleting Files \ Folders ======================
    "C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\ffxtlbr@delta.com" not found
    "C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com" not found
    "C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineCore.job" deleted
    "C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineUA.job" deleted
    "C:\Documents and Settings\f003272\Dados de aplicativos\desktop.ini" deleted
    "C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineCore.job" deleted
    "C:\WINDOWS\Tasks\DealPlyLiveUpdateTaskMachineUA.job" deleted
    "C:\WINDOWS\002700_.tmp" deleted
    "C:\WINDOWS\SET25.tmp" deleted
    "C:\WINDOWS\SET3.tmp" deleted
    "C:\WINDOWS\SET4.tmp" deleted
    "C:\WINDOWS\SET8.tmp" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll" deleted
    "C:\Arquivos de programas\DealPlyLive" deleted
    "C:\Arquivos de programas\DealPlyLive" deleted
    "C:\Arquivos de programas\LyricsOn" deleted
    "C:\Arquivos de programas\DealPlyLive\Update" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0" deleted
    "C:\Arquivos de programas\DealPlyLive\Update" deleted
    "C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0" deleted
    ==== Files Recently Created / Modified ======================
    ====== C:\WINDOWS ====
    2013-07-03 14:08:40 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
    2013-07-03 14:08:40 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
    2013-07-03 14:08:40 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
    2013-07-03 14:08:40 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
    2013-07-03 14:08:40 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
    ====== C:\DOCUME~1\f003272\CONFIG~1\Temp ====
    2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\DOCUME~1\f003272\CONFIG~1\Temp\jre-7u25-windows-i586-iftw.exe
    ====== C:\WINDOWS\system32 =====
    2013-07-04 11:31:02 1D9B3568CFDB55316985A053D6D96030 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
    ====== C:\WINDOWS\system32\drivers =====
    2013-07-03 13:41:21 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
    2013-07-03 13:41:21 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
    2013-07-03 13:41:21 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
    ====== C:\WINDOWS\Tasks ======
    2013-07-03 13:37:27 52B54C44F45E2E6EABD79059D25DEC78 458 ---ha-w- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1FD8253E-B977-4BBA-9C9D-C4B5ECBC9BDD}.job
    ====== C:\WINDOWS\Temp ======
    ======= C:\Arquivos de programas =====
    2013-07-03 14:46:20 -------- d-----w- C:\Arquivos de programas\ZHPDiag
    2013-06-20 14:04:27 -------- d-----w- C:\Arquivos de programas\Mozilla Maintenance Service
    ======= C: =====
    2013-07-03 14:48:34 CFD02B26A2B8197F840F3E4DAD97FE06 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-07-03 14:11:00 FA579938B0733B87066546AFE951082C 211 ----a-w- C:\Boot.bak
    2013-07-03 14:10:57 C51A881398F29071239741AE16D07C1C 261856 --sha-r- C:\cmldr
    2013-07-03 13:33:11 EFF52C2C80CF054C69BF1EBACCFB8654 20937 ----a-w- C:\AdwCleaner[S1].txt
    ====== C:\Documents and Settings\f003272\Dados de aplicativos ======
    2013-07-03 14:08:27 -------- d-----r- C:\Documents and Settings\f003272\Menu Iniciar\Programas\Ferramentas administrativas
    2013-07-01 19:51:51 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
    2013-06-21 13:42:43 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\gas
    2013-06-20 14:04:28 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla
    ====== C:\Documents and Settings\f003272 ======
    2013-07-03 17:17:22 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
    2013-06-20 14:03:43 -------- d-sh--w- C:\Documents and Settings\f003272\IECompatCache
    ====== C: exe-files ==
    2013-07-03 14:46:26 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe
    2013-07-03 14:46:26 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Arquivos de programas\ZHPDiag\pv.exe
    2013-07-03 14:46:26 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Arquivos de programas\ZHPDiag\FileInfos.exe
    2013-07-03 14:46:25 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Arquivos de programas\ZHPDiag\catchme.exe
    2013-07-03 14:46:25 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Arquivos de programas\ZHPDiag\subinacl.exe
