Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
felipe_zig

Como excluir "autorun.inf" ? (log hijackthis)

Recommended Posts

Boa noite, depois de ter lido a respeito, cheguei a conclusão de que a desinfecção do "autorun.inf" é muito particular de caso para caso. Esse virus tido pelo NOD 32 como trojan contaminou minha maquina através de um pendrive, já tentei remove-lo de várias maneiras, porém todas tentativas foram frustradas. No momento o NOD 32 localiza e indentifica o "autorun.inf" mandando este para quarentena, mas em segundos é criado outro arquivo no lugar. Vale ressaltar que tenho dois hds: C (primary) e G (slayer) e o problema se apresenta em ambos.

Gostaria de saber se alguem teria uma solução para meu problema.

Abaixo segue log do hijackthis.

Agradeço desde já!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:23:52, on 19/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe

C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\DNA\btdna.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.alcohol-soft.com/campain.php?campain=22_feb_update120&forwardpage=http://users.alcohol-soft.com/en/login.php?problem=no_session_id

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [NodLogin] C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Arquivos de programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{EEF9C86A-F564-4A61-A9C0-7C69466E710C}: NameServer = 200.165.132.155 200.149.55.142

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

--

End of file - 8803 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Boa noite Diego,

    Primeiramente muito obrigado pela atenção, realmente nescessito de ajuda sim.

    Segui as instruções contidas no tópico enviado, seguem os logs referentes ao gmer e ao rsit.

    Log gmer:

    GMER 1.0.14.14536 - http://www.gmer.net

    Rootkit scan 2008-11-24 20:12:16

    Windows 5.1.2600 Service Pack 3

    ---- User code sections - GMER 1.0.14 ----

    .text C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe[1952] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [ C2, 04, 00, 00 ]

    ---- Devices - GMER 1.0.14 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

    AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

    AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

    AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

    AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

    ---- EOF - GMER 1.0.14 ----

    Log RSIT:

    info.txt logfile of random's system information tool 1.04 2008-11-24 20:13:03

    ======Uninstall list======

    -->C:\Arquivos de programas\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

    -->C:\WINDOWS\UNRecode.exe /UNINSTALL

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {98003BDC-1B68-4970-B28E-ACC8000D2F3E}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

    7-Zip 4.57-->"C:\Arquivos de programas\7-Zip\Uninstall.exe"

    ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}

    Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe

    Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}

    Adobe After Effects CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe

    Adobe After Effects CS3-->MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094}

    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

    Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}

    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

    Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

    Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

    Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}

    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

    Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}

    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

    Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}

    Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}

    Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}

    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

    Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}

    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

    Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}

    Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

    Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

    Adobe Photoshop CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe

    Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}

    Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

    Adobe Premiere Pro CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe

    Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

    Adobe Reader 9 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A90000000001}

    Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350}

    Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}

    Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}

    Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}

    Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

    Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}

    Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}

    Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

    Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}

    Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}

    AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

    ArcSoft WebCam Companion-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{BCCC3103-466C-41FA-A162-79E0CC7E9337}\Setup.exe" -l0x416

    Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe

    Atualização de Segurança para o Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

    Atualização de Segurança para o Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

    Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

    Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

    Atualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

    Atualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

    BR-->MsiExec.exe /I{C57CD366-C6BE-45B5-B5C6-0424E506F1D0}

    Call of Duty® 4 - Modern Warfare-->C:\Arquivos de programas\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409

    CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}

    Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}

    Dlink DSB-C120 -->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D96B7C48-673B-4CB1-90C3-F06511EB3284} /l2070

    ESET Smart Security-->MsiExec.exe /I{55FFA15B-4B16-4E17-AD8B-95EC3C793DE3}

    Extensão do Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{88902514-B65F-4093-AF94-8DA7B41DCCD8}

    F1 Challenge 99-02-->C:\Arquivos de programas\EA SPORTS\F1 Challenge 99-02\EAUninstall.exe

    FaxTools-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x416 ControlPanel

    FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}

    FormatFactory-->MsiExec.exe /X{5E94AE2E-0845-42F9-B202-85F3811E808B}

    HijackThis 2.0.2-->"C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe" /uninstall

    Hotfix para o Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

    Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

    K-Lite Mega Codec Pack 1.37-->"C:\Arquivos de programas\K-Lite Codec Pack\unins000.exe"

    L&H Power Translator Pro 7.0-->C:\WINDOWS\ISUN0416.EXE -f"C:\Arquivos de programas\LHSP\L&H Power Translator Pro\Uninst.isu" -c"C:\Arquivos de programas\LHSP\L&H Power Translator Pro\Uninstall.dll"

    Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series

    Menus Inteligentes (Windows Live Toolbar)-->MsiExec.exe /X{9D57C4FB-39C1-4EC3-9386-845FD08453D5}

    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe

    Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}

    Microsoft Office Enterprise 2007-->"C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

    Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}

    Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}

    Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}

    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}

    Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}

    Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}

    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

    Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

    Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}

    Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}

    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}

    Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}

    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

    Microsoft Windows Theme Ontario-->MsiExec.exe /X{9757283E-3FCA-4F3D-9257-928859318E55}

