Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
felipe_zig

Como excluir "autorun.inf" ? (log hijackthis)

Recommended Posts

Boa noite, depois de ter lido a respeito, cheguei a conclusão de que a desinfecção do "autorun.inf" é muito particular de caso para caso. Esse virus tido pelo NOD 32 como trojan contaminou minha maquina através de um pendrive, já tentei remove-lo de várias maneiras, porém todas tentativas foram frustradas. No momento o NOD 32 localiza e indentifica o "autorun.inf" mandando este para quarentena, mas em segundos é criado outro arquivo no lugar. Vale ressaltar que tenho dois hds: C (primary) e G (slayer) e o problema se apresenta em ambos.

Gostaria de saber se alguem teria uma solução para meu problema.

Abaixo segue log do hijackthis.

Agradeço desde já!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:23:52, on 19/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe

C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\DNA\btdna.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.alcohol-soft.com/campain.php?campain=22_feb_update120&forwardpage=http://users.alcohol-soft.com/en/login.php?problem=no_session_id

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [NodLogin] C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Arquivos de programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{EEF9C86A-F564-4A61-A9C0-7C69466E710C}: NameServer = 200.165.132.155 200.149.55.142

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

--

End of file - 8803 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Diego,

Primeiramente muito obrigado pela atenção, realmente nescessito de ajuda sim.

Segui as instruções contidas no tópico enviado, seguem os logs referentes ao gmer e ao rsit.

Log gmer:

GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2008-11-24 20:12:16

Windows 5.1.2600 Service Pack 3

---- User code sections - GMER 1.0.14 ----

.text C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe[1952] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [ C2, 04, 00, 00 ]

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

---- EOF - GMER 1.0.14 ----

Log RSIT:

info.txt logfile of random's system information tool 1.04 2008-11-24 20:13:03

======Uninstall list======

-->C:\Arquivos de programas\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {98003BDC-1B68-4970-B28E-ACC8000D2F3E}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8}

7-Zip 4.57-->"C:\Arquivos de programas\7-Zip\Uninstall.exe"

ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}

Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe

Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}

Adobe After Effects CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe

Adobe After Effects CS3-->MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}

Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}

Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe

Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}

Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

Adobe Premiere Pro CS3-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe

Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

Adobe Reader 9 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A90000000001}

Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350}

Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}

Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}

Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}

Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}

Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}

Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}

Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}

AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

ArcSoft WebCam Companion-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{BCCC3103-466C-41FA-A162-79E0CC7E9337}\Setup.exe" -l0x416

Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe

Atualização de Segurança para o Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Atualização de Segurança para o Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

BR-->MsiExec.exe /I{C57CD366-C6BE-45B5-B5C6-0424E506F1D0}

Call of Duty® 4 - Modern Warfare-->C:\Arquivos de programas\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409

CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}

Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}

Dlink DSB-C120 -->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D96B7C48-673B-4CB1-90C3-F06511EB3284} /l2070

ESET Smart Security-->MsiExec.exe /I{55FFA15B-4B16-4E17-AD8B-95EC3C793DE3}

Extensão do Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{88902514-B65F-4093-AF94-8DA7B41DCCD8}

F1 Challenge 99-02-->C:\Arquivos de programas\EA SPORTS\F1 Challenge 99-02\EAUninstall.exe

FaxTools-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x416 ControlPanel

FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}

FormatFactory-->MsiExec.exe /X{5E94AE2E-0845-42F9-B202-85F3811E808B}

HijackThis 2.0.2-->"C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix para o Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

K-Lite Mega Codec Pack 1.37-->"C:\Arquivos de programas\K-Lite Codec Pack\unins000.exe"

L&H Power Translator Pro 7.0-->C:\WINDOWS\ISUN0416.EXE -f"C:\Arquivos de programas\LHSP\L&H Power Translator Pro\Uninst.isu" -c"C:\Arquivos de programas\LHSP\L&H Power Translator Pro\Uninstall.dll"

Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series

Menus Inteligentes (Windows Live Toolbar)-->MsiExec.exe /X{9D57C4FB-39C1-4EC3-9386-845FD08453D5}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe

Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}

Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Windows Theme Ontario-->MsiExec.exe /X{9757283E-3FCA-4F3D-9257-928859318E55}

Mozilla Firefox (3.0.4)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Need for Speed™ Most Wanted-->C:\Arquivos de programas\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe

Nero 8-->MsiExec.exe /X{B944FA21-81AF-4A77-8328-CE4F4CC51046}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NILE THEME-->MsiExec.exe /X{B19C841C-D60A-462F-AB86-4FDD51A77FA3}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Paquete de idioma de Microsoft .NET Framework 2.0 - ESN-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ESN\install.exe

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PokerStars-->"C:\Arquivos de programas\PokerStars\PokerStarsUninstall.exe" /u:PokerStars

PowerDVD-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

PowerISO-->"C:\Arquivos de programas\PowerISO\uninstall.exe"

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}

Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}

Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Sony Noise Reduction Plug-In 2.0e-->MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}

Sony Sound Forge 9.0-->MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}

SWAT 4-->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}

Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}

VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}

VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

Visualizador do Marcador (Windows Live Toolbar)-->MsiExec.exe /X{E0A086ED-969F-469A-86B1-AE90BCC8F3BC}

Win AVI HelixSDK-->"C:\Arquivos de programas\WinAVI Video Converter\HelixSDK\unins000.exe"

WinAVI Video Converter-->"C:\Arquivos de programas\WinAVI Video Converter\unins000.exe"

Windows Live Favorites para Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

Windows Live installer-->MsiExec.exe /X{3A417047-2E30-4D05-8977-F706D40BFF39}

Windows Live Messenger-->MsiExec.exe /X{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}

Windows Live Toolbar-->"C:\Arquivos de programas\Windows Live Toolbar\UnInstall.exe" {6FEE62BC-67E3-4083-BEE2-3C33A487F85C}

Windows Live Toolbar-->MsiExec.exe /X{6FEE62BC-67E3-4083-BEE2-3C33A487F85C}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

======Security center information======

AV: ESET Smart Security 3.0

FW: Firewall pessoal do ESET

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=0c00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Novamente agradeço a atenção!

Aguardo resposta

Ps: Desculpe qualquer erro na utilização do forum, visto que essa é a primeira vez que eu o utilizo.

Até breve! :)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro felipe_zig

Primeiramente muito obrigado pela atenção, realmente nescessito de ajuda sim.
:joia:

Está faltando um log: log.txt, o mesmo se encontra na pasta c:\rsit

Por favor, copie e cole todo seu conteúdo aqui!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe pelo erro!

O log da pasta rsit:

Logfile of random's system information tool 1.04 (written by random/random)

Run by Felipe at 2008-11-24 20:12:59

Microsoft Windows XP Professional Service Pack 3

System drive C: has 121 GB (51%) free of 238 GB

Total RAM: 2047 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:13:01, on 24/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\DNA\btdna.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Documents and Settings\Felipe\Desktop\RSIT.exe

C:\Arquivos de programas\Trend Micro\HijackThis\Felipe.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.alcohol-soft.com/campain.php?campain=22_feb_update120&forwardpage=http://users.alcohol-soft.com/en/login.php?problem=no_session_id

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [NodLogin] C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Arquivos de programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

--

End of file - 8445 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-31 7561216]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-03-31 86016]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-04-01 77824]

"GrooveMonitor"=C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

"RemoteControl"=C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [2006-09-18 29696]

"LanguageShortcut"=C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe [2006-09-29 49152]

"ISUSPM Startup"=C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]

"ISUSScheduler"=C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"PWRISOVM.EXE"=C:\Arquivos de programas\PowerISO\PWRISOVM.EXE [2008-06-16 167936]

"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

"NBKeyScan"=C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

"Adobe_ID0EYTHM"=C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

"Lexmark X1100 Series"=C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

"egui"=C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]