    2013-07-03 14:46:25 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl32.exe
    2013-07-03 14:46:25 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Arquivos de programas\ZHPDiag\setacl64.exe
    2013-07-03 14:46:25 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Arquivos de programas\ZHPDiag\sigcheck.exe
    2013-07-03 14:46:24 A3F7B76494E5F3D32B05824241E82AD0 2726912 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-07-03 14:46:24 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Arquivos de programas\ZHPDiag\mbr.exe
    2013-07-03 14:46:24 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Arquivos de programas\ZHPDiag\Lads.exe
    2013-07-03 14:46:23 94753463EE96A4B975FCFC3D0E098945 7646208 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe
    2013-07-03 14:46:22 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-07-03 14:46:20 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Arquivos de programas\ZHPDiag\unins000.exe
    2013-07-03 14:46:20 1321DC81E317EE48C4D004775FB29AC9 1916928 ----a-w- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
    2013-07-03 14:46:08 EA591DBD692ADF5B4AB55AFBD5FDB252 5697917 ----a-w- C:\Documents and Settings\f003272\Desktop\ferramenta para remoção-virus\ZHPDiag2.exe
    2013-07-03 14:10:57 F0C08E06A2A3EF0618E3990DE36BAB21 616960 ----a-w- C:\cmdcons\autochk.exe
    2013-07-03 14:10:57 A317FC1D2F892651DEC970B9CCCD6D92 608768 ----a-w- C:\cmdcons\autofmt.exe
    2013-07-03 14:08:40 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
    2013-07-03 14:08:40 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
    2013-07-03 14:08:40 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
    2013-07-03 14:08:40 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
    2013-07-03 14:08:40 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
    2013-07-03 13:57:19 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\JRT\erunt\ERUNT.EXE
    2013-07-03 13:56:47 09A3F926C400C29B3CF04FD15A0D8DEA 545954 ----a-w- C:\Documents and Settings\f003272\Desktop\ferramenta para remoção-virus\JRT.exe
    2013-07-01 19:50:18 DC30DAE2A6A49C547517663D4B76BF6E 1037120 ----a-w- C:\Documents and Settings\f003272\Meus documentos\Downloads\Adobe_Reader_setup.exe
    === C: other files ==
    2013-07-03 14:10:26 177B6F9CB612B5B0DF1BC3E068D54EE7 7374 ----a-w- C:\Qoobox\BackEnv\SetPath.bat
    2013-07-03 13:57:19 E4B95882FB080670179EA3605395889B 29803 ----a-w- C:\JRT\iexplore.bat
    2013-07-03 13:57:19 C0C9EBB0F67894B294057F8DFD982FB7 224236 ----a-w- C:\JRT\firefox.bat
    2013-07-03 13:57:19 BC6829679AE4DF51BA5F2B6DF9C0BAFC 14243 ----a-w- C:\JRT\medfos.bat
    2013-07-03 13:57:19 9EE3D7F3A45E24135711E9CBA48DC54F 11837 ----a-w- C:\JRT\JRT.bat
    2013-07-03 13:57:19 892B8347BAF133646A19D3B90928AE86 15542 ----a-w- C:\JRT\chrome.bat
    2013-07-03 13:57:19 833D69BA76F526DF45C9BEA1A92DC82B 29565 ----a-w- C:\JRT\prelim.bat
    2013-07-03 13:57:19 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\JRT\ev_clear.bat
    2013-07-03 13:57:19 6AFF3EA276AA312EFBB29BA0D5D2A85A 9763 ----a-w- C:\JRT\modules.bat
    2013-07-03 13:57:19 63FEB4EAF9E8C709C3B3470BC40E3EF8 37373 ----a-w- C:\JRT\ask.bat
    2013-07-03 13:57:19 620AD0970CC18D799A357D5B9C797F31 5379 ----a-w- C:\JRT\runvalues.bat
    2013-07-03 13:57:19 44E5FFC65156A594FCD57D13A7546046 14028 ----a-w- C:\JRT\get.bat
    2013-07-03 13:57:19 357F4F46BA2ADE86E2084DE3EC219A18 13025 ----a-w- C:\JRT\searchlnk.bat
    2013-07-03 13:57:19 33A0F7BBDF15B84FB01A361D09F54DFE 1825 ----a-w- C:\JRT\delfolders.bat
    2013-07-03 13:57:19 31D9F977B48014E79CC35A98D324B16A 1256 ----a-w- C:\JRT\FWPolicy.bat
    2013-07-03 13:57:19 296AEB5FF1159F45030514E8C1751368 81579 ----a-w- C:\JRT\misc.bat
    2013-07-03 13:57:19 1EE55AF77826E0E6F89A0ED6278E2C35 1040 ----a-w- C:\JRT\TDL4.bat
    ==== Firefox Extensions ======================
    ProfilePath: C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default
    - avast Online Security - C:\Arquivos de programas\Alwil Software\Avast5\WebRep\FF
    - Modulo de Seguranca - Banco do Brasil - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
    ProfilePath: C:\Documents and Settings\f003564\Dados de aplicativos\Mozilla\Firefox\Profiles\i4ye2mco.default
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    ==== Firefox Plugins ======================