    Mozilla Firefox (3.0.4)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe

    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

    Need for Speed™ Most Wanted-->C:\Arquivos de programas\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe

    Nero 8-->MsiExec.exe /X{B944FA21-81AF-4A77-8328-CE4F4CC51046}

    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

    NILE THEME-->MsiExec.exe /X{B19C841C-D60A-462F-AB86-4FDD51A77FA3}

    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

    Paquete de idioma de Microsoft .NET Framework 2.0 - ESN-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ESN\install.exe

    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

    PokerStars-->"C:\Arquivos de programas\PokerStars\PokerStarsUninstall.exe" /u:PokerStars

    PowerDVD-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

    PowerISO-->"C:\Arquivos de programas\PowerISO\uninstall.exe"

    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

    Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}

    Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}

    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

    Sony Noise Reduction Plug-In 2.0e-->MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}

    Sony Sound Forge 9.0-->MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}

    SWAT 4-->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall

    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

    Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}

    Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}

    VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}

    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

    Visualizador do Marcador (Windows Live Toolbar)-->MsiExec.exe /X{E0A086ED-969F-469A-86B1-AE90BCC8F3BC}

    Win AVI HelixSDK-->"C:\Arquivos de programas\WinAVI Video Converter\HelixSDK\unins000.exe"

    WinAVI Video Converter-->"C:\Arquivos de programas\WinAVI Video Converter\unins000.exe"

    Windows Live Favorites para Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

    Windows Live installer-->MsiExec.exe /X{3A417047-2E30-4D05-8977-F706D40BFF39}

    Windows Live Messenger-->MsiExec.exe /X{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}

    Windows Live Toolbar-->"C:\Arquivos de programas\Windows Live Toolbar\UnInstall.exe" {6FEE62BC-67E3-4083-BEE2-3C33A487F85C}

    Windows Live Toolbar-->MsiExec.exe /X{6FEE62BC-67E3-4083-BEE2-3C33A487F85C}

    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

    Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

    ======Security center information======

    AV: ESET Smart Security 3.0

    FW: Firewall pessoal do ESET

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe

    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

    "windir"=%SystemRoot%

    "FP_NO_HOST_CHECK"=NO

    "OS"=Windows_NT

    "PROCESSOR_ARCHITECTURE"=x86

    "PROCESSOR_LEVEL"=15

    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

    "PROCESSOR_REVISION"=0c00

    "NUMBER_OF_PROCESSORS"=1

    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

    "TEMP"=%SystemRoot%\TEMP

    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------

    Novamente agradeço a atenção!

    Aguardo resposta

    Ps: Desculpe qualquer erro na utilização do forum, visto que essa é a primeira vez que eu o utilizo.

    Até breve! :)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro felipe_zig

    Primeiramente muito obrigado pela atenção, realmente nescessito de ajuda sim.
    :joia:

    Está faltando um log: log.txt, o mesmo se encontra na pasta c:\rsit

    Por favor, copie e cole todo seu conteúdo aqui!

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Desculpe pelo erro!

    O log da pasta rsit:

    Logfile of random's system information tool 1.04 (written by random/random)

    Run by Felipe at 2008-11-24 20:12:59

    Microsoft Windows XP Professional Service Pack 3

    System drive C: has 121 GB (51%) free of 238 GB

    Total RAM: 2047 MB (77% free)

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 20:13:01, on 24/11/2008

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.EXE

    C:\Arquivos de programas\Bonjour\mDNSResponder.exe

    C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

    C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

    C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\system32\PnkBstrA.exe

    C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

    C:\WINDOWS\system32\PnkBstrB.exe

    C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\PixArt\PAC207\Monitor.exe

    C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Arquivos de programas\DNA\btdna.exe

    C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

    C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

    C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

    C:\Documents and Settings\Felipe\Desktop\RSIT.exe

    C:\Arquivos de programas\Trend Micro\HijackThis\Felipe.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.alcohol-soft.com/campain.php?campain=22_feb_update120&forwardpage=http://users.alcohol-soft.com/en/login.php?problem=no_session_id

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

    O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice

    O4 - HKLM\..\Run: [NodLogin] C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Arquivos de programas\DNA\btdna.exe"

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

    O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

    O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe

    O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    --

    End of file - 8445 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

    Adobe PDF Link Helper - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

    Groove GFS Browser Helper - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

    Windows Live Toolbar Helper - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-31 7561216]

    "nwiz"=nwiz.exe /install []

    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-03-31 86016]

    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-04-01 77824]

    "GrooveMonitor"=C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

    "RemoteControl"=C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [2006-09-18 29696]

    "LanguageShortcut"=C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe [2006-09-29 49152]

    "ISUSPM Startup"=C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]

    "ISUSScheduler"=C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

    "Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    "PWRISOVM.EXE"=C:\Arquivos de programas\PowerISO\PWRISOVM.EXE [2008-06-16 167936]