"NodLogin"=C:\Arquivos de programas\ESET\ESET Smart Security\nodlogin.exe [2008-08-25 359202]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"BitTorrent DNA"=C:\Arquivos de programas\DNA\btdna.exe [2008-11-13 342336]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

"kamsoft"=C:\WINDOWS\system32\kamsoft.exe [2008-11-24 108888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\DNA\btdna.exe"="C:\Arquivos de programas\DNA\btdna.exe:*:Enabled:DNA"

"C:\Arquivos de programas\BitTorrent\bittorrent.exe"="C:\Arquivos de programas\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"C:\Arquivos de programas\Skype\Phone\Skype.exe"="C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - open - "C:\Arquivos de programas\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2008-11-24 20:12:59 ----D---- C:\rsit

2008-11-24 20:03:06 ----A---- C:\WINDOWS\gmer.ini

2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer.exe

2008-11-24 20:03:05 ----A---- C:\WINDOWS\gmer.dll

2008-11-24 19:50:00 ----D---- C:\WINDOWS\LastGood

2008-11-19 21:17:09 ----D---- C:\Arquivos de programas\Trend Micro

2008-11-19 01:56:24 ----RSH---- C:\abk.bat

2008-11-18 23:45:42 ----D---- C:\Arquivos de programas\ESET

2008-11-18 23:35:24 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\ESET

2008-11-18 23:31:44 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\ESET

2008-11-18 22:20:25 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Avg8

2008-11-17 02:27:28 ----A---- C:\WINDOWS\system32\tmp.txt

2008-11-17 01:15:07 ----RSH---- C:\WINDOWS\system32\gasretyw1.dll

2008-11-17 01:13:02 ----RSH---- C:\WINDOWS\system32\kamsoft.exe

2008-11-17 01:13:02 ----N---- C:\WINDOWS\system32\gasretyw0.dll

2008-11-14 14:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-11-14 13:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$

2008-11-14 13:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-11-09 11:09:23 ----D---- C:\Arquivos de programas\ABBYY FineReader 5.0 Sprint

2008-11-09 11:07:18 ----A---- C:\WINDOWS\system32\lxbkvs.dll

2008-11-09 11:07:18 ----A---- C:\WINDOWS\system32\lxbkpwr.dll

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKIH.EXE

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\LXBKCU.DLL

2008-11-09 11:07:17 ----A---- C:\WINDOWS\system32\lxbkcomm.dll

2008-11-09 11:07:16 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE

2008-11-09 11:07:16 ----A---- C:\WINDOWS\system32\LEXPPS.EXE

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXPING.EXE

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXBCES.EXE

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEXBCE.DLL

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL

2008-11-09 11:07:15 ----A---- C:\WINDOWS\system32\INSTMON.EXE

2008-11-09 11:07:14 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL

2008-11-09 11:07:14 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL

2008-11-09 11:07:05 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL

2008-11-09 11:07:05 ----A---- C:\WINDOWS\system32\lxbkscin.dll

2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\LXBKGF.DLL

2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcoin.ini

2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcoin.dll

2008-11-09 11:07:04 ----A---- C:\WINDOWS\system32\lxbkcinf.dll

2008-11-09 11:07:01 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL

2008-11-09 11:07:00 ----D---- C:\Arquivos de programas\Lexmark X1100 Series

2008-11-09 11:06:57 ----A---- C:\WINDOWS\unin0416.exe

2008-11-03 21:06:44 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Malwarebytes

2008-11-03 21:06:38 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

2008-11-02 20:44:44 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Media Player Classic

2008-11-02 20:14:40 ----D---- C:\Arquivos de programas\Disc2Phone

2008-11-02 20:11:35 ----D---- C:\WINDOWS\system32\URTTEMP

2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\muweb.dll

2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-11-02 11:24:29 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-11-02 10:58:03 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\skypePM