    ==== Set IE to Default ======================
    [Você precisa estar registrado e conectado para ver este link.] Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.][Você precisa estar registrado e conectado para ver este link.]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "Tabs"="res://ieframe.dll/tabswelcome.htm"
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.][Você precisa estar registrado e conectado para ver este link.]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "Tabs"="[Você precisa estar registrado e conectado para ver este link.]New
    [url=http://www.google.com"New]

    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="[Você precisa estar registrado e conectado para ver este link.]}"
    ==== Empty IE Cache ======================
    C:\Documents and Settings\f003272\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    ==== Empty FireFox Cache ======================
    No FireFox Cache found
    ==== Empty Chrome Cache ======================
    No Chrome User Data found
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    Java Cache cleared successfully
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\f003272\CONFIG~1\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\RECYCLER successfully emptied
    ==== EOF on 04/07/2013 at  8:45:22,04 ======================

    [/url]
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 611
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Log para analise pc muito lento.

    Mensagem por joram em Qui Jul 04, 2013 9:39 am

    Bom Dia! Edvan

    |- Amigo Edvan! Necessito que rode este Fix it,antes do script do ComboFix.
    |- Ps: Utilize o navegador Internet Explorer.
    |- Execute este [Você precisa estar registrado e conectado para ver este link.]

     [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Selecione e copie,o conteúdo que está em "vermelho",para o Bloco de Notas.
    |- Salve-o,no desktop,com o nome: CFScript << Texto!
    #####

    Folder::
    c:\documents and settings\f003272\Configurações locais\Dados de aplicativos\DealPlyLive
    c:\documents and settings\f003272\Dados de aplicativos\Yontoo
    c:\documents and settings\All Users\Dados de aplicativos\DealPlyLive
    c:\arquivos de programas\DealPlyLive

    Registry::
    [-HKLM\Software\DealPlyLive]

    Driver::
    dealplylive
    dealplylivem

    ClearJavaCache::

    #####
    |- Ps: Desabilite,temporariamente,seu antivírus.
    |- Ps: Não utilizem este script em outra máquina!
    |- Arraste,o CFScript.txt para o ícone/interior do ComboFix.
    |- Veja a demonstração!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
    |- Ps: Faça o arraste,até surgir essa solicitação! ( janela )
    |- Caso apareça alguma mensagem para atualizar a ferramenta,clique Sim!
    |- Concluindo,poste: C:\ComboFix.txt <<

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Log para analise pc muito lento.

    Mensagem por Edvan em Sex Jul 05, 2013 8:24 am

    Sobre o  Fix it rodei, daí pediu para reiniciar e não apareceu mais nada, deve ter comprido com seu objetivo que é concertar alguma coisa no IE.

     

