Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
Lylyjah

Remoção de Malware

Recommended Posts

Avast bloqueado.

Log gmer:

[GMER]

Version=1.0.14

[AVScanner]

1=http://www.mks.com.pl/skaner/skaner.html

2=http://arcaonline.arcabit.com/skaner.html

3=http://www.kaspersky.pl/resources/virusscanner/kavwebscan.html

4=http://www.kaspersky.com/downloads/kws/kavwebscan.html

Log rsit:

Logfile of random's system information tool 1.04 (written by random/random)

Run by Administrador at 2008-11-25 18:06:57

Microsoft Windows XP Professional Service Pack 2

System drive C: has 11 GB (28%) free of 38 GB

Total RAM: 1023 MB (64% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\ARQUIV~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

SearchSettings Class - C:\Arquivos de programas\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Barra de Ferramentas do Yahoo! - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe [2004-03-25 856072]

"CorelDRAW Graphics Suite 11b"=C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe [2003-11-25 729088]

"Cmaudio"=RunDll32 cmicnfg.cpl []

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-01-29 16859648]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

"nwiz"=nwiz.exe /install []

"avast!"=C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]

C:\Arquivos de programas\Arquivos comuns\Adobe\Updater\AdobeUpdater.exe [2005-03-16 970752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]

C:\Arquivos de programas\BitComet\BitComet.exe /tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Arquivos de programas\Messenger\msmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\WINDOWS\system32\NvCpl.dll [2007-05-10 8429568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

C:\WINDOWS\system32\NvMcTray.dll [2007-05-10 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]

C:\Arquivos de programas\Intel\NCS\PROSet\PRONoMgr.exe [2003-03-11 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

C:\Arquivos de programas\Search Settings\SearchSettings.exe [2008-06-12 991584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

C:\Arquivos de programas\Winamp\winampa.exe [2008-08-03 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YMailAdvisor]

C:\Arquivos de programas\Yahoo!\Common\YMailAdvisor.exe [2008-06-05 125208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]

C:\Arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe [2008-07-11 223984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^Adobe Gamma.lnk]

C:\ARQUIV~1\ARQUIV~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]

C:\ARQUIV~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^AutoCAD Startup Accelerator.lnk]

C:\ARQUIV~1\ARQUIV~1\AUTODE~1\ACSTAR~1.EXE [2005-03-05 10872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]

C:\ARQUIV~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ocmanage32]

ocmanage32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\ARQUIV~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoSharedDocuments"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ForceClassicControlPanel"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Arquivos de programas\Windows Live\Messenger\livecall.exe"="C:\Arquivos de programas\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE"="C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE"="C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe"="C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"

"C:\Arquivos de programas\BitComet\BitComet.exe"="C:\Arquivos de programas\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"

"C:\Arquivos de programas\Winamp Remote\bin\Orb.exe"="C:\Arquivos de programas\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"

"C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe"="C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"

"C:\Arquivos de programas\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Arquivos de programas\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Arquivos de programas\Windows Live\Messenger\livecall.exe"="C:\Arquivos de programas\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1916d25a-5cc7-11dd-a80f-000feadcf5dd}]

shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7258692a-9243-11dd-a85e-000feadcf5dd}]

shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c0a9156-9d4b-11dd-a86e-000feadcf5dd}]

shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0384cfc-9ebe-11dd-a870-000feadcf5dd}]

shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc7c0a36-b49d-11dd-a88d-001d92e88e5a}]

shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe

shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 months======

2008-11-25 18:06:57 ----D---- C:\rsit

2008-11-25 18:06:57 ----D---- C:\Arquivos de programas\trend micro

2008-11-25 17:56:59 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-25 17:56:56 ----A---- C:\WINDOWS\gmer.exe

2008-11-25 17:46:04 ----A---- C:\WINDOWS\system32\ban_list.txt

2008-11-25 17:27:00 ----D---- C:\Arquivos de programas\CCleaner

2008-11-24 12:13:47 ----A---- C:\WINDOWS\system32\aswBoot.exe

2008-11-24 12:06:01 ----A---- C:\WINDOWS\system32\act_log.txt

2008-11-24 12:00:56 ----HD---- C:\Documents and Settings\Administrador\Dados de aplicativos\m

