Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
dr.fritz

Vista, Lento

Recommended Posts

Ola. Tenho um pc com uma configuração bem boa. Mas ele anda travando e bem lento. Ja passei o anti-virus mas o pc nao roda nada!!! Demora demais em todas as funcoes. Gostaria da ajuda de vocês!

Vou postar aqui meu Log conforme orientado.

Desde ja agradeco.

Vou postar em partes.

Editado por dr.fritz

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • GMER 1.0.14.14536 - http://www.gmer.net

    Rootkit scan 2008-11-18 14:15:03

    Windows 6.0.6001 Service Pack 1

    ---- System - GMER 1.0.14 ----

    SSDT 87293C68 ZwAlertResumeThread

    SSDT 87293D48 ZwAlertThread

    SSDT 8730DFC0 ZwAllocateVirtualMemory

    SSDT 8721B428 ZwAlpcConnectPort

    SSDT 8730C188 ZwCreateMutant

    SSDT 8730A470 ZwCreateThread

    SSDT 8733FDB0 ZwDebugActiveProcess

    SSDT 8730DE20 ZwFreeVirtualMemory

    SSDT 8730C278 ZwImpersonateAnonymousToken

    SSDT 87293B88 ZwImpersonateThread

    SSDT 87303688 ZwMapViewOfSection

    SSDT 8730C0A8 ZwOpenEvent

    SSDT 8730A3B0 ZwOpenProcessToken

    SSDT 8733FE90 ZwOpenSection

    SSDT 873091E8 ZwOpenThreadToken

    SSDT 87313158 ZwResumeThread

    SSDT 873034C0 ZwSetContextThread

    SSDT 873034F8 ZwSetInformationProcess

    SSDT 87309090 ZwSetInformationThread

    SSDT 8733FF70 ZwSuspendProcess

    SSDT 87305178 ZwSuspendThread

    SSDT 8730A550 ZwTerminateProcess

    SSDT 87305238 ZwTerminateThread

    SSDT 873035C8 ZwUnmapViewOfSection

    SSDT 8730DEF0 ZwWriteVirtualMemory

    ---- Kernel code sections - GMER 1.0.14 ----

    .text ntkrnlpa.exe!KeSetTimerEx + 350 81CBA914 8 Bytes [ 68, 3C, 29, 87, 48, 3D, 29, ... ]

    .text ntkrnlpa.exe!KeSetTimerEx + 364 81CBA928 4 Bytes [ C0, DF, 30, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 370 81CBA934 4 Bytes [ 28, B4, 21, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 428 81CBA9EC 4 Bytes [ 88, C1, 30, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 454 81CBAA18 4 Bytes [ 70, A4, 30, 87 ]

    .text ...

    ---- User code sections - GMER 1.0.14 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!DialogBoxIndirectParamW 76E8BD25 5 Bytes JMP 6F155BF3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!DialogBoxParamW 76EA1FD5 5 Bytes JMP 6F155B7D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!DialogBoxParamA 76EC80B2 5 Bytes JMP 6F155BB8 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!DialogBoxIndirectParamA 76EC83DD 5 Bytes JMP 6F155C2E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!MessageBoxIndirectA 76EDD471 5 Bytes JMP 6F155B39 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!MessageBoxIndirectW 76EDD56B 5 Bytes JMP 6F155AF5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!MessageBoxExA 76EDD5D1 5 Bytes JMP 6F155ABB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] USER32.dll!MessageBoxExW 76EDD5F5 5 Bytes JMP 6F155A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!SHRestricted + DFD 75FE8390 4 Bytes [ 99, 0B, CE, 73 ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!SHRestricted + E05 75FE8398 8 Bytes [ A7, 0A, CE, 73, A4, 32, CD, ... ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!SHRestricted + FB1 75FE8544 4 Bytes [ 99, 0B, CE, 73 ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!SHRestricted + FB9 75FE854C 4 Bytes [ A7, 0A, CE, 73 ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!ILFree + 5F3 75FE9AFC 4 Bytes [ 99, 0B, CE, 73 ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[4504] SHELL32.dll!ILFree + 5FB 75FE9B04 4 Bytes [ A7, 0A, CE, 73 ]

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • ---- User IAT/EAT - GMER 1.0.14 ----