2008-11-02 10:15:03 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Skype

2008-11-02 10:14:21 ----D---- C:\Arquivos de programas\Skype

2008-11-02 10:14:21 ----D---- C:\Arquivos de programas\Arquivos comuns\Skype

2008-11-02 10:14:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Skype

2008-11-02 09:58:21 ----D---- C:\Arquivos de programas\Windows Live Favorites

2008-11-02 09:58:20 ----D---- C:\Arquivos de programas\Windows Live Toolbar

2008-11-02 09:57:41 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-11-02 09:43:01 ----SHDC---- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

2008-11-02 09:42:38 ----D---- C:\Arquivos de programas\Windows Live

2008-11-02 09:42:31 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

2008-11-01 06:24:46 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Publish Providers

2008-11-01 06:24:33 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Sony

2008-11-01 06:20:30 ----D---- C:\Arquivos de programas\Vstplugins

2008-11-01 06:20:21 ----D---- C:\Arquivos de programas\Sony

2008-11-01 06:19:25 ----D---- C:\Arquivos de programas\Sony Setup

2008-11-01 06:06:02 ----D---- C:\Arquivos de programas\FormatFactory

2008-10-31 19:33:20 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-31 18:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-31 18:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

2008-10-31 18:15:08 ----D---- C:\Arquivos de programas\MSXML 4.0

2008-10-31 18:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$

2008-10-31 14:40:30 ----RSD---- C:\WINDOWS\assembly

2008-10-31 14:40:06 ----D---- C:\WINDOWS\Microsoft.NET

2008-10-31 14:27:50 ----D---- C:\Arquivos de programas\Atari

2008-10-31 03:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-10-31 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-10-31 03:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-31 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-31 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-31 03:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-10-31 03:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-10-31 03:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-10-31 03:01:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-31 03:01:12 ----D---- C:\WINDOWS\ie7updates

2008-10-31 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-10-31 03:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-10-31 03:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-10-31 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-10-31 03:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-10-31 03:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-10-31 03:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-10-31 03:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2008-10-30 03:00:25 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-30 03:00:25 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-30 03:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-10-29 21:13:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\nView_Profiles

2008-10-29 21:07:27 ----D---- C:\Arquivos de programas\EA SPORTS

2008-10-29 19:57:32 ----D---- C:\Arquivos de programas\PokerStars

2008-10-29 19:31:03 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-29 19:18:19 ----D---- C:\Arquivos de programas\EA GAMES

2008-10-28 16:02:25 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\CyberLink

2008-10-28 15:53:48 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Thinstall

2008-10-28 15:52:39 ----D---- C:\WINDOWS\system32\appmgmt

2008-10-28 15:37:50 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-28 15:18:58 ----D---- C:\Arquivos de programas\ABBYY FineReader 6.0

2008-10-28 15:17:57 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

2008-10-28 15:17:57 ----D---- C:\Arquivos de programas\FaxTools

2008-10-28 15:15:02 ----A---- C:\WINDOWS\lexstat.ini

2008-10-28 15:14:16 ----A---- C:\WINDOWS\system32\wiafbdrv.dll

2008-10-28 12:58:40 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\ArcSoft

2008-10-28 12:58:05 ----D---- C:\WINDOWS\PixArt

2008-10-28 12:58:05 ----A---- C:\WINDOWS\system32\vfwwdm32.dll

2008-10-28 12:55:47 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-28 12:55:35 ----A---- C:\WINDOWS\system32\psisdecd.dll