2008-11-24 11:59:59 ----D---- C:\Arquivos de programas\Avast 4.8.1290

2008-11-24 11:46:13 ----D---- C:\WINDOWS\Minidump

2008-11-24 11:46:02 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-15 17:59:43 ----A---- C:\WINDOWS\IE4 Error Log.txt

2008-11-12 00:20:54 ----A---- C:\Arquivos de programas\proxyi.exe

2008-11-11 23:36:49 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Publish Providers

2008-11-11 23:02:20 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Sony

2008-11-11 23:01:32 ----D---- C:\Arquivos de programas\Vstplugins

2008-11-11 23:01:00 ----D---- C:\Arquivos de programas\Sony

2008-11-11 21:53:23 ----D---- C:\WINDOWS\RegisteredPackages

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\vxblock.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxwave.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxsfs.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxmas.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxdrv.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\pxafs.dll

2008-11-11 21:48:58 ----N---- C:\WINDOWS\system32\px.dll

2008-11-11 21:48:53 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Winamp

2008-11-11 21:48:53 ----D---- C:\Arquivos de programas\Winamp

2008-11-11 21:48:37 ----A---- C:\Arquivos de programas\winamp5541_full_emusic-7plus_en-us.exe

2008-11-11 20:13:22 ----A---- C:\WINDOWS\system32\cygz.dll

2008-11-11 20:13:22 ----A---- C:\WINDOWS\system32\cygxml2-2.dll

2008-11-11 20:13:22 ----A---- C:\WINDOWS\system32\cygwin1.dll

2008-11-11 20:13:22 ----A---- C:\WINDOWS\system32\cygiconv-2.dll

2008-11-11 16:48:04 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-11-11 16:48:04 ----D---- C:\Arquivos de programas\Nero

2008-11-11 16:48:04 ----D---- C:\Arquivos de programas\Arquivos comuns\Ahead

2008-11-11 16:22:07 ----A---- C:\Arquivos de programas\OPSetup20166.exe

2008-11-07 17:10:00 ----D---- C:\Downloads

2008-11-07 13:52:11 ----RHD---- C:\Documents and Settings\All Users\Dados de aplicativos\yahoo!

2008-11-07 13:51:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Yahoo! Companion

2008-11-07 13:51:59 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Yahoo!

2008-11-07 13:49:08 ----D---- C:\Arquivos de programas\Yahoo!

2008-11-03 16:35:42 ----D---- C:\WINDOWS\Sun

2008-11-03 16:35:41 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Sun

2008-11-03 07:58:28 ----A---- C:\WINDOWS\cbuninstall.exe

2008-11-03 07:58:05 ----D---- C:\Chatterbox

2008-11-02 19:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-11-02 19:13:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-11-02 19:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-11-02 19:13:20 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-11-02 19:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-11-01 21:03:04 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-11-01 21:02:44 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

2008-11-01 21:01:52 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-11-01 21:01:52 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-11-01 21:01:52 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-11-01 21:01:52 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-11-01 21:01:49 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2008-11-01 21:01:48 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-11-01 21:01:48 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-11-01 21:01:48 ----A---- C:\WINDOWS\system32\qt-dx331.dll

2008-11-01 21:01:48 ----A---- C:\WINDOWS\system32\dpl100.dll

2008-11-01 21:01:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2008-11-01 21:01:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2008-11-01 21:01:39 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Real

2008-11-01 21:01:39 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-11-01 20:58:30 ----D---- C:\Arquivos de programas\Alwil Software

2008-11-01 20:57:01 ----D---- C:\WINDOWS\system32\Lang

2008-11-01 20:54:11 ----D---- C:\WINDOWS\nview

2008-11-01 20:54:11 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-11-01 20:52:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-11-01 20:49:47 ----D---- C:\WINDOWS\system32\RTCOM