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [73CCD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [73CCD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [73CCB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [73CCD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [73CCBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [73CCF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [73CCC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [73CCF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [73CCD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [73CCB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [73CCDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [73CCC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [73CCF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [73CD0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [73CCFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [73CD02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [73CCD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [73CCBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73CCB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [73CCD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73CCA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [73CDDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [73CDE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [73CDCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [73CDD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [73CDCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [73CDC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [73CDCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [73CCD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [73CCE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [73CCB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [73CCA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [73CCA819] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [73CCC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [73CCD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [73CC8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [73CCBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [73CD02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [73CCFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [73CCF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [73CC8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [73CC8C26] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [73CCBBD2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [73CCFF42] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [73CCFB96] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [73CD0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [73CCEFA8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [73CC89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [73CCD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpW] [73CCCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpA] [73CCCE2E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [73CDCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [73CDC49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [73CDCD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [73CDD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [73CDCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [73CDC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [73CDCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [73CDE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [73CDD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [73CDCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [73CDDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [73CDD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [73CDE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [73CDDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [73CDDFE1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [73CDE2F1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [73CDDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [73CDD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [73CCA460] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [73CCFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [73CCE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [73CCA6E2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [73CCAE92] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73CCB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [73CCC023] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [73CCB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [73CC9700] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [73CCD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [73CCDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [73CD02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [73CD0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [73CC9362] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [73CC89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [73CCF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [73CCA1D8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73CCA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [73CCEAD0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [73CCE4F9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [73CCC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [73CC8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [73CC8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [73CCDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [73CC94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [73CCD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [73CCBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [73CC8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [73CCD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [73CC9231] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [73CCF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [73CCC58B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [73CCCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [73CCCA80] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [73CDCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [73CDC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyW] [73CDDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumValueW] [73CDE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] [73CDCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [73CDDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [73CDD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyExW] [73CDE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [73CDD13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] [73CDD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] [73CDD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyW] [73CDC8E9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [73CDC35D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] [73CDD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [73CDCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCloseKey] [73CDCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [73CD91AC] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [73CD0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [73CD02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [73CCD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [73CCF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [73CCC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [73CC94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [73CC8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [73CCBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [73CCD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [73CC8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [73CCD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [73CDD13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] [6E7D7C75] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyExW] [73CDE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumValueW] [73CDE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyA] [73CDDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyA] [73CDCD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [73CDDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [73CDD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] [73CDD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyW] [73CDDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCloseKey] [73CDCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] [73CDD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [73CDCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] [73CDCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [73CDC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] [73CDD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [73CDCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [73CD5CFD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [73CD5C9F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [73CD4D95] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [73CD50AF] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [73CD519F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [73CD40A2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [73CD5357] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [73CD619F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [73CD53B2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [73CD61FA] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[4504] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [73CD3FFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • ---- Devices - GMER 1.0.14 ----

    AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- Services - GMER 1.0.14 ----

    Service C:\PROGRA~1\GbPlugin\GbpSv.exe (*** hidden *** ) [AUTO] GbpSv <-- ROOTKIT !!!

    ---- Registry - GMER 1.0.14 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Type 16

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Start 2

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ErrorControl 1

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ImagePath C:\PROGRA~1\GbPlugin\GbpSv.exe

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@DisplayName Gbp Service

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Group GbPlugin Group

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ObjectName LocalSystem

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Description Service for G-Buster Browser Defense

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x88 ...

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Type 16

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Start 2

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ErrorControl 1

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ImagePath C:\PROGRA~1\GbPlugin\GbpSv.exe

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@DisplayName Gbp Service

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Group GbPlugin Group

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ObjectName LocalSystem

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Description Service for G-Buster Browser Defense

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv\Security

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x88 ...

    ---- EOF - GMER 1.0.14 ----

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Logfile of random's system information tool 1.04 (written by random/random)

    Run by arthuro at 2008-11-18 14:15:41

    Microsoft® Windows Vista™ Home Premium Service Pack 1

    System drive C: has 80 GB (57%) free of 141 GB

    Total RAM: 3006 MB (57% free)

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 2:16:01 PM, on 11/18/2008

    Platform: Windows Vista SP1 (WinNT 6.00.1905)

    MSIE: Internet Explorer v7.00 (7.00.6001.18000)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\Internet Explorer\ieuser.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe

    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

    C:\Windows\system32\taskeng.exe

    C:\Users\arthuro\Desktop\gmer\gmer.exe

    C:\Users\arthuro\Desktop\RSIT.exe

    C:\Program Files\Trend Micro\HijackThis\arthuro.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O1 - Hosts: ::1 localhost

    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll

    O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

    O4 - HKLM\..\Policies\Explorer\Run: []

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')

    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O13 - Gopher Prefix:

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldpt-br.cab

    O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

    O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

    O17 - HKLM\System\CCS\Services\Tcpip\..\{78DA0AFE-A701-484D-9EF3-7620F60FA230}: NameServer = 10.110.112.33,200.141.251.190

    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

    O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • End of file - 9267 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Check Updates for Windows Live Toolbar.job