    ComboFix 13-07-04.01 - f003272 05/07/2013   9:01.2.2 - x86
    Microsoft Windows XP Professional  5.1.2600.3.1252.55.1046.18.1015.580 [GMT -3:00]
    Executando de: c:\documents and settings\f003272\Desktop\ComboFix.exe
    Comandos utilizados :: c:\documents and settings\f003272\Desktop\CFScript.txt
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ADS - drivers: deleted 310 bytes in 1 streams.
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Dados de aplicativos\DealPlyLive
    c:\documents and settings\All Users\Dados de aplicativos\DealPlyLive\Update\Log\DealPlyLive.log
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Legacy_DEALPLYLIVE
    -------\Service_dealplylive
    -------\Service_dealplylivem
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2013-06-05 to 2013-07-05  ))))))))))))))))))))))))))))
    .
    .
    2013-07-05 11:27 . 2013-07-05 12:11 -------- d-----w- c:\windows\system32\CatRoot2
    2013-07-04 11:41 . 2013-07-04 11:31 24064 ----a-w- c:\windows\zoek-delete.exe
    2013-07-04 11:41 . 2013-07-04 11:41 -------- d-----w- c:\windows\system32\config\systemprofile\Configuraþ§es locais
    2013-07-04 11:41 . 2013-07-04 11:41 -------- d-----w- c:\documents and settings\NetworkService\Configuraþ§es locais
    2013-07-04 11:41 . 2013-07-04 11:41 -------- d-----w- c:\documents and settings\LocalService\Configuraþ§es locais
    2013-07-04 11:41 . 2013-07-04 11:41 -------- d-----w- c:\documents and settings\f003272\Configuraþ§es locais
    2013-07-04 11:31 . 2013-07-04 11:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-07-03 14:48 . 2013-07-03 14:51 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-07-03 14:46 . 2013-07-03 14:51 -------- d-----w- c:\arquivos de programas\ZHPDiag
    2013-07-03 14:46 . 2013-07-03 14:50 -------- d-----w- C:\ZHP
    2013-07-03 13:57 . 2013-07-03 13:57 -------- d-----w- c:\windows\ERUNT
    2013-07-03 13:57 . 2013-07-03 13:57 -------- d-----w- C:\JRT
    2013-07-01 19:51 . 2013-07-01 19:51 -------- d-----w- c:\documents and settings\f003272\Configurações locais\Dados de aplicativos\DealPlyLive
    2013-06-21 13:42 . 2013-06-21 13:42 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\gas
    2013-06-20 14:03 . 2013-06-20 14:03 -------- d-sh--w- c:\documents and settings\f003272\IECompatCache
    2013-06-13 16:56 . 2013-06-13 16:56 -------- d-----w- c:\documents and settings\f003272\Configurações locais\Dados de aplicativos\Sun
    2013-06-13 16:55 . 2013-06-13 16:55 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
    2013-06-13 16:55 . 2013-07-04 11:30 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-07-04 11:30 . 2010-05-24 19:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
    2013-07-04 11:30 . 2010-05-24 12:58 789416 ----a-w- c:\windows\system32\deployJava1.dll
    2013-07-03 13:41 . 2013-04-04 19:07 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-07-03 13:41 . 2011-06-16 17:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-07-03 13:41 . 2010-05-20 12:44 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2013-06-12 13:39 . 2013-05-24 19:40 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-12 13:39 . 2013-05-24 19:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-05-09 08:59 . 2013-04-04 19:07 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-05-09 08:59 . 2010-05-20 12:44 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2013-05-09 08:59 . 2013-04-04 19:07 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-05-09 08:59 . 2010-05-20 12:44 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2013-05-09 08:59 . 2010-05-20 12:44 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2013-05-09 08:58 . 2010-08-19 14:59 41664 ----a-w- c:\windows\avastSS.scr
    2013-05-09 08:58 . 2010-05-20 12:44 229648 ----a-w- c:\windows\system32\aswBoot.exe
    2013-05-08 12:52 . 2010-05-24 13:00 49536 ----a-w- c:\windows\system32\drivers\gbpkm.sys
    2013-06-20 14:04 . 2013-06-20 14:04 97208 ----a-w- c:\arquivos de programas\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2013-05-09 08:58 121968 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
    2013-05-23 13:47 1389096 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
    2012-12-26 16:03 1652584 ----a-w- c:\arquivos de programas\GbPlugin\gbiehcef.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Acrobat Assistant.lnk]
    path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Acrobat Assistant.lnk
    backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-13 22:20 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2008-02-28 07:00 166424 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2008-02-28 07:00 141848 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
    2006-07-30 14:00 98304 ----a-r- c:\arquivos de programas\Hewlett-Packard\OrderReminder\OrderReminder.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2008-02-28 07:00 137752 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    2010-03-26 10:01 19522592 ----a-w- c:\windows\RTHDCPL.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-24 19:36 136600 ----a-w- c:\arquivos de programas\Java\jre6\bin\jusched.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    .