2008-11-01 20:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$

2008-11-01 20:48:44 ----R---- C:\WINDOWS\SkyTel.exe

2008-11-01 20:48:43 ----R---- C:\WINDOWS\RtlUpd.exe

2008-11-01 20:48:40 ----R---- C:\WINDOWS\RTLCPL.exe

2008-11-01 20:48:31 ----R---- C:\WINDOWS\RTHDCPL.exe

2008-11-01 20:48:31 ----R---- C:\WINDOWS\MicCal.exe

2008-11-01 20:48:26 ----R---- C:\WINDOWS\Alcmtr.exe

2008-11-01 20:48:25 ----R---- C:\WINDOWS\alcwzrd.exe

2008-11-01 20:48:24 ----D---- C:\Arquivos de programas\Realtek

2008-11-01 20:48:14 ----A---- C:\WINDOWS\HideWin.exe

2008-11-01 20:48:13 ----R---- C:\WINDOWS\RtlExUpd.dll

2008-11-01 20:43:27 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-11-01 18:18:39 ----D---- C:\WINDOWS\Prefetch

2008-11-01 17:23:47 ----RAC---- C:\WINDOWS\system32\OLD2C7.tmp

2008-11-01 17:23:20 ----D---- C:\WINDOWS\system32\xircom

2008-11-01 17:23:20 ----D---- C:\Arquivos de programas\xerox

2008-11-01 17:23:20 ----D---- C:\Arquivos de programas\microsoft frontpage

2008-11-01 17:22:02 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-11-01 17:19:25 ----D---- C:\Arquivos de programas\Messenger

2008-11-01 17:12:21 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-11-01 17:12:21 ----A---- C:\WINDOWS\system32\irclass.dll

2008-11-01 17:12:02 ----RA---- C:\WINDOWS\SET4C.tmp

2008-11-01 17:11:56 ----RA---- C:\WINDOWS\SET40.tmp

2008-11-01 17:11:54 ----RA---- C:\WINDOWS\SET3D.tmp

2008-11-01 14:00:44 ----D---- C:\WINDOWS\system32\oobe

======List of files/folders modified in the last 1 months======

2008-11-25 18:06:57 ----RD---- C:\Arquivos de programas

2008-11-25 18:05:58 ----HD---- C:\WINDOWS\system32\drivers

2008-11-25 18:05:56 ----D---- C:\WINDOWS

2008-11-25 17:46:19 ----D---- C:\WINDOWS\system32

2008-11-25 17:41:08 ----D---- C:\WINDOWS\Temp

2008-11-25 17:37:22 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Adobe

2008-11-25 17:33:32 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-11-25 17:32:22 ----SHD---- C:\WINDOWS\Installer

2008-11-25 17:32:22 ----HD---- C:\Config.Msi

2008-11-25 17:32:20 ----AC---- C:\WINDOWS\OEWABLog.txt

2008-11-25 17:31:52 ----D---- C:\Documents and Settings

2008-11-25 17:28:38 ----D---- C:\Arquivos de programas\Google

2008-11-25 17:24:02 ----D---- C:\Arquivos de programas\Adobe

2008-11-25 16:17:09 ----SH---- C:\boot.ini

2008-11-25 16:17:09 ----A---- C:\WINDOWS\win.ini

2008-11-25 16:17:09 ----A---- C:\WINDOWS\system.ini

2008-11-22 20:45:09 ----A---- C:\WINDOWS\NeroDigital.ini

2008-11-20 12:33:54 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\Image Zone Express

2008-11-17 19:36:08 ----D---- C:\WINDOWS\system32\CatRoot2

2008-11-17 08:49:02 ----HD---- C:\WINDOWS\inf

2008-11-13 23:36:12 ----D---- C:\Besteiras

2008-11-11 23:00:32 ----D---- C:\WINDOWS\WinSxS

2008-11-11 23:00:32 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-11-11 22:07:29 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Google

2008-11-11 21:54:20 ----RSHDC---- C:\WINDOWS\system32\DllCache

2008-11-11 21:54:15 ----D---- C:\Arquivos de programas\Windows Media Player

2008-11-11 18:57:10 ----SD---- C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft

2008-11-11 16:48:04 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-11-03 08:26:18 ----D---- C:\WINDOWS\system32\CatRoot

2008-11-03 08:00:40 ----HD---- C:\WINDOWS\$hf_mig$

2008-11-03 07:48:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-11-02 19:13:34 ----A---- C:\WINDOWS\imsins.BAK