    C:\Windows\tasks\HPCeeScheduleForarthuro.job

    C:\Windows\tasks\Norton Internet Security - Run Full System Scan - arthuro.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30 808472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [2007-08-24 316784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

    Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-10-11 116088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

    SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007}]

    GbIehObj Class - C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll [2008-05-16 369064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]

    HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 316784]

    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30 808472]

    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]

    "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]

    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]

    "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []

    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

    ""=1 []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    "{E37CB5F0-51F5-4395-A808-5FA49E399007}"=C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll [2008-05-16 369064]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    "EnableUIADesktopToggle"=0

    "DisableStatusMessages"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "NoDriveTypeAutoRun"=149

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54a190bf-9865-11dd-b2a4-002100110314}]

    shell\AutoRun\command - wscript.exe .\.vbs

    shell\open\command - wscript.exe .\.vbs

    ======File associations======

    .bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"

    .ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"

    ======List of files/folders created in the last 1 months======

    2008-11-18 14:15:41 ----D---- C:\rsit

    2008-11-18 13:42:16 ----A---- C:\Windows\gmer.ini

    2008-11-18 13:42:14 ----A---- C:\Windows\gmer_uninstall.cmd

    2008-11-18 13:42:14 ----A---- C:\Windows\gmer.dll

    2008-11-18 13:42:13 ----A---- C:\Windows\gmer.exe

    2008-11-14 17:43:49 ----HD---- C:\Windows\PIF

    2008-11-14 17:05:45 ----D---- C:\Program Files\Trend Micro

    2008-11-14 03:09:14 ----A---- C:\Windows\system32\msxml3.dll

    2008-11-13 11:58:05 ----A---- C:\Windows\system32\msxml6.dll

    2008-11-08 16:27:54 ----D---- C:\Program Files\Adobe

    2008-11-08 08:18:17 ----D---- C:\Program Files\GbPlugin

    2008-11-08 08:18:14 ----D---- C:\ProgramData\GbPlugin

    2008-10-29 01:35:26 ----A---- C:\Windows\system32\wersvc.dll

    2008-10-29 01:35:26 ----A---- C:\Windows\system32\Faultrep.dll

    2008-10-29 01:34:49 ----A---- C:\Windows\system32\win32spl.dll

    2008-10-27 10:05:00 ----D---- C:\Program Files\Common Files\Adobe

    2008-10-24 17:23:41 ----D---- C:\Users\arthuro\AppData\Roaming\MSNInstaller

    2008-10-24 00:23:15 ----A---- C:\Windows\system32\netapi32.dll

    2008-10-19 18:46:36 ----D---- C:\Program Files\SopCast

    2008-10-19 18:45:56 ----D---- C:\Program Files\Megacubo

    ======List of files/folders modified in the last 1 months======

    2008-11-18 14:15:57 ----D---- C:\Windows\Prefetch

    2008-11-18 14:15:48 ----D---- C:\Windows\Temp

    2008-11-18 13:42:16 ----D---- C:\Windows

    2008-11-18 13:42:14 ----D---- C:\Windows\system32\drivers

    2008-11-18 13:24:05 ----D---- C:\ProgramData\Symantec

    2008-11-18 12:05:31 ----SHD---- C:\System Volume Information

    2008-11-18 11:07:47 ----D---- C:\Windows\System32

    2008-11-18 11:07:47 ----D---- C:\Windows\inf

    2008-11-18 11:07:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

    2008-11-16 15:22:18 ----D---- C:\Windows\tracing

    2008-11-15 14:58:40 ----D---- C:\Windows\Tasks

    2008-11-15 14:58:40 ----D---- C:\Windows\system32\Tasks

    2008-11-15 14:34:59 ----D---- C:\Windows\rescache

    2008-11-15 14:14:00 ----D---- C:\Windows\winsxs

    2008-11-15 13:27:51 ----SD---- C:\Users\arthuro\AppData\Roaming\Microsoft

    2008-11-15 04:55:18 ----SHD---- C:\Windows\Installer

    2008-11-15 04:55:18 ----D---- C:\ProgramData\Microsoft Help

    2008-11-14 17:05:45 ----D---- C:\Program Files

    2008-11-13 12:06:27 ----D---- C:\Windows\system32\catroot2

    2008-11-13 11:57:15 ----D---- C:\Windows\system32\catroot

    2008-11-08 16:28:02 ----D---- C:\ProgramData\Adobe

    2008-11-08 08:18:14 ----HD---- C:\ProgramData

    2008-11-08 08:18:13 ----SD---- C:\Windows\Downloaded Program Files

    2008-11-06 07:17:28 ----D---- C:\Windows\system32\WDI

    2008-11-03 16:10:25 ----A---- C:\Windows\system32\mrt.exe

    2008-10-28 05:05:52 ----D---- C:\Program Files\Common Files\Symantec Shared

    2008-10-27 10:05:00 ----D---- C:\Program Files\Common Files

    2008-10-23 21:29:11 ----D---- C:\Program Files\Sling Media

    2008-10-23 21:28:46 ----HD---- C:\Program Files\InstallShield Installation Information