    R0 360HookOem;360HookOem;c:\windows\system32\drivers\360HookOem.sys [03/04/2013 15:18 61488]
    R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [04/04/2013 16:07 49376]
    R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [04/04/2013 16:07 175176]
    R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [24/05/2010 10:00 49536]
    R1 360FileOem;360FileOem;c:\windows\system32\drivers\360FileOem.sys [03/04/2013 15:18 152880]
    R1 360RegOem;360RegOem;c:\windows\system32\drivers\360RegOem.sys [03/04/2013 15:18 29744]
    R1 360SpOEM;360SpOEM;c:\windows\system32\drivers\360SpOEM.sys [03/04/2013 15:18 64048]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16/06/2011 14:12 770344]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20/05/2010 09:44 369584]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/05/2010 09:44 29816]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [04/04/2013 16:07 66336]
    R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [24/05/2010 10:00 410152]
    R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 13:21 29432]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/05/2010 08:47 1691480]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [18/10/2011 02:43 78136]
    S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [28/12/2011 13:21 29432]
    S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [18/10/2011 02:43 181432]
    S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [18/10/2011 02:43 181432]
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    .
    2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-24 13:39]
    .
    2013-07-05 c:\windows\Tasks\avast! Emergency Update.job
    - c:\arquivos de programas\Alwil Software\Avast5\AvastEmUpdate.exe [2013-04-04 08:58]
    .
    2013-07-05 c:\windows\Tasks\User_Feed_Synchronization-{1FD8253E-B977-4BBA-9C9D-C4B5ECBC9BDD}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]
    .
    .
    ------- Scan Suplementar -------
    .
    uStart Page = [Você precisa estar registrado e conectado para ver este link.]
    uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
    IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
    Trusted Zone: bancobrasil.com.br\www
    Trusted Zone: bancobrasil.com.br\www14
    Trusted Zone: bancobrasil.com.br\www2
    Trusted Zone: bb.com.br\www
    TCP: DhcpNameServer = 10.4.65.16
    DPF: Microsoft XML Parser for Java - [Você precisa estar registrado e conectado para ver este link.]
    FF - ProfilePath - c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\
    FF - prefs.js: browser.startup.homepage - [Você precisa estar registrado e conectado para ver este link.]
    FF - ExtSQL: 2013-06-17 15:54; [Você precisa estar registrado e conectado para ver este link.]; c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com
    FF - ExtSQL: 2013-07-01 16:51; [Você precisa estar registrado e conectado para ver este link.]; c:\arquivos de programas\LyricsBot\116.xpi
    FF - ExtSQL: 2013-07-01 16:52; [Você precisa estar registrado e conectado para ver este link.]; c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\ffxtlbr@delta.com
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Você precisa estar registrado e conectado para ver este link.]
    Rootkit scan 2013-07-05 09:14
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    Procurando processos ocultos ...
    .
    Procurando entradas auto inicializáveis ocultas ...
    .
    Procurando ficheiros/arquivos ocultos ...
    .
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    .
    **************************************************************************
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
    .
    - - - - - - - > 'winlogon.exe'(992)
    c:\arquivos de programas\GBPLUGIN\gbieh.dll
    c:\arquivos de programas\GbPlugin\gbiehcef.dll
    .
    - - - - - - - > 'explorer.exe'(3592)
    c:\windows\system32\WININET.dll
    c:\arquivos de programas\GBPLUGIN\gbieh.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    c:\arquivos de programas\GbPlugin\gbiehcef.dll
    .
    ------------------------ Outros Processos em Execução ------------------------
    .
    c:\arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
    c:\arquivos de programas\Java\jre7\bin\jqs.exe
    c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    .
    **************************************************************************
    .
    Tempo para conclusão: 2013-07-05  09:16:29 - Máquina reiniciou
    ComboFix-quarantined-files.txt  2013-07-05 12:16
    ComboFix2.txt  2013-07-03 14:41
    .
    Pré-execução: 14 pasta(s) 128.217.731.072 bytes disponíveis
    Pós execução: 15 pasta(s) 128.197.992.448 bytes disponíveis
    .
    - - End Of File - - A753D9D62D53EC2194E3F0B35D835727
    239FC8B1C26D5286165A956F5A98D8D7
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 611
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Log para analise pc muito lento.