    "NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

    "NBKeyScan"=C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

    "Adobe_ID0EYTHM"=C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

    "Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

    "Lexmark X1100 Series"=C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

    "egui"=C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]

    "NodLogin"=C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe [2008-08-25 359202]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    "BitTorrent DNA"=C:\Arquivos de programas\DNA\btdna.exe [2008-11-13 342336]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

    "kamsoft"=C:\WINDOWS\system32\kamsoft.exe [2008-11-24 108888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-06 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

    "authentication packages"=msv1_0

    nwprovau

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    "C:\Arquivos de programas\DNA\btdna.exe"="C:\Arquivos de programas\DNA\btdna.exe:*:Enabled:DNA"

    "C:\Arquivos de programas\BitTorrent\bittorrent.exe"="C:\Arquivos de programas\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

    "C:\Arquivos de programas\Skype\Phone\Skype.exe"="C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    ======File associations======

    .js - open - "C:\Arquivos de programas\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

    ======List of files/folders created in the last 1 months======

    2008-11-24 20:12:59 ----D---- C:\rsit

    2008-11-24 20:03:06 ----A---- C:\WINDOWS\gmer.ini

    2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer_uninstall.cmd

    2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer.exe

    2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer.dll

    2008-11-24 19:50:00 ----D---- C:\WINDOWS\LastGood

    2008-11-19 21:17:09 ----D---- C:\Arquivos de programas\Trend Micro

    2008-11-19 01:56:24 ----RSH---- C:\abk.bat

    2008-11-18 23:45:42 ----D---- C:\Arquivos de programas\ESET

    2008-11-18 23:35:24 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\ESET

    2008-11-18 23:31:44 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\ESET

    2008-11-18 22:20:25 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Avg8

    2008-11-17 02:27:28 ----A---- C:\WINDOWS\system32\tmp.txt

    2008-11-17 01:15:07 ----RSH---- C:\WINDOWS\system32\gasretyw1.dll

    2008-11-17 01:13:02 ----RSH---- C:\WINDOWS\system32\kamsoft.exe

    2008-11-17 01:13:02 ----N---- C:\WINDOWS\system32\gasretyw0.dll

    2008-11-14 14:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

    2008-11-14 13:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$

    2008-11-14 13:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

    2008-11-09 11:09:23 ----D---- C:\Arquivos de programas\ABBYY FineReader 5.0 Sprint

    2008-11-09 11:07:18 ----A---- C:\WINDOWS\system32\lxbkvs.dll

    2008-11-09 11:07:18 ----A---- C:\WINDOWS\system32\lxbkpwr.dll

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKIH.EXE

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKCU.DLL

    2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\lxbkcomm.dll

    2008-11-09 11:07:16 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE

    2008-11-09 11:07:16 ----A---- C:\WINDOWS\system32\LEXPPS.EXE

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXPING.EXE

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXBCES.EXE

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXBCE.DLL

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL

    2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\INSTMON.EXE

    2008-11-09 11:07:14 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL

    2008-11-09 11:07:14 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL

    2008-11-09 11:07:05 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL

    2008-11-09 11:07:05 ----A---- C:\WINDOWS\system32\lxbkscin.dll

    2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\LXBKGF.DLL

    2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcoin.ini

    2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcoin.dll

    2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcinf.dll

    2008-11-09 11:07:01 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL

    2008-11-09 11:07:00 ----D---- C:\Arquivos de programas\Lexmark X1100 Series

    2008-11-09 11:06:57 ----A---- C:\WINDOWS\unin0416.exe

    2008-11-03 21:06:44 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Malwarebytes

    2008-11-03 21:06:38 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

    2008-11-02 20:44:44 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Media Player Classic

    2008-11-02 20:14:40 ----D---- C:\Arquivos de programas\Disc2Phone

    2008-11-02 20:11:35 ----D---- C:\WINDOWS\system32\URTTEMP

    2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\muweb.dll

    2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

    2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\mucltui.dll

    2008-11-02 10:58:03 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\skypePM

    2008-11-02 10:15:03 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Skype

    2008-11-02 10:14:21 ----D---- C:\Arquivos de programas\Skype

    2008-11-02 10:14:21 ----D---- C:\Arquivos de programas\Arquivos comuns\Skype

    2008-11-02 10:14:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Skype

    2008-11-02 09:58:21 ----D---- C:\Arquivos de programas\Windows Live Favorites

    2008-11-02 09:58:20 ----D---- C:\Arquivos de programas\Windows Live Toolbar

    2008-11-02 09:57:41 ----DC---- C:\WINDOWS\system32\DRVSTORE

    2008-11-02 09:43:01 ----SHDC---- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

    2008-11-02 09:42:38 ----D---- C:\Arquivos de programas\Windows Live

    2008-11-02 09:42:31 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

    2008-11-01 06:24:46 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Publish Providers