    2008-10-23 14:23:41 ----D---- C:\ProgramData\WildTangent

    2008-10-21 07:53:24 ----D---- C:\Users\arthuro\AppData\Roaming\CyberLink

    2008-10-19 18:46:51 ----D---- C:\Users\arthuro\AppData\Roaming\Adobe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2097-12-31 371248]

    R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081117.001\IDSvix86.sys [2008-10-03 270384]

    R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-09-05 447024]

    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]

    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-06-13 24112]

    R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-06-13 184240]

    R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-08 36056]

    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]

    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-09 8704]

    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-07-06 155136]

    R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]

    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2097-12-31 99376]

    R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-10-01 183352]

    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

    R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]

    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-19 984064]

    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-19 208896]

    R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081117.048\NAVENG.SYS [2008-11-11 89104]

    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081117.048\NAVEX15.SYS [2008-11-11 876112]

    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-17 1040544]

    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-08 7626304]

    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]

    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576]

    R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]

    R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-06-13 13616]

    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-10-11 123952]

    R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-06-13 96432]

    R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-06-13 41008]

    R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320]

    R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016]

    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-19 660480]

    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]

    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]

    S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

    S3 Cpqdfw;Compaq Dfw; C:\Windows\system32\drivers\Cpqdfw.sys []

    S3 cq_mem;Compaq Memory Diagnostics; C:\Windows\system32\drivers\cq_mem.sys []

    S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys []

    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]

    S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-11-18 85969]

    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704]

    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]

    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]

    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]

    S3 rlnDebug;COMPAQ ILO; \??\C:\Windows\system32\drivers\CpqILO.sys []

    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []

    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]

    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]

    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]

    R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]

    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]

    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]

    R2 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-19 271760]

    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-19 112016]

    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]

    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-09 386560]

    R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-10-11 1251720]

    S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-19 263168]

    S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]

    S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-21 55640]

    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

    S3 LiveUpdate;LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]

    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Poderia postar um log atualizado das ferramentas por gentileza?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • AI VAI:

    GMER 1.0.14.14536 - http://www.gmer.net

    Rootkit scan 2008-11-22 15:25:03

    Windows 6.0.6001 Service Pack 1

    ---- System - GMER 1.0.14 ----

    SSDT 87255F48 ZwAlertResumeThread

    SSDT 8713D038 ZwAlertThread

    SSDT 872558B8 ZwAllocateVirtualMemory

    SSDT 871DE310 ZwAlpcConnectPort

    SSDT 872B9A20 ZwCreateMutant

    SSDT 87255A48 ZwCreateThread

    SSDT 86267698 ZwDebugActiveProcess

    SSDT 87255718 ZwFreeVirtualMemory

    SSDT 872571F8 ZwImpersonateAnonymousToken

    SSDT 8720ED38 ZwImpersonateThread

    SSDT 87255618 ZwMapViewOfSection

    SSDT 872B9960 ZwOpenEvent

    SSDT 87255988 ZwOpenProcessToken

    SSDT 86275C40 ZwOpenSection

    SSDT 87255358 ZwOpenThreadToken

    SSDT 8740A1B8 ZwResumeThread

    SSDT 87255278 ZwSetContextThread

    SSDT 87255448 ZwSetInformationProcess

    SSDT 87255188 ZwSetInformationThread

    SSDT 86275D00 ZwSuspendProcess

    SSDT 87257550 ZwSuspendThread

    SSDT 87255B28 ZwTerminateProcess

    SSDT 87255068 ZwTerminateThread

    SSDT 87255538 ZwUnmapViewOfSection

    SSDT 872557E8 ZwWriteVirtualMemory

    ---- Kernel code sections - GMER 1.0.14 ----

    .text ntkrnlpa.exe!KeSetTimerEx + 350 81CCF914 8 Bytes [ 48, 5F, 25, 87, 38, D0, 13, ... ]

    .text ntkrnlpa.exe!KeSetTimerEx + 365 81CCF929 3 Bytes [ 58, 25, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 370 81CCF934 4 Bytes [ 10, E3, 1D, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 428 81CCF9EC 4 Bytes [ 20, 9A, 2B, 87 ]

    .text ntkrnlpa.exe!KeSetTimerEx + 454 81CCFA18 4 Bytes [ 48, 5A, 25, 87 ]

    .text ...