    Mensagem por joram em Sex Jul 05, 2013 9:03 am

    Bom Dia! Edvan

    Sobre o  Fix it rodei, daí pediu para reiniciar e não apareceu mais nada, deve ter comprido com seu objetivo que é concertar alguma coisa no IE.
    |- Não foi bem isso em que atuou o Fix it.

    Método 9: Limpar o arquivo temporário e reiniciar a instalação do hotfix ou do service pack. >

    |-  Foi necessário,o Fix it,nesta correção.

    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
    [-] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
    [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
    .
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
    [-] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
    .
    [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
    [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
    ---------
    ---------
    [-] 2008-04-13 . 7AC649BA34AF371D30AC3F79104A3015 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
    [-] 2008-04-13 . 7AC649BA34AF371D30AC3F79104A3015 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
    [-] 2006-03-02 . A751D27B7F060ADF13C64418F41334CF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
    |- Apontada pelo ComboFix,na impossibilidade de legitimar estas assinaturas.

    -/-

    |- Abra,novamente,a ferramenta zoek.

    c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com;f
    c:\arquivos de programas\LyricsBot\116.xpi;f
    c:\arquivos de programas\LyricsBot;fs
    emptyalltemp;
    firefoxlook;
    autoclean;

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script". <- Aguarde!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt << 

    A+


    Última edição por joram em Seg Jul 08, 2013 8:47 am, editado 1 vez(es) (Razão : Inserir imagem reboo!)
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Log para analise pc muito lento.

    Mensagem por Edvan em Seg Jul 08, 2013 9:47 am

    Zoek.exe Version 4.0.0.3 Updated 05-July-2013
    Tool run by f003272 on 08/07/2013 at 10:36:20,81.
    Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
    Running in: Normal Mode Internet Access Detected
    ==== Suspicious Entries Found ======================
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
    "3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
    "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
    "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
    "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
    "3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================

    ==== Deleting Files \ Folders ======================
    "c:\documents and settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\extensions\toolbar@ask.com" not found
    "c:\arquivos de programas\LyricsBot\116.xpi" not found
    "c:\arquivos de programas\LyricsBot" not found
    ==== Firefox Extensions ======================
    ProfilePath: C:\Documents and Settings\f003272\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default
    - avast Online Security - C:\Arquivos de programas\Alwil Software\Avast5\WebRep\FF
    - Modulo de Seguranca - Banco do Brasil - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
    ProfilePath: C:\Documents and Settings\f003564\Dados de aplicativos\Mozilla\Firefox\Profiles\i4ye2mco.default
    - Java Quick Starter - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff
    ==== Firefox Plugins ======================

    ==== Set IE to Default ======================
    [Você precisa estar registrado e conectado para ver este link.] Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.][Você precisa estar registrado e conectado para ver este link.]
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]New
    [url=http://www.funpec.br/"New]

    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="[Você precisa estar registrado e conectado para ver este link.]}"
    ==== Empty IE Cache ======================
    C:\Documents and Settings\f003272\Configurações locais\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f003272\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\LocalService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\NetworkService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\WINDOWS\system32\config\systemprofile\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Documents and Settings\f003272\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    ==== Empty FireFox Cache ======================
    C:\Documents and Settings\f003272\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\sd67nblb.default\Cache emptied successfully
    C:\Documents and Settings\f003564\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\i4ye2mco.default\Cache emptied successfully
    ==== Empty Chrome Cache ======================
    No Chrome Cache found
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    Java Cache cleared successfully
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\WINDOWS\Temp successfully emptied
    C:\DOCUME~1\f003272\CONFIG~1\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\RECYCLER successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Documents and Settings\f003272\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not deleted
    ==== EOF on 08/07/2013 at 10:44:47,32 ======================

    [/url]
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 611
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Log para analise pc muito lento.

    Mensagem por joram em Seg Jul 08, 2013 10:06 am

    Bom Dia! Edvan

    |- Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Estando na página,clique na seta verde para o download
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Execute-a!
    |- Com as duas checkbox marcadas! 
    |- Clique "Run".
    |- Caso queira,poste o relatório!

    -/-

    |- Otimize o computador,com o JetClean + JetBoost.

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by BlueSprig.com )

    |- < [Você precisa estar registrado e conectado para ver este link.] > << Leia aqui!

    |- Salve-o em Arquivos de programas. ( jetclean-setup.exe )

    [Você precisa estar registrado e conectado para ver este link.] 

    |- Instale o software e na guia "1-Click",escolha a opção "Registry Clean".
    |- Vá em "Scan Now" e escolha: Shut down PC after Repair

    [Você precisa estar registrado e conectado para ver este link.]

    |- Ou escolhendo a opção "Repair",sem o reboot do PC.

