[lodo]

Oi todos.
Meu PC tem vindo a baixar muito significativamente nas últimas quatro semanas ou mais. Ele agora leva quase 15 minutos apenas para re-boot e quando eu estou usando o PC do HDD sons incrivelmente movimentada.
Eu uso o AVG Free Edition, S & D, Ad-Aware & SUPERAntiSpyware bastante regularidade.
Por favor dê uma olhadinha, quando tiver tempo.
Estou anexando os registros necessários para você,

1. Log SUPERAntiSpyware.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
PM Generated 11/04/2008 at 03:20
Aplicação Versão: 4/21/1004
Core Rules Database Version: 3622
Trace Rules Database Version: 1606
Scan type: Complete Scan
Total Scan Time: 01:30:19
Memória itens digitalizados: 339
Memória ameaças detectadas: 0
Secretaria itens digitalizados: 6045
Secretaria ameaças detectadas: 0
Itens do arquivo digitalizado: 58.429
Arquivo ameaças detectadas: 27
Adware.Tracking Cookie
C: \ Documents and Settings \ Marcos \ Cookies \ mark@networksolutions.112.2o 7 [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@avgtechnologies.112.2o7 [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ burstnet [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ ADTECH [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marco @ DoubleClick [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@admse013.adbureau [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ specificclick [2] txt.
C: \ Documents and Settings \ Marcos \ Cookies \ marco @ servindo-sys [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marco @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@haynet.adbureau [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@media.adrevolver [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@ad.yieldmanager [2]. Txt
\ C: \ Documents and Settings Marcos \ Cookies marca \ @ revsci [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marco @ Mediaplex [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ adrevolver [2] txt.
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ adcentriconline [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@media.adrevolver [3]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@uk.sitestat [4]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ advertising [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ apmebf [2] txt.
C: \ Documents and Settings \ Marcos \ Cookies \ mark@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ 2o7 [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@uk.sitestat [3]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ AdECN [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marca @ Tacoda [1]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ marco @ atdmt [2]. Txt
C: \ Documents and Settings \ Marcos \ Cookies \ mark@adopt.euroclick [1]. Txt


2. Malwarebytes 'Anti-Malware log.
Malwarebytes' Anti-Malware 1/30
Database version: 1363
5/1/2600 Windows Service Pack 3
04/11/2008 18:31:42
mbam-log-2008-11-04 (18-31-42). txt
Scan type: Quick Scan
Objetos verificados: 66.723
Tempo decorrido: 13 minute (s), 1 segundo (s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Valores do Registro infectados: 1
Dados de Registro Items Infected: 0
Pastas infectadas: 0
Arquivos infectados: 1
Memory Processes Infected:
(N º itens maliciosos detectados)
Memory Modules Infected:
(N º itens maliciosos detectados)
Registry Keys Infected:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (3ba4271e-5c1e-48e2-B432-d8bf420dd31d) (Rogue.DeusCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ actuais ntVersion \ Ext \ Stats \ (1a26f07f-0d60-4835-91cf-1e1766a0ec56) (Trojan.Agent) -> quarentena e eliminado com sucesso.
Valores do Registro infectados:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ SharedDLLs \ C: \ WINDOWS \ system32 \ _RegTLB. dll (Trojan.Agent) -> Quarantined and deleted successfully.
Dados de Registro Items Infected:
(N º itens maliciosos detectados)
Folders Infected:
(N º itens maliciosos detectados)
Arquivos Infectados:
C: \ WINDOWS \ system32 \ _RegTLB.dll (Trojan.Agent) -> Quarantined and deleted successfully.

3. HijackThis log

Logfile da Trend Micro HijackThis v2.0.2
Scan saved at 18:56:10, em 05/11/2008
Plataforma: Windows XP SP3 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ Explorer.EXE
C: \ PROGRA ~ 1 \ common ~ 1 \ AOL \ ACS \ AOLacsd.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ UStorSrv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ WINDOWS \ system32 \ VTTimer.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Packard Bell
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implantar \ jqs \ IE \ jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Entrada da Web - (B4E30F61-16D9-11D3-85D1-005004229569) - C: \ WINDOWS \ system32 \ shdocvw.dll
O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = file: / / C: \ APPS \ IE \ offline \ uk.htm
Ø15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Controle) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses Classe) -- http://www.superadblocker.com/activex/sabspx.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O17 - HKLM \ System \ CS2 \ Services Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C: \ PROGRA ~ 1 \ common ~ 1 \ AOL \ ACS \ AOLacsd.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)
O23 - Service: UStorage Server Service - Oti - C: \ WINDOWS \ system32 \ UStorSrv.exe
--
End of file - 7014 bytes

Agradecendo a vocês antes,
Tenho toda a fé,

Slime.

[evilfantasy]

Execute o Kaspersky Online Scanner

No Microsoft Windows Vista, Você deve abrir o browser da Web utilizando a Executar como Administrador comando. A partir do Desktop botão direito no ícone para abrir o browser e escolher Executar como administrador.

• Clique em SCAN NOW
• Clique Aceitar.
• O programa irá então começar o download do mais recente definição arquivos.
• Quando os arquivos foram copiados localizar o Scan Settings e ter que varrer Meu Computador.
• A digitalização vai demorar um pouco, para ser paciente e deixe-o terminar.

Quando a pesquisa é feita, na Digitalizar é concluída janela, qualquer infecção é exibida.
Não há opção para limpeza / desinfecção, no entanto, temos de analisar as informações sobre o relatório.