    ---- User code sections - GMER 1.0.14 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!DialogBoxIndirectParamW 76C5BD25 5 Bytes JMP 6DB95BF3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!DialogBoxParamW 76C71FD5 5 Bytes JMP 6DB95B7D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!DialogBoxParamA 76C980B2 5 Bytes JMP 6DB95BB8 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!DialogBoxIndirectParamA 76C983DD 5 Bytes JMP 6DB95C2E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!MessageBoxIndirectA 76CAD471 5 Bytes JMP 6DB95B39 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!MessageBoxIndirectW 76CAD56B 5 Bytes JMP 6DB95AF5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!MessageBoxExA 76CAD5D1 5 Bytes JMP 6DB95ABB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] USER32.dll!MessageBoxExW 76CAD5F5 5 Bytes JMP 6DB95A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] SHELL32.dll!SHRestricted + DFD 75F08390 4 Bytes [ 99, 0B, 0E, 6C ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] SHELL32.dll!SHRestricted + E05 75F08398 8 Bytes [ A7, 0A, 0E, 6C, A4, 32, 0D, ... ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] SHELL32.dll!SHBindToObject + 693 75F0A9B8 4 Bytes [ 99, 0B, 0E, 6C ]

    .text C:\Program Files\Internet Explorer\iexplore.exe[2292] SHELL32.dll!SHBindToObject + 69B 75F0A9C0 4 Bytes [ A7, 0A, 0E, 6C ]

    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3612] kernel32.dll!SetUnhandledExceptionFilter 75B06E2D 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)

    ---- User IAT/EAT - GMER 1.0.14 ----

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6C0CD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6C0CD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6C0CB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6C0CD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6C0CBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6C0CF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6C0CC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6C0CF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6C0CD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6C0CB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6C0CDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6C0CC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6C0CF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6C0D0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6C0CFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6C0D02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6C0CD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6C0CBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C0CB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6C0CD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C0CA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6C0DDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [6C0DE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6C0DCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [6C0DD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [6C0DCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6C0DC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [6C0DCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6C0CD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6C0CE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C0CB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C0CA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6C0CA819] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6C0CC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6C0CD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6C0C8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6C0CBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6C0D02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6C0CFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6C0CF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6C0C8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6C0C8C26] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6C0CBBD2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6C0CFF42] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6C0CFB96] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6C0D0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6C0CEFA8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6C0C89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6C0CD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpW] [6C0CCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpA] [6C0CCE2E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [6C0DCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6C0DC49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [6C0DCD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6C0DD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6C0DCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6C0DC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6C0DCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [6C0DE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [6C0DD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [6C0DCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6C0DDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [6C0DD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [6C0DE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [6C0DDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [6C0DDFE1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [6C0DE2F1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [6C0DDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [6C0DD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6C0CA460] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [6C0CFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6C0CE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6C0CA6E2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6C0CAE92] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C0CB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6C0CC023] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6C0CB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6C0C9700] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6C0CD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6C0CDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [6C0D02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [6C0D0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6C0C9362] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [6C0C89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [6C0CF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6C0CA1D8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C0CA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [6C0CEAD0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [6C0CE4F9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6C0CC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6C0C8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [6C0C8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6C0CDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [6C0C94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6C0CD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6C0CBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [6C0C8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6C0CD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [6C0C9231] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6C0CF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6C0CC58B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6C0CCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6C0CCA80] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6C0DCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6C0DC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyW] [6C0DDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumValueW] [6C0DE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] [6C0DCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6C0DDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6C0DD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyExW] [6C0DE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6C0DD13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] [6C0DD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] [6C0DD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyW] [6C0DC8E9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6C0DC35D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] [6C0DD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6C0DCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCloseKey] [6C0DCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6C0D91AC] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [6C0D0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [6C0D02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6C0CD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [6C0CF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6C0CC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [6C0C94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6C0C8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6C0CBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6C0CD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6C0C8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6C0CD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6C0DD13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] [6A967C75] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyExW] [6C0DE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumValueW] [6C0DE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyA] [6C0DDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyA] [6C0DCD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6C0DDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6C0DD913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] [6C0DD437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyW] [6C0DDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCloseKey] [6C0DCD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] [6C0DD773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6C0DCB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] [6C0DCEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6C0DC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] [6C0DD5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6C0DCA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6C0D5CFD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6C0D5C9F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6C0D4D95] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6C0D50AF] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6C0D519F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6C0D40A2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6C0D5357] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6C0D619F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6C0D53B2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6C0D61FA] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2292] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6C0D3FFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

    ---- Devices - GMER 1.0.14 ----

    AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- Services - GMER 1.0.14 ----

    Service C:\PROGRA~1\GbPlugin\GbpSv.exe (*** hidden *** ) [AUTO] GbpSv <-- ROOTKIT !!!