    2008-11-01 06:24:33 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Sony

    2008-11-01 06:20:30 ----D---- C:\Arquivos de programas\Vstplugins

    2008-11-01 06:20:21 ----D---- C:\Arquivos de programas\Sony

    2008-11-01 06:19:25 ----D---- C:\Arquivos de programas\Sony Setup

    2008-11-01 06:06:02 ----D---- C:\Arquivos de programas\FormatFactory

    2008-10-31 19:33:20 ----A---- C:\WINDOWS\system32\MRT.exe

    2008-10-31 18:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

    2008-10-31 18:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

    2008-10-31 18:15:08 ----D---- C:\Arquivos de programas\MSXML 4.0

    2008-10-31 18:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$

    2008-10-31 14:40:30 ----RSD---- C:\WINDOWS\assembly

    2008-10-31 14:40:06 ----D---- C:\WINDOWS\Microsoft.NET

    2008-10-31 14:27:50 ----D---- C:\Arquivos de programas\Atari

    2008-10-31 03:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

    2008-10-31 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

    2008-10-31 03:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

    2008-10-31 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

    2008-10-31 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

    2008-10-31 03:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

    2008-10-31 03:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

    2008-10-31 03:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

    2008-10-31 03:01:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

    2008-10-31 03:01:12 ----D---- C:\WINDOWS\ie7updates

    2008-10-31 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

    2008-10-31 03:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

    2008-10-31 03:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

    2008-10-31 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

    2008-10-31 03:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

    2008-10-31 03:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

    2008-10-31 03:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

    2008-10-31 03:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

    2008-10-30 03:00:25 ----D---- C:\WINDOWS\system32\PreInstall

    2008-10-30 03:00:25 ----A---- C:\WINDOWS\system32\spupdsvc.exe

    2008-10-30 03:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

    2008-10-29 21:13:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\nView_Profiles

    2008-10-29 21:07:27 ----D---- C:\Arquivos de programas\EA SPORTS

    2008-10-29 19:57:32 ----D---- C:\Arquivos de programas\PokerStars

    2008-10-29 19:31:03 ----D---- C:\WINDOWS\system32\SoftwareDistribution

    2008-10-29 19:18:19 ----D---- C:\Arquivos de programas\EA GAMES

    2008-10-28 16:02:25 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\CyberLink

    2008-10-28 15:53:48 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Thinstall

    2008-10-28 15:52:39 ----D---- C:\WINDOWS\system32\appmgmt

    2008-10-28 15:37:50 ----A---- C:\WINDOWS\NeroDigital.ini

    2008-10-28 15:18:58 ----D---- C:\Arquivos de programas\ABBYY FineReader 6.0

    2008-10-28 15:17:57 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

    2008-10-28 15:17:57 ----D---- C:\Arquivos de programas\FaxTools

    2008-10-28 15:15:02 ----A---- C:\WINDOWS\lexstat.ini

    2008-10-28 15:14:16 ----A---- C:\WINDOWS\system32\wiafbdrv.dll

    2008-10-28 12:58:40 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\ArcSoft