2008-10-28 12:55:33 ----A---- C:\WINDOWS\system32\dxdllreg.exe

2008-10-28 12:54:13 ----A---- C:\WINDOWS\system32\gdiplus.dll

2008-10-28 12:53:52 ----D---- C:\Arquivos de programas\Arquivos comuns\ArcSoft

2008-10-28 12:53:50 ----D---- C:\Arquivos de programas\ArcSoft

2008-10-28 12:53:50 ----A---- C:\WINDOWS\PCDLIB32.DLL

2008-10-28 12:53:15 ----D---- C:\WINDOWS\PAC207

2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PXIINST64207

2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PXIINST207

2008-10-28 12:53:15 ----D---- C:\Arquivos de programas\Arquivos comuns\PAC207

2008-10-28 12:53:14 ----D---- C:\Arquivos de programas\Dlink DSB-C120

2008-10-28 12:53:04 ----D---- C:\WINDOWS\Downloaded Installations

2008-10-28 11:19:08 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet

2008-10-28 11:13:35 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\ALM

2008-10-28 11:04:58 ----D---- C:\Arquivos de programas\QuickTime

2008-10-28 11:04:12 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe

2008-10-28 11:04:12 ----A---- C:\WINDOWS\system32\NPSWF32.dll

2008-10-28 10:28:01 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Nero

2008-10-28 10:27:46 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-10-28 10:02:45 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-10-28 10:02:45 ----D---- C:\Arquivos de programas\Nero

2008-10-28 10:02:45 ----D---- C:\Arquivos de programas\Arquivos comuns\Nero

2008-10-28 09:45:41 ----HD---- C:\WINDOWS\PIF

2008-10-28 09:44:03 ----D---- C:\Arquivos de programas\WinAVI Video Converter

2008-10-28 08:56:03 ----A---- C:\WINDOWS\ntbtlog.txt

2008-10-28 08:24:20 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\WinRAR

2008-10-28 08:24:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

2008-10-28 07:59:14 ----D---- C:\Arquivos de programas\GameVicio

2008-10-28 07:48:22 ----D---- C:\Arquivos de programas\Sierra

2008-10-28 07:42:53 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla

2008-10-27 19:12:34 ----SHD---- C:\RECYCLER

2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll

2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

2008-10-27 19:11:44 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll

2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

2008-10-27 19:11:43 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

2008-10-27 19:11:42 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

2008-10-27 19:11:42 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xinput1_2.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2008-10-27 19:11:41 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xinput1_1.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

2008-10-27 19:11:40 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

2008-10-27 19:11:39 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

2008-10-27 19:11:38 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

2008-10-27 19:11:12 ----D---- C:\WINDOWS\system32\DirectX

2008-10-27 19:10:03 ----D---- C:\WINDOWS\system32\LogFiles

2008-10-27 19:10:03 ----A---- C:\WINDOWS\system32\PnkBstrB.exe

2008-10-27 19:10:03 ----A---- C:\WINDOWS\system32\PnkBstrA.exe

2008-10-27 19:10:02 ----A---- C:\WINDOWS\game.ini

2008-10-27 18:39:55 ----D---- C:\Arquivos de programas\Activision

2008-10-27 18:37:45 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Macromedia

2008-10-27 18:37:43 ----SHD---- C:\WINDOWS\ftpcache

2008-10-27 18:28:21 ----D---- C:\Arquivos de programas\PowerISO

2008-10-27 18:22:54 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\BitTorrent

2008-10-27 18:22:33 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\DNA

2008-10-27 18:22:33 ----D---- C:\Arquivos de programas\DNA

2008-10-27 18:22:33 ----D---- C:\Arquivos de programas\BitTorrent

2008-10-27 18:20:03 ----D---- C:\Arquivos de programas\7-Zip

2008-10-27 18:17:52 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\InstallShield

2008-10-27 18:16:35 ----D---- C:\Arquivos de programas\Corel

2008-10-27 18:16:35 ----D---- C:\Arquivos de programas\Arquivos comuns\Corel

2008-10-27 18:14:49 ----D---- C:\WINDOWS\system32\QuickTime

2008-10-27 18:14:49 ----A---- C:\WINDOWS\system32\qtmlClient.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\vp7vfw.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\vp31vfw.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-10-27 18:14:46 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-10-27 18:14:45 ----A---- C:\WINDOWS\system32\vp6vfw.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir50_qcx.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir50_qc.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir41_qcx.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\Ir41_qc.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-10-27 18:14:43 ----A---- C:\WINDOWS\system32\3ivx.dll

2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\unrar.dll

2008-10-27 18:14:42 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\msvcr70.dll