Para obter o relatório:
Clique em: Relatório Salvar Como

• Em seguida, no Salvar como prompt, Guardar em área, escolha: Desktop.
• No O nome do ficheiro área uso KScan, Ou algo semelhante.
• Em Salvar como tipo: Clique na seta e seleccione queda: Texto arquivo [*. txt]
• Em seguida, clique em: Salvar

Copie e cole o Kaspersky Online Scanner Relatório na sua próxima resposta.

Nota para o Internet Explorer 7 usuários: Se a qualquer momento você tem dificuldade para visualizar o botão de aceitar a licença, clique sobre a ferramenta Zoom localizado na parte inferior direita da janela do IE e definir o zoom para 75%. Assim que a licença é aceite, repor a 100%.

[KanoakaVirus]

Depois Ef guiou você através de sua limpeza uma miniatura de uma olhada aqui http://www.computer-juice.com/forums...-malware-9243/

[lodo]

Oi evilfantasy & thanks for your time.
Temos um problema entretanto.
Kaspersky Online Scanner não será concluída a digitalização. Tenho executá-lo 3 vezes e há mais tempo que decorreu durante 23 minutos e foi concluído de 7% do scan!
Arquivos analisados .................................... 4.817
Ameaça nomes ..................................... 2
Os objetos infectados .................................. 1
Os objetos suspeitos ................................ 12
Duração do exame ........................... 00:23:31
Não é possível obter um relatório de análise quer!

Cada vez que eu tentei, porém, eu tenho uma tela pop Java Console em vista, isso é relevante?
Qualquer outra coisa que eu poderia tentar?
Slime

[evilfantasy]

Baixar aleatório do sistema de informação ferramenta (RSIT) por acaso / aleatório e de guardá-lo para o seu desktop.

• Dê um clique duplo sobre RSIT.exe para ser executado.
• Clique Continuar a renúncia tela.
• Assim que tiver terminado, dois logs serão abertos.
• log.txt <será maximizada e info.txt <será minimizado
• Por favor, postar o conteúdo de ambos toras na próxima resposta.

[lodo]