    < [Você precisa estar registrado e conectado para ver este link.] >

    [Você precisa estar registrado e conectado para ver este link.] 

    |- À seguir,tente melhorar a performance com o JetBoost.
    |- Tudo Ok?

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Log para analise pc muito lento.

    Mensagem por Edvan em Seg Jul 08, 2013 1:32 pm

    Tudo ok amigo, mais uma vez obrigado por essa!.bounce 

    # DelFix v10.3 - Logfile created 08/07/2013 at 14:29:41
    # Updated 08/06/2013 by Xplode
    # Username : f003272 - FUN0116
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    ~ Removing disinfection tools ...
    Deleted : C:\Qoobox
    Deleted : C:\JRT
    Deleted : C:\ZHP
    Deleted : C:\Arquivos de programas\ZHPDiag
    Deleted : C:\AdwCleaner[S1].txt
    Deleted : C:\ComboFix.txt
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Documents and Settings\f003272\Desktop\ComboFix.exe
    Deleted : C:\Documents and Settings\f003272\Desktop\JRT.exe
    Deleted : C:\Documents and Settings\f003272\Desktop\MBRCheck.lnk
    Deleted : C:\Documents and Settings\f003272\Desktop\ZHPDiag.lnk
    Deleted : C:\Documents and Settings\f003272\Desktop\ZHPFix.lnk
    Deleted : C:\WINDOWS\grep.exe
    Deleted : C:\WINDOWS\PEV.exe
    Deleted : C:\WINDOWS\NIRCMD.exe
    Deleted : C:\WINDOWS\MBR.exe
    Deleted : C:\WINDOWS\SED.exe
    Deleted : C:\WINDOWS\SWREG.exe
    Deleted : C:\WINDOWS\SWSC.exe
    Deleted : C:\WINDOWS\SWXCACLS.exe
    Deleted : C:\WINDOWS\Zip.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Swearware
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
    ~ Cleaning system restore ...
    Deleted : RP #625 [Ponto de verificação do sistema | 04/10/2013 16:08:32]
    Deleted : RP #626 [Ponto de verificação do sistema | 04/11/2013 17:57:16]
    Deleted : RP #627 [Ponto de verificação do sistema | 04/12/2013 18:37:29]
    Deleted : RP #628 [Ponto de verificação do sistema | 04/15/2013 15:20:39]
    Deleted : RP #629 [Ponto de verificação do sistema | 04/16/2013 17:03:51]
    Deleted : RP #630 [Ponto de verificação do sistema | 04/18/2013 12:37:42]
    Deleted : RP #631 [Ponto de verificação do sistema | 04/19/2013 15:15:10]
    Deleted : RP #632 [Instalação de driver não assinada | 04/19/2013 20:31:53]
    Deleted : RP #633 [Ponto de verificação do sistema | 04/22/2013 11:43:27]
    Deleted : RP #634 [Ponto de verificação do sistema | 04/23/2013 15:18:41]
    Deleted : RP #635 [Ponto de verificação do sistema | 04/24/2013 19:12:14]
    Deleted : RP #636 [Ponto de verificação do sistema | 04/25/2013 19:18:34]
    Deleted : RP #637 [Ponto de verificação do sistema | 04/29/2013 15:18:11]
    Deleted : RP #638 [Ponto de verificação do sistema | 04/30/2013 17:18:40]
    Deleted : RP #639 [Ponto de verificação do sistema | 05/02/2013 11:41:11]
    Deleted : RP #640 [Ponto de verificação do sistema | 05/03/2013 11:45:08]
    Deleted : RP #641 [Ponto de verificação do sistema | 05/06/2013 11:52:28]
    Deleted : RP #642 [Ponto de verificação do sistema | 05/07/2013 13:49:29]
    Deleted : RP #643 [Ponto de verificação do sistema | 05/08/2013 14:01:44]
    Deleted : RP #644 [Ponto de verificação do sistema | 05/09/2013 15:14:53]
    Deleted : RP #645 [Ponto de verificação do sistema | 05/10/2013 15:29:33]
    Deleted : RP #646 [Ponto de verificação do sistema | 05/13/2013 13:55:07]
    Deleted : RP #647 [Ponto de verificação do sistema | 05/14/2013 15:20:57]