    ---- Registry - GMER 1.0.14 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Type 16

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Start 2

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ErrorControl 1

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ImagePath C:\PROGRA~1\GbPlugin\GbpSv.exe

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@DisplayName Gbp Service

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Group GbPlugin Group

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ObjectName LocalSystem

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Description Service for G-Buster Browser Defense

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security

    Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x88 ...

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Type 16

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Start 2

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ErrorControl 1

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ImagePath C:\PROGRA~1\GbPlugin\GbpSv.exe

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@DisplayName Gbp Service

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Group GbPlugin Group

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@ObjectName LocalSystem

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv@Description Service for G-Buster Browser Defense

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv\Security

    Reg HKLM\SYSTEM\ControlSet003\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x88 ...

    ---- EOF - GMER 1.0.14 ----

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • continuando:

    Logfile of random's system information tool 1.04 (written by random/random)

    Run by arthuro at 2008-11-22 15:35:30

    Microsoft® Windows Vista™ Home Premium Service Pack 1

    System drive C: has 71 GB (51%) free of 141 GB

    Total RAM: 3006 MB (63% free)

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 3:35:34 PM, on 11/22/2008

    Platform: Windows Vista SP1 (WinNT 6.00.1905)

    MSIE: Internet Explorer v7.00 (7.00.6001.18000)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Internet Explorer\ieuser.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

    C:\Program Files\Windows Live Toolbar\msn_sl.exe

    C:\Users\arthuro\Desktop\Programas\RSIT.exe

    C:\Program Files\Trend Micro\HijackThis\arthuro.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O1 - Hosts: ::1 localhost

    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll

    O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKLM\..\Policies\Explorer\Run: []

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')

    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O13 - Gopher Prefix:

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldpt-br.cab

    O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

    O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

    O17 - HKLM\System\CCS\Services\Tcpip\..\{78DA0AFE-A701-484D-9EF3-7620F60FA230}: NameServer = 10.110.112.33,200.141.251.190

    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

    O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --

    End of file - 9056 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Check Updates for Windows Live Toolbar.job

    C:\Windows\tasks\HPCeeScheduleForarthuro.job

    C:\Windows\tasks\Norton Internet Security - Run Full System Scan - arthuro.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30 808472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [2007-08-24 316784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

    Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-10-11 116088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

    SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007}]

    GbIehObj Class - C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll [2008-05-16 369064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]

    HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 316784]

    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30 808472]

    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]

    "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]

    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]

    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

    ""=1 []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

    [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    "{E37CB5F0-51F5-4395-A808-5FA49E399007}"=C:\Windows\Downloaded Program Files\CONFLICT.3\gbiehabn.dll [2008-05-16 369064]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    "EnableUIADesktopToggle"=0

    "DisableStatusMessages"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "NoDriveTypeAutoRun"=149

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54a190bf-9865-11dd-b2a4-002100110314}]

    shell\AutoRun\command - wscript.exe .\.vbs

    shell\open\command - wscript.exe .\.vbs

    ======File associations======

    .bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"

    .ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • List of files/folders created in the last 1 months======