Ok,
que parecia ir um pouco melhor.
Históricos como solicitado,

Logfile aleatório do sistema de informação ferramenta 1,04 (escrito por acaso / aleatório)
Corre por Mark em 2008-11-06 17:05:19
Microsoft Windows XP Home Edition Service Pack 3
Sistema de unidade C: tem 60 GB (84%) livre de 71 GB
Total de RAM: 191 MB (16% grátis)
Logfile da Trend Micro HijackThis v2.0.2
Scan saved at 17:06:26, on 06/11/2008
Plataforma: Windows XP SP3 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ Explorer.EXE
C: \ PROGRA ~ 1 \ common ~ 1 \ AOL \ ACS \ AOLacsd.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ UStorSrv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ WINDOWS \ system32 \ VTTimer.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
c: \ agendas \ lotus organizador 6 \ organize \ org6.exe
C: \ Arquivos de Programas \ Internet Explorer \ IEXPLORE.EXE
c: \ agendas \ lotus organizador 6 \ organize \ org6.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Documents and Settings \ Marcos \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Mark.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Packard Bell
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implantar \ jqs \ IE \ jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Entrada da Web - (B4E30F61-16D9-11D3-85D1-005004229569) - C: \ WINDOWS \ system32 \ shdocvw.dll
O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = file: / / C: \ APPS \ IE \ offline \ uk.htm
Ø15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Controle) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses Classe) -- http://www.superadblocker.com/activex/sabspx.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O17 - HKLM \ System \ CS2 \ Services Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C: \ PROGRA ~ 1 \ common ~ 1 \ AOL \ ACS \ AOLacsd.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)
O23 - Service: UStorage Server Service - Oti - C: \ WINDOWS \ system32 \ UStorSrv.exe
--
End of file - 7153 bytes
====== Pasta Tarefas agendadas ======
C: \ WINDOWS \ Tasks \ MP Scheduled Scan.job
====== Registry dump ======
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll [2008-08-29 455960]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (53707962-6F74-2D53-2644-206D7942484F)]
Spybot-S & D IE Protection - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
Java (tm) Plug-In SSV Helper - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll [2008-11-04 320920]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (A057A204-BACC-4D26-9990-79A187E2698E)]
AVG Security Toolbar - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL [2008-07-18 2055960]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (DBC80044-A445-435b-BC74-9C25C1C588A9)]
Java (tm) Plug-In 2 SSV Helper - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll [2008-11-04 34816]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (E7E6F031-17CE-4C07-BC86-EABFE594F69C)]
JQSIEStartDetectorImpl Class - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin.dll [2008-11-04 73728]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar]
(A057A204-BACC-4D26-9990-79A187E2698E) - AVG Security Toolbar - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL [2008-07-18 2055960]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"PCTVOICE" = C: \ WINDOWS \ system32 \ pctspk.exe [2004-03-26 49152]
"AVG8_TRAY" = C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe [2008-09-30 1234712]
"Windows Defender" = C: \ Program Files \ Windows Defender \ MSASCui.exe [2006/11/03 866584]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe [2008-11-04 136600]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Run]
"SUPERAntiSpyware" = C: \ Program Files \ \ ehTray.exe [2008-09-03 1576176]
"ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ctfmon.exe]
C: \ WINDOWS \ system32 \ ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ MSMSGS]
C: \ Program Files \ Messenger \ msmsgs.exe [2008/04/14 1695232]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NeroCheck]
C: \ WINDOWS \ system32 \ NeroCheck.exe [2001/07/09 155648]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ PCMService]
c: \ Apps \ Powercinema \ iTunesHelper.exe [2004-10-08 81920]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task]
C: \ Program Files \ QuickTime \ qttask.exe [2006-06-01 282624]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ engenheiro de gravação de som]
C: \ WINDOWS \ pctspk.exe [2004-02-26 65024]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ TkBellExe]
C: \ Program Files \ \ Real \ Update_OB \ realsched.exe [2004-11-16 180269]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupfolder \ C: ^ Documents and Settings ^ All Users ^ Menu Iniciar ^ Programas ^ Arranque ^ Adobe Reader Speed Launch.lnk]