2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-27 18:14:41 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-10-27 18:14:40 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Real

2008-10-27 18:14:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Real

2008-10-27 18:14:40 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-10-27 18:13:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink

2008-10-27 18:12:37 ----N---- C:\WINDOWS\system32\msxml3a.dll

2008-10-27 18:12:13 ----N---- C:\WINDOWS\system32\msvcr71.dll

2008-10-27 18:12:13 ----N---- C:\WINDOWS\system32\msvcp71.dll

2008-10-27 18:12:13 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-10-27 18:12:12 ----D---- C:\Arquivos de programas\CyberLink

2008-10-27 18:11:52 ----A---- C:\WINDOWS\system32\msonpmon.dll

2008-10-27 18:11:09 ----D---- C:\Arquivos de programas\Microsoft Works

2008-10-27 18:11:04 ----D---- C:\Arquivos de programas\MSBuild

2008-10-27 18:10:48 ----D---- C:\Arquivos de programas\Microsoft Visual Studio

2008-10-27 18:10:48 ----D---- C:\Arquivos de programas\Arquivos comuns\DESIGNER

2008-10-27 18:08:23 ----D---- C:\WINDOWS\SHELLNEW

2008-10-27 18:08:01 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-10-27 18:08:01 ----D---- C:\Arquivos de programas\Microsoft Office

2008-10-27 18:07:50 ----RHD---- C:\MSOCache

2008-10-27 18:04:11 ----D---- C:\Arquivos de programas\LHSP

2008-10-27 18:03:56 ----A---- C:\WINDOWS\IsUn0416.exe

2008-10-27 18:02:41 ----D---- C:\Arquivos de programas\Mozilla Firefox

2008-10-27 18:02:28 ----RA---- C:\WINDOWS\system32\RTLCPAPI.dll

2008-10-27 18:02:26 ----RA---- C:\WINDOWS\system32\RTLCPL.EXE

2008-10-27 18:02:23 ----RA---- C:\WINDOWS\SOUNDMAN.EXE

2008-10-27 18:02:23 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-27 17:59:15 ----D---- C:\Program Files

2008-10-27 17:58:57 ----A---- C:\WINDOWS\system32\BASSMOD.dll

2008-10-27 17:56:54 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-10-27 17:56:26 ----D---- C:\Arquivos de programas\Bonjour

2008-10-27 17:56:13 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Adobe

2008-10-27 17:50:40 ----D---- C:\Arquivos de programas\Adobe

2008-10-27 17:50:10 ----D---- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared

2008-10-27 17:49:30 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-27 17:42:23 ----D---- C:\WINDOWS\nview

2008-10-27 17:42:22 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-10-27 17:42:13 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-10-27 17:42:03 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-10-27 17:38:17 ----D---- C:\Documents and Settings\Felipe\Dados de aplicativos\Identities

2008-10-27 17:38:16 ----HD---- C:\Arquivos de programas\Uninstall Information

2008-10-27 17:38:11 ----SD---- C:\Documents and Settings\Felipe\Dados de aplicativos\Microsoft

2008-10-27 17:38:11 ----ASH---- C:\Documents and Settings\Felipe\Dados de aplicativos\desktop.ini

2008-10-27 17:37:20 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-27 17:37:19 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-27 17:37:19 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-27 17:34:48 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-27 17:34:47 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-27 17:34:44 ----D---- C:\Arquivos de programas\WinRAR

2008-10-27 17:34:36 ----A---- C:\WINDOWS\control.ini

2008-10-27 17:34:29 ----A---- C:\WINDOWS\OEWABLog.txt

2008-10-27 17:34:27 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-10-27 17:34:26 ----D---- C:\WINDOWS\system32\dllcache

2008-10-27 17:33:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-27 17:33:50 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-27 17:33:46 ----HD---- C:\Arquivos de programas\WindowsUpdate

2008-10-27 17:33:45 ----D---- C:\Arquivos de programas\Serviços on-line

2008-10-27 17:33:38 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-27 17:33:37 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-27 17:33:37 ----A---- C:\WINDOWS\desktop.ini