    2008-10-28 12:58:05 ----D---- C:\WINDOWS\PixArt

    2008-10-28 12:58:05 ----A---- C:\WINDOWS\system32\vfwwdm32.dll

    2008-10-28 12:55:47 ----D---- C:\WINDOWS\RegisteredPackages

    2008-10-28 12:55:35 ----A---- C:\WINDOWS\system32\psisdecd.dll

    2008-10-28 12:55:33 ----A---- C:\WINDOWS\system32\dxdllreg.exe

    2008-10-28 12:54:13 ----A---- C:\WINDOWS\system32\gdiplus.dll

    2008-10-28 12:53:52 ----D---- C:\Arquivos de programas\Arquivos comuns\ArcSoft

    2008-10-28 12:53:50 ----D---- C:\Arquivos de programas\ArcSoft

    2008-10-28 12:53:50 ----A---- C:\WINDOWS\PCDLIB32.DLL

    2008-10-28 12:53:15 ----D---- C:\WINDOWS\PAC207

    2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PXIINST64207

    2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PXIINST207

    2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PAC207

    2008-10-28 12:53:14 ----D---- C:\Arquivos de programas\Dlink DSB-C120

    2008-10-28 12:53:04 ----D---- C:\WINDOWS\Downloaded Installations

    2008-10-28 11:19:08 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet

    2008-10-28 11:13:35 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\ALM

    2008-10-28 11:04:58 ----D---- C:\Arquivos de programas\QuickTime

    2008-10-28 11:04:12 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe

    2008-10-28 11:04:12 ----A---- C:\WINDOWS\system32\NPSWF32.dll

    2008-10-28 10:28:01 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Nero

    2008-10-28 10:27:46 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

    2008-10-28 10:02:45 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

    2008-10-28 10:02:45 ----D---- C:\Arquivos de programas\Nero

    2008-10-28 10:02:45 ----D---- C:\Arquivos de programas\Arquivos comuns\Nero

    2008-10-28 09:45:41 ----HD---- C:\WINDOWS\PIF

    2008-10-28 09:44:03 ----D---- C:\Arquivos de programas\WinAVI Video Converter

    2008-10-28 08:56:03 ----A---- C:\WINDOWS\ntbtlog.txt

    2008-10-28 08:24:20 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\WinRAR

    2008-10-28 08:24:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

    2008-10-28 07:59:14 ----D---- C:\Arquivos de programas\GameVicio

    2008-10-28 07:48:22 ----D---- C:\Arquivos de programas\Sierra

    2008-10-28 07:42:53 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla

    2008-10-27 19:12:34 ----SHD---- C:\RECYCLER

    2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

    2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll

    2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

    2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

    2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll

    2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

    2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

    2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

    2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

    2008-10-27 19:11:42 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

    2008-10-27 19:11:42 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xinput1_2.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

    2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xinput1_1.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

    2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

    2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

    2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

    2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

    2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

    2008-10-27 19:11:38 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

    2008-10-27 19:11:12 ----D---- C:\WINDOWS\system32\DirectX

    2008-10-27 19:10:03 ----D---- C:\WINDOWS\system32\LogFiles

    2008-10-27 19:10:03 ----A---- C:\WINDOWS\system32\PnkBstrB.exe

    2008-10-27 19:10:03 ----A---- C:\WINDOWS\system32\PnkBstrA.exe

    2008-10-27 19:10:02 ----A---- C:\WINDOWS\game.ini

    2008-10-27 18:39:55 ----D---- C:\Arquivos de programas\Activision

    2008-10-27 18:37:45 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Macromedia

    2008-10-27 18:37:43 ----SHD---- C:\WINDOWS\ftpcache

    2008-10-27 18:28:21 ----D---- C:\Arquivos de programas\PowerISO

    2008-10-27 18:22:54 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\BitTorrent

    2008-10-27 18:22:33 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\DNA

    2008-10-27 18:22:33 ----D---- C:\Arquivos de programas\DNA

    2008-10-27 18:22:33 ----D---- C:\Arquivos de programas\BitTorrent

    2008-10-27 18:20:03 ----D---- C:\Arquivos de programas\7-Zip

    2008-10-27 18:17:52 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\InstallShield

    2008-10-27 18:16:35 ----D---- C:\Arquivos de programas\Corel

    2008-10-27 18:16:35 ----D---- C:\Arquivos de programas\Arquivos comuns\Corel

    2008-10-27 18:14:49 ----D---- C:\WINDOWS\system32\QuickTime

    2008-10-27 18:14:49 ----A---- C:\WINDOWS\system32\qtmlClient.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\vp7vfw.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\vp31vfw.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\rmoc3260.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pndx5032.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pndx5016.dll

    2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pncrt.dll

    2008-10-27 18:14:45 ----A---- C:\WINDOWS\system32\vp6vfw.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir50_qcx.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir50_qc.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir41_qcx.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir41_qc.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