C: \ PROGRA ~ 1 \ Adobe \ ACROBA ~ 2.0 \ Reader \ READER ~ 1.EXE [2008-04-23 29696]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupfolder \ C: ^ Documents and Settings ^ Marcos ^ Menu Iniciar ^ Programas ^ Arranque ^ Lotus Organizer EasyClip.lnk]
C: \ diários \ LOTUSO ~ 1 \ organize \ EASYCL ~ 1.EXE [1999-09-15 229432]
C: \ Documents and Settings \ All Users \ Menu Iniciar \ Programas \ Arranque
Adobe Reader Speed Launch.lnk - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = "avgrsstx.dll"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon]
C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [2008/07/23 352256]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ ShellServiceObjectDelayLoad]
WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(091EB208-39DD-417D-A5DD-7E2C2D8FB9CB)" = C: \ PROGRA ~ 1 \ WIFD1F ~ 1 \ MpShHook.dll [2006-11-03 83224]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ Lsa]
"autenticação pacotes" = MSV1_0
C: \ WINDOWS \ system32 \ geebx.dll
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ Minimal \ aawservice]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ Minimal \ WinDefend]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ network \ aawservice]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ network \ WinDefend]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ standard profile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Abacast \ Abaclient.exe" = "C: \ Program Files \ Abacast \ Abaclient.exe: *: Enabled: Abaclient"
"C: \ Program Files \ Real \ RealPlayer \ realplay.exe" = "C: \ Program Files \ Real \ RealPlayer \ realplay.exe: *: Enabled: RealP camada"
"C: \ Arquivos de Programas \ Internet Explorer \ IEXPLORE.EXE" = "C: \ Arquivos de Programas \ Internet Explorer \ IEXPLORE.EXE: *: Enabled: Internet Explorer"
"C: \ Program Files \ Mozilla Firefox \ firefox.exe" = "C: \ Program Files \ Mozilla Firefox \ firefox.exe: *: Enabled: Mozilla Firefox"
"C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ lsupdatemanager.exe" = "C: \ Program Files \ Lavasoft \ Ad-Aware 2007 lsupdatemanager.exe \: *: Enabled: Ad-Aware Update Manager"
"C: \ Program Files \ Grisoft \ AVG7 \ avginet.exe" = "C: \ Program Files \ Grisoft \ AVG7 avginet.exe \: *: Enabled: xe avginet.e"
"C: \ Program Files \ Grisoft \ AVG7 \ avgamsvr.exe" = "C: \ Program Files \ Grisoft \ AVG7 \ avgamsvr.exe \: *: Enabled: avgamsvr exe".
"C: \ Program Files \ Grisoft \ AVG7 \ avgcc.exe" = "C: \ Program Files \ Grisoft \ AVG7 \ avgcc.exe: *: Enabled: avgcc.exe"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
"C: \ Program Files \ NetMeeting \ conf.exe" = "C: \ Program Files \ NetMeeting \ conf.exe: *: Enabled: Windows ® NetMeeting ®"
"C: \ Program Files \ AVG \ AVG8 \ avgemc.exe" = "C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: *: Enabled: avgemc.exe"
"C: \ Program Files \ AVG \ AVG8 \ avgupd.exe" = "C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: *: Enabled: avgupd.exe"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
====== Arquivo associações ======
. js - open - "C: \ Program Files \ Macromedia \ Dreamweaver MX \ Dreamweaver.exe"% 1 "
====== Lista dos arquivos / pastas criadas no passado 1 mês ======
2008-11-06 17:05:19 ---- D ---- C: \ rsit
2008-11-05 13:07:01 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-04 18:45:20 ---- A ---- C: \ WINDOWS \ system32 \ deploytk.dll
2008-11-04 18:45:19 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-11-04 18:45:18 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-11-04 18:45:16 ---- A ---- C: \ WINDOWS \ system32 \ java.exe
2008-11-04 18:43:23 ---- D ---- C: \ Program Files \ Java
2008-11-04 16:13:33 ---- D ---- C: \ Documents and Settings \ Marcos \ Dados de aplicativos \ Malwarebytes
2008-11-04 16:13:00 ---- D ---- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-04 16:13:00 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-10-24 02:01:55 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB958644 $
2008-10-15 02:12:03 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 02:11:57 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB956391 $
2008-10-15 02:11:47 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 02:07:21 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 02:05:57 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB956841 $
2008-10-10 02:01:15 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB951978 $
2008-10-09 02:08:22 ---- D ---- C: \ WINDOWS \ Prefetch
2008-10-08 18:20:46 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB952954 $
2008-10-08 18:20:38 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB952287 $
2008-10-08 18:20:03 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB951748 $
2008-10-08 18:18:50 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB951698 $
2008-10-08 18:17:30 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB951376-v2 $
2008-10-08 18:16:20 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB951376 $
2008-10-08 18:15:35 ---- HDC ---- C: \ WINDOWS \ $ NTUninstallKB951066 $