2008-10-27 17:33:33 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-27 17:33:32 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2008-10-27 17:33:29 ----SD---- C:\WINDOWS\Tasks

2008-10-27 17:33:29 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2008-10-27 17:33:29 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-27 17:33:26 ----D---- C:\WINDOWS\system32\Macromed

2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-27 17:33:24 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-27 17:33:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-27 17:33:19 ----D---- C:\Arquivos de programas\Movie Maker

2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-27 17:33:03 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-27 17:33:02 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-27 17:32:59 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-27 17:32:59 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-27 17:32:58 ----D---- C:\WINDOWS\system32\Restore

2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-27 17:32:58 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-27 17:32:57 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-27 17:32:57 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-27 17:32:55 ----D---- C:\Arquivos de programas\Outlook Express

2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-27 17:32:55 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-27 17:32:54 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-27 17:32:49 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-10-27 17:32:49 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-10-27 17:32:46 ----D---- C:\Arquivos de programas\Internet Explorer

2008-10-27 17:32:41 ----D---- C:\Arquivos de programas\ComPlus Applications

2008-10-27 17:32:41 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-27 17:32:41 ----A---- C:\WINDOWS\vb.ini

2008-10-27 17:32:40 ----D---- C:\WINDOWS\Registration

2008-10-27 17:32:16 ----D---- C:\Arquivos de programas\Windows Media Connect 2

2008-10-27 17:32:15 ----D---- C:\Arquivos de programas\Windows Media Player

2008-10-27 17:32:15 ----A---- C:\WINDOWS\system32\write.exe

2008-10-27 17:32:09 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-27 17:32:09 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-27 17:32:08 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-27 17:32:02 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-27 17:32:01 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-27 17:32:00 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-27 17:31:59 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-27 17:31:53 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-27 17:31:52 ----D---- C:\Arquivos de programas\Windows NT

2008-10-27 17:31:52 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-27 17:31:52 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-27 17:31:51 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-27 17:31:51 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-27 17:31:50 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-27 17:31:49 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-27 17:31:48 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-27 17:31:48 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-27 17:31:47 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-27 17:31:46 ----D---- C:\WINDOWS\system32\Com

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-27 17:31:46 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-27 17:31:45 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-27 17:31:44 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-27 17:31:38 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-10-27 15:31:18 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-27 15:29:34 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-27 15:29:04 ----SHD---- C:\WINDOWS\Installer

2008-10-27 15:29:04 ----RD---- C:\Arquivos de programas

2008-10-27 15:29:04 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2008-10-27 15:29:04 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-10-27 15:29:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-27 15:29:04 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-27 15:28:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-27 15:28:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-27 15:28:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-27 15:28:53 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-27 15:28:52 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-27 15:28:52 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-27 15:28:52 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-27 15:28:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-10-27 15:28:43 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-27 15:28:42 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-27 15:28:38 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-27 15:28:38 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-27 15:28:33 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2008-10-27 15:28:18 ----A---- C:\WINDOWS\setuplog.txt

2008-10-27 15:27:54 ----D---- C:\Documents and Settings

2008-10-27 15:27:53 ----SHD---- C:\System Volume Information

2008-10-27 15:26:55 ----SH---- C:\boot.ini

2008-10-27 15:24:51 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-27 15:24:51 ----RSD---- C:\WINDOWS\Fonts