2008-11-02 19:03:11 ----D---- C:\WINDOWS\SoftwareDistribution

2008-11-02 19:03:10 ----D---- C:\WINDOWS\Help

2008-11-01 22:27:02 ----D---- C:\Arquivos de programas\WinRAR

2008-11-01 20:48:22 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-11-01 20:45:17 ----D---- C:\WINDOWS\security

2008-11-01 18:49:23 ----D---- C:\WINDOWS\Registration

2008-11-01 18:40:31 ----AC---- C:\WINDOWS\setuplog.txt

2008-11-01 18:19:28 ----SHD---- C:\System Volume Information

2008-11-01 18:19:28 ----D---- C:\WINDOWS\system32\Restore

2008-11-01 18:18:02 ----D---- C:\WINDOWS\system32\config

2008-11-01 17:23:20 ----D---- C:\WINDOWS\system32\wbem

2008-11-01 17:23:20 ----D---- C:\WINDOWS\ime

2008-11-01 17:22:52 ----AC---- C:\WINDOWS\ODBCINST.INI

2008-11-01 17:22:33 ----D---- C:\WINDOWS\system32\ias

2008-11-01 17:22:05 ----RD---- C:\WINDOWS\Web

2008-11-01 17:21:55 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-11-01 17:21:03 ----D---- C:\Arquivos de programas\Outlook Express

2008-11-01 17:21:03 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-11-01 17:20:59 ----D---- C:\Arquivos de programas\Internet Explorer

2008-11-01 17:20:12 ----D---- C:\WINDOWS\system32\Com

2008-11-01 17:12:06 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-11-01 14:08:24 ----D---- C:\WINDOWS\system

2008-11-01 14:08:23 ----D---- C:\WINDOWS\system32\Setup

2008-11-01 14:08:13 ----D---- C:\WINDOWS\system32\usmt

2008-11-01 14:08:00 ----D---- C:\WINDOWS\AppPatch

2008-11-01 14:07:59 ----D---- C:\WINDOWS\system32\1046

2008-11-01 14:07:58 ----D---- C:\WINDOWS\ehome

2008-11-01 14:07:56 ----RSD---- C:\WINDOWS\Fonts

2008-11-01 14:07:55 ----D---- C:\WINDOWS\Media

2008-11-01 14:07:42 ----D---- C:\WINDOWS\PeerNet

2008-11-01 14:07:24 ----D---- C:\WINDOWS\system32\npp

2008-11-01 14:07:16 ----D---- C:\WINDOWS\msagent

2008-11-01 14:03:43 ----D---- C:\WINDOWS\twain_32

2008-11-01 14:02:44 ----D---- C:\WINDOWS\system32\icsxml

2008-11-01 14:01:58 ----D---- C:\WINDOWS\system32\1033

2008-11-01 14:00:44 ----D---- C:\WINDOWS\Driver Cache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192]

R1 sK9Ou0s;sK9Ou0s; \??\C:\WINDOWS\system32\drivers\srosa2.sys []

R1 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-30 4725760]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-05-10 6738432]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]

S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []

S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []

S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-31 3960896]

S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-12-12 784832]

S3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-04 157696]

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []

S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []

S3 hidusb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]

S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2005-08-31 7552]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2005-08-31 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2005-08-31 15104]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]

S4 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []

S4 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []

S4 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []

S4 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-05-10 163908]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]

S2 ocmanage32;Optional Component Manager Library; C:\WINDOWS\system32\ocmanage32.dll []

S3 Adobe LM Service;Adobe LM Service; C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-07-29 72704]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe [2008-07-29 85096]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]

S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]

S3 NetSvc;Intel NCS NetService; C:\Arquivos de programas\Intel\NCS\Sync\NetSvc.exe [2003-03-03 143360]

S3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]

S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 UMWdf;Estrutura de Driver do Modo de Usuário do Windows; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 aswUpdSv;avast! iAVS4 Control Service; C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe [2008-11-25 18752]

S4 avast! Antivirus;avast! Antivirus; C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe [2008-11-25 155160]

S4 avast! Mail Scanner;avast! Mail Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe [2008-11-25 254040]

S4 avast! Web Scanner;avast! Web Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe [2008-11-25 352920]

-----------------EOF-----------------

Obrigada desde já, ;)

Lylyjah

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×