2008-10-08 18:15:14 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB950974 $
2008-10-08 18:15:02 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB950762 $
2008-10-08 18:14:49 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB946648 $
2008-10-08 18:14:34 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB938464 $
2008-10-08 18:04:31 ---- D ---- C: \ WINDOWS \ system32 \ scripting
2008-10-08 18:04:30 ---- D ---- C: \ WINDOWS \ l2schemas
2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ system32 \ pt
2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ system32 \ bits
2008-10-08 17:59:16 ---- D ---- C: \ WINDOWS \ ServicePackFiles
2008-10-08 17:48:52 ---- HDC ---- C: \ WINDOWS \ $ NtServicePackUninstall $
2008-10-08 17:48:40 ---- D ---- C: \ WINDOWS \ eHome
====== Lista dos arquivos / pastas modificadas nos últimos 1 mês ======
2008-11-06 17:06:25 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 15:44:29 ---- D ---- C: \ WINDOWS
2008-11-05 18:48:26 ---- SD ---- C: \ WINDOWS \ Tasks
2008-11-05 18:43:04 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt
2008-11-05 18:10:11 ---- D ---- C: \ Program Files \ Sage Payroll07-08
2008-11-05 18:10:11 ---- A ---- C: \ WINDOWS \ Payroll.INI
2008-11-05 18:08:47 ---- A ---- C: \ WINDOWS \ SGREP32.INI
2008-11-05 13:38:52 ---- HD ---- C: \ $ AVG8.VAULT $
2008-11-05 13:07:01 AD ---- ---- C: \ Program Files
2008-11-05 12:48:10 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy
2008-11-05 12:47:38 ---- D ---- C: \ WINDOWS \ Debug
2008-11-04 18:46:40 ---- SHD ---- C: \ WINDOWS \ Installer
2008-11-04 18:46:24 ---- SHD ---- C: \ Config.Msi
2008-11-04 18:45:22 ---- D ---- C: \ WINDOWS \ system32
2008-11-04 16:13:04 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-04 13:50:38 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-03 14:00:33 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.ini
2008-10-31 18:42:10 ---- A ---- C: \ WINDOWS \ nero.INI
2008-10-30 12:10:38 ---- D ---- C: \ Program Files \ Mozilla Firefox
2008-10-24 02:02:42 ---- HD ---- C: \ WINDOWS \ inf
2008-10-24 02:02:02 RSHD ---- ---- C: \ WINDOWS \ system32 \ dllcache
2008-10-24 02:00:45 ---- D ---- C: \ WINDOWS \ $ hf_mig $
2008-10-17 16:57:24 ---- A ---- C: \ WINDOWS \ BRWMARK.INI
2008-10-15 16:34:24 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll
2008-10-15 02:18:58 ---- D ---- C: \ Program Files \ Internet Explorer
2008-10-09 02:07:07 ---- D ---- C: \ WINDOWS \ system32 \ Setup
2008-10-09 02:07:07 ---- D ---- C: \ WINDOWS \ AppPatch
2008-10-09 02:07:06 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-10-09 02:07:05 ---- RSD ---- C: \ WINDOWS \ Fonts
2008-10-09 02:06:20 ---- D ---- C: \ WINDOWS \ security
2008-10-08 18:21:26 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-10-08 18:14:52 ---- D ---- C: \ Program Files \ Messenger
2008-10-08 18:05:20 ---- D ---- C: \ WINDOWS \ WinSxS
2008-10-08 18:05:00 ---- D ---- C: \ WINDOWS \ network diagnostic
2008-10-08 18:05:00 ---- D ---- C: \ WINDOWS \ ime
2008-10-08 18:04:59 ---- D ---- C: \ WINDOWS \ Help
2008-10-08 18:04:33 ---- D ---- C: \ WINDOWS \ system32 \ usmt
2008-10-08 18:04:33 ---- D ---- C: \ WINDOWS \ system32 \ pt-BR
2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ PeerNet
2008-10-08 18:04:27 ---- D ---- C: \ Program Files \ Movie Maker
2008-10-08 17:59:09 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-08 17:59:09 ---- D ---- C: \ WINDOWS \ system32 \ npp
2008-10-08 17:59:06 ---- D ---- C: \ WINDOWS \ msagent
2008-10-08 17:59:03 ---- D ---- C: \ WINDOWS \ srchasst
2008-10-08 17:58:57 ---- D ---- C: \ Program Files \ NetMeeting
2008-10-08 17:58:55 ---- D ---- C: \ WINDOWS \ system32 \ Com
2008-10-08 17:58:52 ---- D ---- C: \ Program Files \ Windows Media Player
2008-10-08 17:58:51 ---- D ---- C: \ Program Files \ Windows NT
2008-10-08 17:58:50 ---- D ---- C: \ Program Files \ Outlook Express
2008-10-08 17:58:46 ---- D ---- C: \ Program Files \ Common Files \ System
2008-10-08 17:58:28 ---- D ---- C: \ WINDOWS \ system32 \ oobe
2008-10-08 17:58:22 ---- D ---- C: \ WINDOWS \ system
2008-10-08 17:53:47 ---- D ---- C: \ WINDOWS \ system32 \ reinstallbackups
2008-10-08 17:17:41 RASH ---- ---- C: \ BOOT.INI
2008-10-08 17:17:40 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-08 17:17:39 ---- A ---- C: \ WINDOWS \ SYSTEM.INI
2008-10-07 19:19:40 ---- A ---- C: \ WINDOWS \ system32 \ o Mrt.exe
====== Lista dos maquinistas (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R1 AMDK7; AMD K7 Processor Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Amdk7.sys [2008-04-13 37760]
R1 AvgLdx86; AVG Free AVI Loader Driver x86; C: \ WINDOWS \ System32 \ Drivers \ avgldx86.sys [2008-08-29 97928]
R1 AvgMfx86; AVG Free on-access scanner minifiltro Driver x86; C: \ WINDOWS \ system32 \ Drivers \ avgmfx86.sys [2008-07-18 26824]
R1 SASDIFSV; SASDIFSV; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASDIFSV.SYS []