    2008-11-19 20:37:57 ----A---- C:\Windows\system32\wups2.dll

    2008-11-19 20:37:57 ----A---- C:\Windows\system32\wucltux.dll

    2008-11-19 20:37:57 ----A---- C:\Windows\system32\wuauclt.exe

    2008-11-19 20:37:56 ----A---- C:\Windows\system32\wuaueng.dll

    2008-11-19 20:37:36 ----A---- C:\Windows\system32\wups.dll

    2008-11-19 20:37:36 ----A---- C:\Windows\system32\wudriver.dll

    2008-11-19 20:37:36 ----A---- C:\Windows\system32\wuapi.dll

    2008-11-19 20:37:27 ----A---- C:\Windows\system32\wuwebv.dll

    2008-11-19 20:37:27 ----A---- C:\Windows\system32\wuapp.exe

    2008-11-19 13:40:39 ----D---- C:\Windows\pss

    2008-11-18 14:15:41 ----D---- C:\rsit

    2008-11-18 13:42:16 ----A---- C:\Windows\gmer.ini

    2008-11-18 13:42:14 ----A---- C:\Windows\gmer_uninstall.cmd

    2008-11-18 13:42:14 ----A---- C:\Windows\gmer.dll

    2008-11-18 13:42:13 ----A---- C:\Windows\gmer.exe

    2008-11-14 17:43:49 ----HD---- C:\Windows\PIF

    2008-11-14 17:05:45 ----D---- C:\Program Files\Trend Micro

    2008-11-14 03:09:14 ----A---- C:\Windows\system32\msxml3.dll

    2008-11-13 11:58:05 ----A---- C:\Windows\system32\msxml6.dll

    2008-11-08 16:27:54 ----D---- C:\Program Files\Adobe

    2008-11-08 08:18:17 ----D---- C:\Program Files\GbPlugin

    2008-11-08 08:18:14 ----D---- C:\ProgramData\GbPlugin

    2008-10-29 01:35:26 ----A---- C:\Windows\system32\wersvc.dll

    2008-10-29 01:35:26 ----A---- C:\Windows\system32\Faultrep.dll

    2008-10-29 01:34:49 ----A---- C:\Windows\system32\win32spl.dll

    2008-10-27 10:05:00 ----D---- C:\Program Files\Common Files\Adobe

    2008-10-24 17:23:41 ----D---- C:\Users\arthuro\AppData\Roaming\MSNInstaller

    2008-10-24 00:23:15 ----A---- C:\Windows\system32\netapi32.dll

    ======List of files/folders modified in the last 1 months======

    2008-11-22 15:35:33 ----D---- C:\Windows\Temp

    2008-11-22 15:33:43 ----D---- C:\Windows\Prefetch

    2008-11-22 15:14:20 ----D---- C:\Windows\System32

    2008-11-22 15:14:20 ----D---- C:\Windows\inf

    2008-11-22 15:14:20 ----A---- C:\Windows\system32\PerfStringBackup.INI

    2008-11-22 15:13:43 ----D---- C:\Windows\tracing

    2008-11-22 15:08:32 ----D---- C:\Windows\system32\wbem

    2008-11-22 15:08:32 ----D---- C:\Windows

    2008-11-22 15:06:55 ----D---- C:\Program Files\Common Files\LightScribe

    2008-11-22 15:06:54 ----D---- C:\Program Files\Common Files\DESIGNER

    2008-11-22 15:06:54 ----D---- C:\Program Files\Ares

    2008-11-22 15:06:54 ----D---- C:\Program Files\Apoint2K

    2008-11-22 15:06:54 ----D---- C:\Program Files\AIM6

    2008-11-22 15:06:50 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

    2008-11-22 15:06:41 ----D---- C:\Windows\winsxs

    2008-11-22 15:06:41 ----D---- C:\Windows\Tasks

    2008-11-22 15:06:41 ----D---- C:\Windows\tapi

    2008-11-22 15:06:41 ----D---- C:\Windows\system32\win2k_xp

    2008-11-22 15:06:38 ----D---- C:\Windows\system32\Tasks

    2008-11-22 15:06:38 ----D---- C:\Windows\system32\sysprep

    2008-11-22 15:06:38 ----D---- C:\Windows\system32\spool

    2008-11-22 15:06:37 ----D---- C:\Windows\system32\restore

    2008-11-22 15:06:35 ----D---- C:\Windows\system32\images

    2008-11-22 15:06:35 ----D---- C:\Windows\system32\ias

    2008-11-22 15:06:35 ----D---- C:\Windows\system32\en-US

    2008-11-22 15:06:35 ----D---- C:\Windows\system32\drivers

    2008-11-22 15:06:34 ----D---- C:\Windows\system32\CodeIntegrity

    2008-11-22 15:06:33 ----D---- C:\Windows\system32\catroot2

    2008-11-22 15:06:33 ----D---- C:\Windows\system32\animation

    2008-11-22 15:06:33 ----D---- C:\Windows\SMINST

    2008-11-22 15:06:33 ----D---- C:\Windows\ShellNew

    2008-11-22 15:06:33 ----D---- C:\Windows\rescache

    2008-11-22 15:06:31 ----RSD---- C:\Windows\Media

    2008-11-22 15:06:30 ----SHD---- C:\Windows\Installer

    2008-11-22 15:06:21 ----RSD---- C:\Windows\Fonts

    2008-11-22 15:06:20 ----SD---- C:\Windows\Downloaded Program Files

    2008-11-22 15:06:20 ----D---- C:\Windows\ehome

    2008-11-22 15:06:20 ----D---- C:\Windows\Cursors

    2008-11-22 15:06:19 ----RSD---- C:\Windows\assembly

    2008-11-22 15:06:16 ----RD---- C:\Users

    2008-11-22 15:06:14 ----HD---- C:\System.sav

    2008-11-22 15:05:51 ----D---- C:\ProgramData\Microsoft Help

    2008-11-22 15:05:51 ----D---- C:\Program Files\WinTV

    2008-11-22 15:05:49 ----D---- C:\Program Files\Windows Mail

    2008-11-22 15:05:48 ----D---- C:\Program Files\Windows Live Toolbar

    2008-11-22 15:05:47 ----D---- C:\Program Files\Windows Live Favorites

    2008-11-22 15:05:46 ----RD---- C:\Program Files\Online Services

    2008-11-22 15:05:46 ----D---- C:\Program Files\SopCast

    2008-11-22 15:05:46 ----D---- C:\Program Files\NetWaiting

    2008-11-22 15:05:43 ----D---- C:\Program Files\Microsoft Works

    2008-11-22 15:05:40 ----D---- C:\Program Files\Megacubo

    2008-11-22 15:05:39 ----D---- C:\Program Files\K-Lite Codec Pack

    2008-11-22 15:05:31 ----D---- C:\Program Files\hp deskjet 656c series

    2008-11-22 15:05:00 ----D---- C:\Program Files\earthlink totalaccess

    2008-11-22 15:05:00 ----D---- C:\Program Files

    2008-11-22 15:04:47 ----D---- C:\Program Files\CyberLink

    2008-11-22 15:04:46 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller

    2008-11-22 15:04:44 ----D---- C:\Program Files\Common Files\Services

    2008-11-22 15:04:28 ----D---- C:\Windows\registration

    2008-11-22 14:41:17 ----SHD---- C:\System Volume Information