    2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\3ivx.dll

    2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\xvidvfw.dll

    2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\xvidcore.dll

    2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\unrar.dll

    2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

    2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

    2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\unicows.dll

    2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\msvcr70.dll

    2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\divx.dll

    2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\cpuinf32.dll

    2008-10-27 18:14:40 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Real

    2008-10-27 18:14:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Real

    2008-10-27 18:14:40 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

    2008-10-27 18:13:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink

    2008-10-27 18:12:37 ----N---- C:\WINDOWS\system32\msxml3a.dll

    2008-10-27 18:12:13 ----N---- C:\WINDOWS\system32\msvcr71.dll

    2008-10-27 18:12:13 ----N---- C:\WINDOWS\system32\msvcp71.dll

    2008-10-27 18:12:13 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

    2008-10-27 18:12:12 ----D---- C:\Arquivos de programas\CyberLink

    2008-10-27 18:11:52 ----A---- C:\WINDOWS\system32\msonpmon.dll

    2008-10-27 18:11:09 ----D---- C:\Arquivos de programas\Microsoft Works

    2008-10-27 18:11:04 ----D---- C:\Arquivos de programas\MSBuild

    2008-10-27 18:10:48 ----D---- C:\Arquivos de programas\Microsoft Visual Studio

    2008-10-27 18:10:48 ----D---- C:\Arquivos de programas\Arquivos comuns\DESIGNER

    2008-10-27 18:08:23 ----D---- C:\WINDOWS\SHELLNEW

    2008-10-27 18:08:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

    2008-10-27 18:08:01 ----D---- C:\Arquivos de programas\Microsoft Office

    2008-10-27 18:07:50 ----RHD---- C:\MSOCache

    2008-10-27 18:04:11 ----D---- C:\Arquivos de programas\LHSP

    2008-10-27 18:03:56 ----A---- C:\WINDOWS\IsUn0416.exe

    2008-10-27 18:02:41 ----D---- C:\Arquivos de programas\Mozilla Firefox

    2008-10-27 18:02:28 ----RA---- C:\WINDOWS\system32\RTLCPAPI.dll

    2008-10-27 18:02:26 ----RA---- C:\WINDOWS\system32\RTLCPL.EXE

    2008-10-27 18:02:23 ----RA---- C:\WINDOWS\SOUNDMAN.EXE

    2008-10-27 18:02:23 ----A---- C:\WINDOWS\system32\ksuser.dll

    2008-10-27 17:59:15 ----D---- C:\Program Files

    2008-10-27 17:58:57 ----A---- C:\WINDOWS\system32\BASSMOD.dll

    2008-10-27 17:56:54 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

    2008-10-27 17:56:26 ----D---- C:\Arquivos de programas\Bonjour

    2008-10-27 17:56:13 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Adobe

    2008-10-27 17:50:40 ----D---- C:\Arquivos de programas\Adobe

    2008-10-27 17:50:10 ----D---- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared

    2008-10-27 17:49:30 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

    2008-10-27 17:42:23 ----D---- C:\WINDOWS\nview

    2008-10-27 17:42:22 ----A---- C:\WINDOWS\system32\nvudisp.exe

    2008-10-27 17:42:13 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

    2008-10-27 17:42:03 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

    2008-10-27 17:38:17 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Identities

    2008-10-27 17:38:16 ----HD---- C:\Arquivos de programas\Uninstall Information

    2008-10-27 17:38:11 ----SD---- C:\Documents and Settings\Felipe\Dados de aplicativos\Microsoft

    2008-10-27 17:38:11 ----ASH---- C:\Documents and Settings\Felipe\Dados de aplicativos\desktop.ini

    2008-10-27 17:37:20 ----D---- C:\WINDOWS\SoftwareDistribution

    2008-10-27 17:37:19 ----SD---- C:\WINDOWS\system32\Microsoft

    2008-10-27 17:37:19 ----A---- C:\WINDOWS\SchedLgU.Txt

    2008-10-27 17:34:48 ----N---- C:\WINDOWS\system32\spmsg.dll

    2008-10-27 17:34:47 ----HD---- C:\WINDOWS\$hf_mig$

    2008-10-27 17:34:44 ----D---- C:\Arquivos de programas\WinRAR

    2008-10-27 17:34:36 ----A---- C:\WINDOWS\control.ini

    2008-10-27 17:34:29 ----A---- C:\WINDOWS\OEWABLog.txt

    2008-10-27 17:34:27 ----A---- C:\WINDOWS\system32\mapi32.dll

    2008-10-27 17:34:26 ----D---- C:\WINDOWS\system32\dllcache

    2008-10-27 17:33:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

    2008-10-27 17:33:50 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

    2008-10-27 17:33:46 ----HD---- C:\Arquivos de programas\WindowsUpdate

    2008-10-27 17:33:45 ----D---- C:\Arquivos de programas\Serviços on-line

    2008-10-27 17:33:38 ----A---- C:\WINDOWS\system32\atrace.dll

    2008-10-27 17:33:37 ----A---- C:\WINDOWS\system32\desktop.ini

    2008-10-27 17:33:37 ----A---- C:\WINDOWS\desktop.ini

    2008-10-27 17:33:33 ----A---- C:\WINDOWS\system32\acctres.dll

    2008-10-27 17:33:32 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

    2008-10-27 17:33:29 ----SD---- C:\WINDOWS\Tasks

    2008-10-27 17:33:29 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

    2008-10-27 17:33:29 ----A---- C:\WINDOWS\system32\icfgnt5.dll

    2008-10-27 17:33:26 ----D---- C:\WINDOWS\system32\Macromed

    2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuweb.dll

    2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wucltui.dll

    2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuauserv.dll

    2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll

    2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuaueng.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wups.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuauclt.exe

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuapi.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\qmgr.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll

    2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll

    2008-10-27 17:33:19 ----D---- C:\Arquivos de programas\Movie Maker

    2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrslv.dll

    2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrdm.dll

    2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrcdlg.dll

    2008-10-27 17:33:02 ----A---- C:\WINDOWS\system32\racpldlg.dll

    2008-10-27 17:32:59 ----A---- C:\WINDOWS\system32\fltMc.exe

    2008-10-27 17:32:59 ----A---- C:\WINDOWS\system32\fltlib.dll

    2008-10-27 17:32:58 ----D---- C:\WINDOWS\system32\Restore

    2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srsvc.dll

    2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srrstr.dll

    2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srclient.dll

    2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\msoert2.dll

    2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\msoeacct.dll

    2008-10-27 17:32:57 ----A---- C:\WINDOWS\system32\inetres.dll

    2008-10-27 17:32:57 ----A---- C:\WINDOWS\system32\inetcomm.dll

    2008-10-27 17:32:55 ----D---- C:\Arquivos de programas\Outlook Express

    2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\schedsvc.dll

    2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\mstinit.exe

    2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\mstask.dll

    2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\isign32.dll

    2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\inetcfg.dll

    2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\icwphbk.dll

    2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\icwdial.dll

    2008-10-27 17:32:49 ----D---- C:\Arquivos de programas\Arquivos comuns\System

    2008-10-27 17:32:49 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

    2008-10-27 17:32:46 ----D---- C:\Arquivos de programas\Internet Explorer

    2008-10-27 17:32:41 ----D---- C:\Arquivos de programas\ComPlus Applications

    2008-10-27 17:32:41 ----A---- C:\WINDOWS\vbaddin.ini

    2008-10-27 17:32:41 ----A---- C:\WINDOWS\vb.ini

    2008-10-27 17:32:40 ----D---- C:\WINDOWS\Registration

    2008-10-27 17:32:16 ----D---- C:\Arquivos de programas\Windows Media Connect 2

    2008-10-27 17:32:15 ----D---- C:\Arquivos de programas\Windows Media Player

    2008-10-27 17:32:15 ----A---- C:\WINDOWS\system32\write.exe

    2008-10-27 17:32:09 ----A---- C:\WINDOWS\system32\sndvol32.exe

    2008-10-27 17:32:09 ----A---- C:\WINDOWS\system32\hticons.dll

    2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\winchat.exe

    2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avwav.dll

    2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avtapi.dll

    2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avmeter.dll

    2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\getuname.dll

    2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\charmap.exe

    2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\calc.exe

    2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\winmine.exe

    2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\sol.exe

    2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\mshearts.exe

    2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\freecell.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\usrlogon.cmd

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tsshutdn.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tslabels.ini

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tskill.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tsdiscon.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tscon.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\shadow.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\rwinsta.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\reset.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\regini.exe

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

    2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\qwinsta.exe

    2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\qappsrv.exe

    2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\msg.exe

    2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\msdtcprf.ini

    2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\logoff.exe

    2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\cdmodem.dll

    2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc

    2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\mplay32.exe

    2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\accwiz.exe

    2008-10-27 17:31:52 ----D---- C:\Arquivos de programas\Windows NT

    2008-10-27 17:31:52 ----A---- C:\WINDOWS\system32\mspaint.exe

    2008-10-27 17:31:52 ----A---- C:\WINDOWS\system32\hypertrm.dll

    2008-10-27 17:31:51 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

    2008-10-27 17:31:51 ----A---- C:\WINDOWS\system32\spider.exe

    2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\tsgqec.dll

    2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\rhttpaa.dll

    2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\mstscax.dll

    2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\aaclient.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\termsrv.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\sessmgr.exe

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\remotepg.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdshost.exe

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdsaddin.exe

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpwsx.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpsnd.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpclip.exe

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdchost.dll

    2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\mstsc.exe

    2008-10-27 17:31:48 ----D---- C:\WINDOWS\system32\MsDtc

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\qprocess.exe

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\mtxoci.dll

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\msdtcprx.dll

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\icaapi.dll

    2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\cfgbkend.dll

    2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\xolehlp.dll

    2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtctm.dll

    2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtclog.dll

    2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtc.exe

    2008-10-27 17:31:46 ----D---- C:\WINDOWS\system32\Com

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\stclient.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxlegih.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxex.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxdm.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\comrepl.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\comaddin.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\colbact.dll

    2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\catsrvps.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comuid.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comsvcs.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comsnap.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\clbcatex.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\catsrvut.dll