R1 SASKUTIL; SASKUTIL; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.sys []
R2 AvgTdiX; AVG8 Network Redirector; C: \ WINDOWS \ system32 \ drivers \ aswSP.sys [2008-07-18 76040]
R2 BrPar; BrPar C: \ WINDOWS \ system32 \ drivers \ BrPar.sys [2000-07-24 19537]
R3 ALCXSENS; Service for WDM 3D Audio Driver C: \ WINDOWS \ system32 \ drivers \ ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM; Service for Realtek AC97 Audio (WDM); C: \ WINDOWS \ system32 \ drivers \ Alcxwdm.sys [2004-02-27 611820]
R3 rtl8139; Realtek RTL8139 (A / B / C)-based PCI Fast Ethernet Adapter NT Driver; C: \ WINDOWS \ system32 \ DRIVERS \ rtl8139.sys [2004-08-03 20992]
R3 SASENUM; SASENUM; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS []
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbehci.sys [2008-04-13 30208]
R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ DRIVERS \ usbhub.sys [2008-04-13 59520]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbuhci.sys [2008-04-13 20608]
R3 viagfx viagfx; C: \ WINDOWS \ system32 \ DRIVERS \ vtmini.sys [2004-05-05 142976]
R3 wanatw; WAN Miniport (ATW); C: \ WINDOWS \ system32 \ DRIVERS \ wanatw4.sys [2003-01-10 33588]
S1 kbdhid; Keyboard HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Kbdhid.sys [2008-04-13 14592]
S3 FETND5BV; VIA Rhine-Family Fast Ethernet Adapter Driver Service; C: \ WINDOWS \ system32 \ DRIVERS \ fetnd5bv.sys [2004-12-16 42496]
S3 FETNDISB; VIA Rhine Family Fast Ethernet Adapter Driver Service; C: \ WINDOWS \ system32 \ DRIVERS \ fetnd5b.sys [2003-11-11 41984]
S3 HidUsb; Microsoft HID Class Driver; C: \ WINDOWS \ system32 \ DRIVERS \ hidusb.sys [2008-04-13 10368]
S3 MODEMCSA; Unimodem Streaming Filtro Dispositivo; C: \ WINDOWS \ system32 \ drivers \ MODEMCSA.sys [2001-08-17 16128]
S3 mouhid; Mouse HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ mouhid.sys [2001-08-17 12160]
S3 Mtlmnt5; Mtlmnt5 C: \ WINDOWS \ system32 \ DRIVERS \ Mtlmnt5.sys [2003-02-16 210128]
S3 Mtlstrm; Mtlstrm C: \ WINDOWS \ system32 \ DRIVERS \ Mtlstrm.sys [2003-02-16 1293192]
S3 NtMtlFax; NtMtlFax C: \ WINDOWS \ system32 \ DRIVERS \ NtMtlFax.sys [2003-02-05 162136]
S3 SABProcEnum; SABProcEnum; \? \ C: \ Program Files \ Internet Explorer \ SABProcEnum.sys []
S3 Slntamr; SmartLink Driver AMR_PCI C: \ WINDOWS \ system32 \ DRIVERS \ slntamr.sys [2003-02-16 516616]
S3 SlNtHal; SlNtHal C: \ WINDOWS \ system32 \ DRIVERS \ Slnthal.sys [2003-02-16 85520]
S3 SlWdmSup; SlWdmSup C: \ WINDOWS \ system32 \ DRIVERS \ SlWdmSup.sys [2003-01-17 39348]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbccgp.sys [2008-04-13 32128]
S3 usbohci; Microsoft USB Open Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbohci.sys [2008-04-13 17152]
S3 USBSTOR; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ DRIVERS \ USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf; Windows Driver Foundation - User-mode Driver Framework Platform Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Wudfpf.sys [2006-09-28 77568]
S3 WudfRd; Windows Driver Foundation - User-mode Driver Framework Reflector; C: \ WINDOWS \ system32 \ DRIVERS \ wudfrd.sys [2006-09-28 82944]
====== Lista de serviços (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
Aawservice R2; Lavasoft Ad-Aware Service; C: \ Program Files \ Lavasoft \ Ad-Aware \ spoolsv.exe [2008-07-07 611664]
R2 AOL ACS; AOL Connectivity Service, C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe [2004-02-25 1123440]
R2 avg8emc; AVG Free8 E-mail Scanner, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe [2008-08-29 875288]
R2 avg8wd; AVG Free8 Watchdog, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2008-08-29 231704]
R2 Brother XP spl Service; BrSplService C: \ WINDOWS \ system32 \ BRSVC01A.EXE [2003-08-28 57344]
R2 JavaQuickStarterService; Java Quick Starter; C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe [2008-11-04 152984]
R2 UStorage Server Service; UStorage Server Service, C: \ WINDOWS \ system32 \ UStorSrv.exe [2006-02-17 139264]
R2 WinDefend; o Windows Defender, C: \ Program Files \ Windows Defender \ MsMpEng.exe [2006-11-03 13592]
S2 Fax, Fax, C: \ WINDOWS \ system32 \ fxssvc.exe [2008-04-14 267776]
S2 SLService; SmartLinkService; slserv.exe []
S3 aspnet_state; ASP.NET Serviço de Estado; C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ aspne t_state.exe [2004-07-15 32768]
S3 IDriverT; InstallDriver Table Manager; C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe [2005-04-03 69632]
S3 ose; Office Source Engine; C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe [2003-07-28 89136]
S3 WMPNetworkSvc; Windows Media Player Network Sharing Service, C: \ Arquivos de Programas \ Windows Media Player \ WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc; Windows Driver Foundation - User-mode Driver Framework, C: \ WINDOWS \ system32 \ svchost.exe [2008-04-14 14336]
----------------- ----------------- EOF