    Deleted : RP #648 [Ponto de verificação do sistema | 05/15/2013 16:15:58]
    Deleted : RP #649 [Ponto de verificação do sistema | 05/16/2013 16:16:20]
    Deleted : RP #650 [Ponto de verificação do sistema | 05/20/2013 12:01:22]
    Deleted : RP #651 [Ponto de verificação do sistema | 05/21/2013 14:47:56]
    Deleted : RP #652 [Ponto de verificação do sistema | 05/22/2013 15:16:01]
    Deleted : RP #653 [Ponto de verificação do sistema | 05/23/2013 15:21:01]
    Deleted : RP #654 [Ponto de verificação do sistema | 05/24/2013 16:19:57]
    Deleted : RP #655 [Ponto de verificação do sistema | 05/27/2013 15:16:19]
    Deleted : RP #656 [Ponto de verificação do sistema | 05/28/2013 15:52:30]
    Deleted : RP #657 [Ponto de verificação do sistema | 05/31/2013 15:09:59]
    Deleted : RP #658 [Ponto de verificação do sistema | 06/03/2013 13:19:45]
    Deleted : RP #659 [Ponto de verificação do sistema | 06/04/2013 15:15:04]
    Deleted : RP #660 [Ponto de verificação do sistema | 06/05/2013 15:15:58]
    Deleted : RP #661 [Ponto de verificação do sistema | 06/06/2013 18:12:32]
    Deleted : RP #662 [Ponto de verificação do sistema | 06/07/2013 20:21:15]
    Deleted : RP #663 [Ponto de verificação do sistema | 06/10/2013 14:24:48]
    Deleted : RP #664 [Ponto de verificação do sistema | 06/11/2013 15:29:40]
    Deleted : RP #665 [Instalação de driver não assinada | 06/11/2013 19:11:30]
    Deleted : RP #666 [Ponto de verificação do sistema | 06/12/2013 19:45:24]
    Deleted : RP #667 [Instalação de driver não assinada | 06/13/2013 14:29:41]
    Deleted : RP #668 [Instalado Java 7 Update 21 | 06/13/2013 16:54:53]
    Deleted : RP #669 [Ponto de verificação do sistema | 06/14/2013 17:33:11]
    Deleted : RP #670 [Ponto de verificação do sistema | 06/17/2013 15:20:02]
    Deleted : RP #671 [Ponto de verificação do sistema | 06/18/2013 15:30:09]
    Deleted : RP #672 [Ponto de verificação do sistema | 06/19/2013 16:10:19]
    Deleted : RP #673 [Ponto de verificação do sistema | 06/20/2013 16:42:46]
    Deleted : RP #674 [Ponto de verificação do sistema | 06/21/2013 19:26:32]
    Deleted : RP #675 [Ponto de verificação do sistema | 06/25/2013 15:23:55]
    Deleted : RP #676 [Ponto de verificação do sistema | 06/26/2013 15:58:57]
    Deleted : RP #677 [Ponto de verificação do sistema | 06/27/2013 16:20:56]
    Deleted : RP #678 [Ponto de verificação do sistema | 06/28/2013 17:27:52]
    Deleted : RP #679 [Ponto de verificação do sistema | 07/01/2013 11:38:48]
    Deleted : RP #680 [Ponto de verificação do sistema | 07/02/2013 15:14:36]
    Deleted : RP #681 [Removed Adobe Acrobat 6.0 Professional | 07/03/2013 13:42:56]
    Deleted : RP #682 [Removido Java 7 Update 21 | 07/04/2013 11:29:48]
    Deleted : RP #683 [Instalado Java 7 Update 25 | 07/04/2013 11:30:39]
    Deleted : RP #684 [zoek.exe restore point | 07/04/2013 11:33:17]
    Deleted : RP #685 [Instalado Microsoft Fix it 50528 | 07/05/2013 11:27:34]
    Deleted : RP #686 [Ponto de verificação do sistema | 07/08/2013 12:10:24]
    New restore point created !
    ########## - EOF - ##########
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 611
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Log para analise pc muito lento.

    Mensagem por joram em Seg Jul 08, 2013 1:37 pm

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: Log para analise pc muito lento.

    Mensagem por Conteúdo patrocinado


      Data/hora atual: Ter Maio 30, 2017 1:28 am