    2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\catsrv.dll

    2008-10-27 17:31:44 ----A---- C:\WINDOWS\system32\clbcatq.dll

    2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\servdeps.dll

    2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\mmfutil.dll

    2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\licwmi.dll

    2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\cmprops.dll

    2008-10-27 15:31:18 ----A---- C:\WINDOWS\system32\h323log.txt

    2008-10-27 15:29:34 ----A---- C:\WINDOWS\system32\usbui.dll

    2008-10-27 15:29:04 ----SHD---- C:\WINDOWS\Installer

    2008-10-27 15:29:04 ----RD---- C:\Arquivos de programas

    2008-10-27 15:29:04 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

    2008-10-27 15:29:04 ----D---- C:\Arquivos de programas\Arquivos comuns

    2008-10-27 15:29:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

    2008-10-27 15:29:04 ----A---- C:\WINDOWS\ODBCINST.INI

    2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\spxcoins.dll

    2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\irclass.dll

    2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\dgsetup.dll

    2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

    2008-10-27 15:28:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll

    2008-10-27 15:28:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP

    2008-10-27 15:28:53 ----A---- C:\WINDOWS\TASKMAN.EXE

    2008-10-27 15:28:52 ----A---- C:\WINDOWS\system32\storprop.dll

    2008-10-27 15:28:52 ----A---- C:\WINDOWS\system32\batt.dll

    2008-10-27 15:28:52 ----A---- C:\WINDOWS\NOTEPAD.EXE

    2008-10-27 15:28:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

    2008-10-27 15:28:43 ----RA---- C:\WINDOWS\SET4.tmp

    2008-10-27 15:28:42 ----RA---- C:\WINDOWS\SET3.tmp

    2008-10-27 15:28:38 ----D---- C:\WINDOWS\system32\CatRoot2

    2008-10-27 15:28:38 ----D---- C:\WINDOWS\system32\CatRoot

    2008-10-27 15:28:33 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

    2008-10-27 15:28:18 ----A---- C:\WINDOWS\setuplog.txt

    2008-10-27 15:27:54 ----D---- C:\Documents and Settings

    2008-10-27 15:27:53 ----SHD---- C:\System Volume Information

    2008-10-27 15:26:55 ----SH---- C:\boot.ini

    2008-10-27 15:24:51 ----SD---- C:\WINDOWS\Downloaded Program Files

    2008-10-27 15:24:51 ----RSD---- C:\WINDOWS\Fonts

    2008-10-27 15:24:51 ----RD---- C:\WINDOWS\Web

    2008-10-27 15:24:51 ----HD---- C:\WINDOWS\inf

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\WinSxS

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\WBEM

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\twain_32

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Temp

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\wins

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\wbem

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\usmt

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\spool

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ShellExt

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\Setup

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ras

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\pt-BR

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\oobe

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\mui

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\IME

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\icsxml

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ias

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\export

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\drivers

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\dhcp

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\config

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\3com_dmi

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\3076

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\2052

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1054

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1046

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1042

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1041

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1037

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1033

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1031

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1028

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1025

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\system

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\security

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Resources

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\repair

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Provisioning

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\PeerNet

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\pchealth

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Offline Web Pages

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Network Diagnostic

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\mui

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\msapps

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\msagent

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Media

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\L2Schemas

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\java

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\ime

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Help

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Driver Cache

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Debug

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Cursors

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Connection Wizard

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\Config

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\AppPatch

    2008-10-27 15:24:51 ----D---- C:\WINDOWS\addins

    2008-10-27 15:24:51 ----D---- C:\WINDOWS

    2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP3299.tmp

    2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP31ae.tmp

    2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP319f.tmp

    2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP22ba.tmp

    ======List of files/folders modified in the last 1 months======

    2008-11-03 16:22:46 ----A---- C:\WINDOWS\win.ini

    2008-10-28 15:44:54 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]

    R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]

    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-06-12 56108]

    R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]

    R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]

    R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-08-18 71688]

    R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Protocolo de transporte compatível; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]

    R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]

    R2 NwlnkSpx;Protocolo NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]

    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]

    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-04-01 2314560]

    R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]

    R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-31 3650144]

    R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]

    R3 PAC207;Dlink DSB-C120; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-11-20 506112]

    R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-05-06 12288]

    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]

    R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]

    R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]

    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-24 85969]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]

    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]

    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]

    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]

    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]

    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]

    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-06 77568]

    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-06 82944]

    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Serviço auxiliar IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Arquivos de programas\Bonjour\mDNSResponder.exe [2006-02-28 229376]

    R2 ekrn;Eset Service; C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]

    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]

    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]

    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-31 143436]

    R2 NWCWorkstation;Serviço de cliente para NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-27 66872]

    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-10-27 103736]

    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]

    R3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]

    S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

    S3 EhttpSrv;Eset HTTP Server; C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]

    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-27 654848]

    S3 IDriverT;InstallDriver Table Manager; C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]

    S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

    S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

    S3 WLSetupSvc;Windows Live Setup Service; C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------

    Obrigado!

    Abraços:)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro felipe_zig

    Bem vindo à Remoção de Malware

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-la novamente.

    Atente para o seguinte, por favor:

    1) Estarei acompanhado os procedimentos de análise de seu log, retornarei tão logo que seja possível!;

    2) Não tome nenhum procedimento até começarmos;

    3) O que será passado aqui somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;

    4) Caso tenha outro computador abra um novo tópico com seu respectivo log;

    5) Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;

    6) Sempre coloque suas respostas neste tópico... Não abra outro!

    Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro felipe_zig

    Bem vindo à Remoção de Malware

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-la novamente.

    Atente para o seguinte, por favor:

    1) Estarei acompanhado os procedimentos de análise de seu log, retornarei tão logo que seja possível!;

    2) Não tome nenhum procedimento até começarmos;

    3) O que será passado aqui somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;

    4) Caso tenha outro computador abra um novo tópico com seu respectivo log;

    5) Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;

    6) Sempre coloque suas respostas neste tópico... Não abra outro!

    Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro felipe_zig

    Leia as instruções contidas neste link:

    Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

    1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

    [*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

    • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
    • Clique em "OK" ao EULA.
    • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

    [*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

    NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

    NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

    • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
    • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
    • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    De acordo com as regras deste fórum, tópicos inativos são arquivados, isto é, fechados e movidos para um fórum de "tópicos arquivados". Caso o autor do tópico necessite poderá entrar em contato com a moderação solicitando a reabertura deste tópico.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×