info.txt logfile of random ferramenta do sistema de informação de 1,04 2008-11-06 17:06:34
====== Uninstall list ======
-> "C: \ Program Files \ \ AOLSHARE \ Coach \ AolCInUn.exe" lang = "en-uk"
-> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AcsUninstall.exe / c
-> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ALWILS ~ 1 \ UNWISE.EXE C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ALWILS ~ 1 \ INSTALL.LOG
-> C: \ PROGRA ~ 1 \ S3 \ S3 \ s3setvga.exe-s-fC: \ PROGRA ~ 1 \ S3 \ S3 \ S3.uns
-> C: \ Program Files \ Common Files \ AOL \ Screensaver \ uninst_ygpss.exe
-> C: \ Program Files \ \ AOLSHARE \ Aolunins_uk.exe
-> C: \ Program Files \ Common Files \ Real \ Update_OB \ r1puninst.exe RealNetworks | RealPlayer | 6.0
-> C: \ Program Files \ Common Files \ Real \ Update_OB \ r1puninst.exe RealNetworks | RealPlayer | 6.0
-> C: \ Program Files \ Learn2.com \ StRunner \ stuninst.exe
-> C: \ Program Files \ Viewpoint \ Viewpoint Experience Technology \ mtsAxInstaller.exe / u
-> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Sage \ Sage Payroll e-Submissions Update \ Uninst.isu"
-> C: \ WINDOWS \ Isuninst.exe-FC: \ WINDOWS \ orun32.isu
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (9541FED0-327F-4df0-8B96-EF57EF622F19)
-> C: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 1 \ UNWISE.EX CE: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 1 \ Install.log
-> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ or.dll Ct, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (2637C347-9dad-11D6 -9EA2-00055D0CA761) \ setup.exe uninstall "
-> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ or.dll ct, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (FB08F381-6533-4108 -B7DD-039E11FBC27E) \ REMOVE "setup.exe
-> rundll32.exe setupapi.dll, DefaultUnInstall InstallHinfSection 132 C: \ WINDOWS \ INF \ PCHealth.inf
-> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Display'
-> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Gamma2'
-> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Info2'
-> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Overlay'
Abacast Cliente -> C: \ PROGRA ~ 1 \ Abacast \ UNWISE.EXE C: \ PROGRA ~ 1 \ Abacast \ client.log
Ad-Aware -> MsiExec.exe / I (DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF)
Adobe Flash Player 10 ActiveX -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Reader 7.1.0 -> MsiExec.exe / I (AC76BA86-7AD7-1033-7B44-A71000000002)
Ahead Nero Burning ROM -> C: \ Program Files \ Ahead \ Nero \ uninstall \ UNNERO.exe / UNINSTALL
AVG Free 8.0 -> C: \ Program Files \ AVG \ AVG8 \ setup.exe / uninstall
Aztech CNR2900 V.90 Modem -> C: \ WINDOWS \ Modio \ SLAMR2KO \ Setup.exe / Remover
Brother HL-5040 -> "C: \ Program Files \ Brother \ BRHL5040 \ IsUninst.exe"-f "C: \ Program Files \ Brother \ BRHL5040 \ DeIsL1.isu cbruninst.dll"
Brother HL-6050 -> "C: \ Program Files \ Brother \ BRHL6050 \ IsUninst.exe"-f "C: \ Program Files \ Brother \ BRHL6050 \ DeIsL1.isu cbruninst.dll"
CCleaner (remover apenas )-->" C: \ Program Files \ CCleaner \ Uninst.exe "
ESET Online Scanner -> C: \ WINDOWS \ system32 \ OnlineScannerUninstaller.ex e
HijackThis 2.0.2 -> "C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe" / uninstall
Hotfix para o Windows Internet Explorer 7 (KB947864 )-->" C: \ WINDOWS \ ie7updates \ KB947864-IE7 \ spuninst \ spuninst.exe "
Hotfix para o Windows Media Format 11 SDK (KB929399 )-->" C: \ WINDOWS \ $ NtUninstallKB929399 $ \ spuninst \ spunin st.exe "
Hotfix para o Windows Media Player 11 (KB939683 )-->" C: \ WINDOWS \ $ NtUninstallKB939683 $ \ spuninst \ spunin st.exe "
Hotfix para o Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ spuninst \ spunin st.exe "
Imation Disk Manager V serviço -> C: \ DOCUME ~ 1 \ Marcos \ CONFIG ~ 1 \ Temp \ Imation Disk Manager a.exe V-u
Java (TM) 6 Update 10 -> MsiExec.exe / X (26A24AE4-039D-4CA4-87B4-2F83216010FF)
Lotus Organizer 6.0 -> C: \ WINDOWS \ ounin11.exe / T Organizer / 99,1 V / I "c: \ lotus \ organize \ orgnode.inf" / C "c: \ lotus \ Organizar \ cinstnod.ini" / O c: \ uninst.log / L PT / U Organizador Usuário
Macromedia Dreamweaver MX -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ or.dll Ct, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (8B4AB829 - DFD3-436D-B808-D9733D76C590) \ Setup.exe "-l0x9 mmUninstall
Macromedia Extension Manager -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ or.dll Ct, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (A5BA14E0 - 7384-11D4-BAE7-00409631A2C8) \ setup.exe "-l0x9 mmUninstall
Macromedia Shockwave Player -> C: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 2 \ UNWISE.EX CE: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 2 \ Install.log
Malwarebytes' Anti-Malware -> "C: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft. NET Framework 1.1 Hotfix (KB928366 )-->" C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ UPD ates \ Hotfix.exe "" C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ upda TES \ M928366 \ M928366Uninstall.msp "
Microsoft. NET Framework 1.1 -> msiexec.exe / X (CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1)
Microsoft. NET Framework 1.1 -> MsiExec.exe / X (CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1)
Microsoft Compression Client Pack 1.0 para o Windows XP -> "C: \ WINDOWS \ $ NtUninstallMSCompPackV1 $ \ spuninst \ sp Uninst.exe"
Nomes de domínio internacionalizados Microsoft Mitigação APIs -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA IPs $ \ spuninst \ spuninst.exe"
Microsoft National Language Support Downlevel APIs -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Standard Edition 2003 -> MsiExec.exe / I (91120409-6000-11D3-8CFE-0150048383C9)
Microsoft User-Mode Driver Framework Feature Pack 1.0 -> "C: \ WINDOWS \ $ NtUninstallWudf01000 $ \ spuninst \ spuni nst.exe"
Microsoft Visual C + + 2005 Redistributable -> MsiExec.exe / X (7299052b-02a4-4627-81f2-1818da5d550d)
Microsoft Works 7.0 -> MsiExec.exe / I (764D06D8-D8DE-411E-A1C8-D9E9380F8A84)
Microsoft WSE 2.0 SP3 Runtime -> MsiExec.exe / X (F3CA9611-CD42-4562-ADAB-A554CF8E17F1)
Mozilla Firefox (3.0.1) -> C: \ Program Files \ Mozilla Firefox \ uninstall \ helper.exe
MSXML 4.0 SP2 (KB936181) -> MsiExec.exe / I (C04E32E0-0416-434D-AFB9-6969D703A9EF)
MSXML 6.0 Parser (KB933579) -> MsiExec.exe / I (0A869A65-8C94-4F7C-A5C7-972D3C8CED9E)
Packard Bell InfoCentre -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ or.dll ct, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (B04AC0A3 - 7A0F-4E38-9DE7-FD1E4CE47D8C) \ setup.exe "
Packard Bell Toolbar 1.0 -> "C: \ Program Files \ Dynamic Toolbar \ unins000.exe"
QuickTime -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 11 \ INTEL3 ~ 1 \ IDriver.exe / M (C21D5524-A970-42FA-AC8A-59B8C7CDCA31) / L1033