2008-10-27 15:24:51 ----RD---- C:\WINDOWS\Web

2008-10-27 15:24:51 ----HD---- C:\WINDOWS\inf

2008-10-27 15:24:51 ----D---- C:\WINDOWS\WinSxS

2008-10-27 15:24:51 ----D---- C:\WINDOWS\WBEM

2008-10-27 15:24:51 ----D---- C:\WINDOWS\twain_32

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Temp

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\wins

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\wbem

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\usmt

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\spool

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\Setup

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ras

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\pt-BR

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\oobe

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\mui

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\IME

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\icsxml

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\ias

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\export

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\drivers

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\dhcp

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\config

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\3076

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\2052

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1054

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1046

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1042

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1041

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1037

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1033

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1031

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1028

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32\1025

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system32

2008-10-27 15:24:51 ----D---- C:\WINDOWS\system

2008-10-27 15:24:51 ----D---- C:\WINDOWS\security

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Resources

2008-10-27 15:24:51 ----D---- C:\WINDOWS\repair

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Provisioning

2008-10-27 15:24:51 ----D---- C:\WINDOWS\PeerNet

2008-10-27 15:24:51 ----D---- C:\WINDOWS\pchealth

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Offline Web Pages

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-27 15:24:51 ----D---- C:\WINDOWS\mui

2008-10-27 15:24:51 ----D---- C:\WINDOWS\msapps

2008-10-27 15:24:51 ----D---- C:\WINDOWS\msagent

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Media

2008-10-27 15:24:51 ----D---- C:\WINDOWS\L2Schemas

2008-10-27 15:24:51 ----D---- C:\WINDOWS\java

2008-10-27 15:24:51 ----D---- C:\WINDOWS\ime

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Help

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Driver Cache

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Debug

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Cursors

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Connection Wizard

2008-10-27 15:24:51 ----D---- C:\WINDOWS\Config

2008-10-27 15:24:51 ----D---- C:\WINDOWS\AppPatch

2008-10-27 15:24:51 ----D---- C:\WINDOWS\addins

2008-10-27 15:24:51 ----D---- C:\WINDOWS

2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP3299.tmp

2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP31ae.tmp

2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP319f.tmp

2008-10-27 15:24:51 ----A---- C:\WINDOWS\DUMP22ba.tmp

======List of files/folders modified in the last 1 months======

2008-11-03 16:22:46 ----A---- C:\WINDOWS\win.ini

2008-10-28 15:44:54 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]

R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]

R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-06-12 56108]

R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]

R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]

R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-08-18 71688]

R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Protocolo de transporte compatível; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]

R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]

R2 NwlnkSpx;Protocolo NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-04-01 2314560]

R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]

R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-31 3650144]

R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]

R3 PAC207;Dlink DSB-C120; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-11-20 506112]

R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-05-06 12288]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]

R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-24 85969]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-06 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-06 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Serviço auxiliar IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Arquivos de programas\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 ekrn;Eset Service; C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]

R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-31 143436]

R2 NWCWorkstation;Serviço de cliente para NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-27 66872]

R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-10-27 103736]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]

R3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]

S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 EhttpSrv;Eset HTTP Server; C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-27 654848]

S3 IDriverT;InstallDriver Table Manager; C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]

S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Obrigado!

Abraços:)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro felipe_zig

Bem vindo à Remoção de Malware

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-la novamente.

Atente para o seguinte, por favor:

1) Estarei acompanhado os procedimentos de análise de seu log, retornarei tão logo que seja possível!;

2) Não tome nenhum procedimento até começarmos;

3) O que será passado aqui somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;

4) Caso tenha outro computador abra um novo tópico com seu respectivo log;

5) Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;

6) Sempre coloque suas respostas neste tópico... Não abra outro!

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro felipe_zig

Bem vindo à Remoção de Malware

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-la novamente.

Atente para o seguinte, por favor:

1) Estarei acompanhado os procedimentos de análise de seu log, retornarei tão logo que seja possível!;

2) Não tome nenhum procedimento até começarmos;

3) O que será passado aqui somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;

4) Caso tenha outro computador abra um novo tópico com seu respectivo log;

5) Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;

6) Sempre coloque suas respostas neste tópico... Não abra outro!

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro felipe_zig

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

De acordo com as regras deste fórum, tópicos inativos são arquivados, isto é, fechados e movidos para um fórum de "tópicos arquivados". Caso o autor do tópico necessite poderá entrar em contato com a moderação solicitando a reabertura deste tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×