    2008-11-22 13:56:55 ----D---- C:\ProgramData\Symantec

    2008-11-19 20:38:13 ----D---- C:\Windows\system32\catroot

    2008-11-15 13:27:51 ----SD---- C:\Users\arthuro\AppData\Roaming\Microsoft

    2008-11-08 16:28:02 ----D---- C:\ProgramData\Adobe

    2008-11-08 08:18:14 ----HD---- C:\ProgramData

    2008-11-06 07:17:28 ----D---- C:\Windows\system32\WDI

    2008-11-03 16:10:25 ----A---- C:\Windows\system32\mrt.exe

    2008-10-28 05:05:52 ----D---- C:\Program Files\Common Files\Symantec Shared

    2008-10-27 10:05:00 ----D---- C:\Program Files\Common Files

    2008-10-23 21:29:11 ----D---- C:\Program Files\Sling Media

    2008-10-23 21:28:46 ----HD---- C:\Program Files\InstallShield Installation Information

    2008-10-23 14:23:41 ----D---- C:\ProgramData\WildTangent

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2097-12-31 371248]

    R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081120.001\IDSvix86.sys [2008-10-03 270384]

    R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-09-05 447024]

    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]

    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-06-13 24112]

    R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-06-13 184240]

    R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-08 36056]

    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]

    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-09 8704]

    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-07-06 155136]

    R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]

    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2097-12-31 99376]

    R3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-11-18 85969]

    R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-10-01 183352]

    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

    R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]

    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-19 984064]

    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-19 208896]

    R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]

    R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081122.003\NAVENG.SYS [2008-11-11 89104]

    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081122.003\NAVEX15.SYS [2008-11-11 876112]

    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-17 1040544]

    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-08 7626304]

    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]

    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576]

    R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]

    R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-06-13 13616]

    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-10-11 123952]

    R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-06-13 96432]

    R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-06-13 41008]

    R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320]

    R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016]

    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-19 660480]

    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]

    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]

    S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

    S3 Cpqdfw;Compaq Dfw; C:\Windows\system32\drivers\Cpqdfw.sys []

    S3 cq_mem;Compaq Memory Diagnostics; C:\Windows\system32\drivers\cq_mem.sys []

    S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys []

    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]

    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704]

    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]

    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]

    S3 rlnDebug;COMPAQ ILO; \??\C:\Windows\system32\drivers\CpqILO.sys []

    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []

    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]

    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]

    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]

    R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]

    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]

    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]

    R2 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-19 271760]

    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-19 112016]

    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]

    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-09 386560]

    R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-10-11 1251720]

    R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

    S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-19 263168]

    S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]

    S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-21 55640]

    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

    S3 LiveUpdate;LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]

    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Vejo que possui o Norton Antivírus, apesar de ser um bom programa de segurança ele deixa o sistema mais lento, portanto seu problema não tem relação com malwares.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ok AMIGO.OBRIGADO!

    ESTAVA PENSANDO MESMO EM TROCAR PELO AVG.

    VOU TROCAR E COLOCO A RESPOSTA AQUI.

    DESDE JA AGRADECO.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×