Sage 50 Folha de Pagamento -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ PROFES ~ 1 \ RunTime \ 10 \ 50 \ INTEL32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (AE4B057E-41EF-4dba-A387-CC6A7666C5CD) \ Setup.exe "-l0x9-uninst-removeonly
Contas Sage-V11.00 -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I DRIVER.EXE / M (9B4F367E-94ad-40A4-8060-460CE4A98C45)
Sage MIS 3.01 -> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Informer50 \ Uninst.isu"
Sage Payroll 07-08 -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ PROFES ~ 1 \ RunTime \ 10 \ 50 \ INTEL32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (CD9BCE06-1BB1-4D6F-AFDC-E2E50FA99543) \ Setup.exe "-l0x9-uninst-removeonly
Sage Payroll -> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Sage Payroll \ UNINST80.ISU"
Sage Payroll -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ PROFES ~ 1 \ RunTime \ 10 \ 50 \ INTEL32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ ( 09998BA7-A8D3-441C-8D35-D156C831D444) \ Setup.exe "-l0x9-uninst-removeonly
Atualização de segurança para Step by Step Interactive Training (KB898458 )-->" C: \ WINDOWS \ $ NtUninstallKB898458 $ \ spuninst \ spunin st.exe "
Atualização de segurança para Step by Step Interactive Training (KB923723 )-->" C: \ WINDOWS \ $ NtUninstallKB923723 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB938127 )-->" C: \ WINDOWS \ ie7updates \ KB938127-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB942615 )-->" C: \ WINDOWS \ ie7updates \ KB942615-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB944533 )-->" C: \ WINDOWS \ ie7updates \ KB944533-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB950759 )-->" C: \ WINDOWS \ ie7updates \ KB950759-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB953838 )-->" C: \ WINDOWS \ ie7updates \ KB953838-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB956390 )-->" C: \ WINDOWS \ ie7updates \ KB956390-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Media Player 11 (KB936782 )-->" C: \ WINDOWS \ $ NtUninstallKB936782_WMP11 $ \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Media Player 11 (KB954154 )-->" C: \ WINDOWS \ $ NtUninstallKB954154_WM11 $ \ spuninst \ s puninst.exe "
Atualização de segurança para o Windows XP (KB938464 )-->" C: \ WINDOWS \ $ NtUninstallKB938464 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941569 )-->" C: \ WINDOWS \ $ NtUninstallKB941569 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB946648 )-->" C: \ WINDOWS \ $ NtUninstallKB946648 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950974 )-->" C: \ WINDOWS \ $ NtUninstallKB950974 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951066 )-->" C: \ WINDOWS \ $ NtUninstallKB951066 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951376 )-->" C: \ WINDOWS \ $ NtUninstallKB951376 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB952954 )-->" C: \ WINDOWS \ $ NtUninstallKB952954 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB953839 )-->" C: \ WINDOWS \ $ NtUninstallKB953839 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB954211 )-->" C: \ WINDOWS \ $ NtUninstallKB954211 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956391 )-->" C: \ WINDOWS \ $ NtUninstallKB956391 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956803 )-->" C: \ WINDOWS \ $ NtUninstallKB956803 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956841 )-->" C: \ WINDOWS \ $ NtUninstallKB956841 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB957095 )-->" C: \ WINDOWS \ $ NtUninstallKB957095 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB958644 )-->" C: \ WINDOWS \ $ NtUninstallKB958644 $ \ spuninst \ spunin st.exe "
Sonic MyDVD -> MsiExec.exe / I (21657574-BD54-48A2-9450-EB03B2C7FC29)
Sonic RecordNow! -> MsiExec.exe / I (9541FED0-327F-4DF0-8B96-EF57EF622F19)
Spybot - Search & Destroy 1.5.2.20 -> "C: \ WINDOWS \ unins000.exe"
Spybot - Search & Destroy -> "C: \ Program Files \ Spybot - Search & Destroy \ unins001.exe"
SUPERAntiSpyware Free Edition -> MsiExec.exe / X (CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA)
Atualização para o Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe "
Atualização para o Windows XP (KB951978 )-->" C: \ WINDOWS \ $ NtUninstallKB951978 $ \ spuninst \ spunin st.exe "
VIA Rhine-Family Fast Ethernet Adapter -> Rundll32.exe vuins32.dll, vuins32Ex $ $ Reno VIA
Visual C + + CRT 8.0 -> MsiExec.exe / I (B2395631-54D5-481E-B9A8-74B269546F40)
Windows Defender Signatures -> MsiExec.exe / I (A5CC2A09-E9D3-49EC-923D-03874BBD4C2C)
Windows Defender -> MsiExec.exe / I (A06275F4-324B-4E85-95E6-87B2CD729401)
Windows Media Format 11 runtime -> "C: \ Program Files \ Windows Media Player \ Wmsetsdk.exe" / UninstallAll
Windows Media Format 11 runtime -> "C: \ WINDOWS \ $ NtUninstallWMFDist11 $ \ spuninst \ spuni nst.exe"
Windows Media Player 11 -> "C: \ Program Files \ Windows Media Player \ Setup_wm.exe" / Uninstall
Windows Media Player 11 -> "C: \ WINDOWS \ $ NtUninstallwmp11 $ \ spuninst \ spuninst. Exe"
Windows XP Service Pack 3 -> "C: \ WINDOWS \ $ NtServicePackUninstall $ \ spuninst \ SPU ninst.exe"
====== Security center information ======
AV: AVG Anti-Virus Free
====== Ambiente variáveis ======
"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% SystemRoot% \ system32;% SystemRoot%;% systemr oot% \ system32 \ Wbem; C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SONICS ~ 1 \ C: \ Program Files \ \ Sage SBD C: \ Program Files \ QTSystem \ C: \ Program Files \ \ Sage SBD \
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NÃO
"SO" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION" = 0801
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. EXE,. MTD;. CMD;. VBS;. VBE;. JS;. Jse,. FSM;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"CLASSPATH" =.; C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
----------------- ----------------- EOF


Em antecipação,
Slime.

[evilfantasy]

Mozilla Firefox (3.0.1) Estamos em 3.0.3. Necessidade de atualização.

Desinstalar o Spybot - Search & Destroy 1.5.2.20. Deixe os outros Spybot - Search & Destroy.

----------

Será que você desativar o AVG antes de começar a digitalizar Kaspersky?

[lodo]

Oi,

Mozilla Firefox (3.0.1) Estamos em 3.0.3. Necessidade de atualização. Feito!
Desinstalar o Spybot - Search & Destroy 1.5.2.20. Feito!
Será que você desativar o AVG antes de começar a digitalizar Kaspersky? Não!

Desculpe, isso foi estúpido da minha parte.
Tentando Scan Kaspersky novamente, será repoert back asap.

Slime

[evilfantasy]

Esperemos que irá deixá-lo prosseguir e concluir. Basta não baixar nada enquanto o seu AV é desligado nem abra anexos de e-mail.

[lodo]

Oi,
podem estar a ser estúpido aqui, mas eu não consigo transformar o AVG fora!
Alguma dica?

Slime.