[ah24]

Oi gente,

Postado por aqui um tempo atrás com o vírus questões sobre o meu laptop - Evil ajudou a maciçamente eo laptop está executando o perfeito!

No entanto .... agora o meu desktop tem algo sangrento

Na semana passada, eu tenho um e-mail através Bebo de um dos meus companheiros dizendo verificar esse vídeo de mim e à senhora de Sexta-feira (e eu sabia que eles tinham ido para fora na sexta-feira, assim pensei que era realmente ele) qualquer jeito, eu abri-lo, têm para instalar um novo jogador .... e thats onde eu acho que o vírus veio. Uma caixa venha com um monte de coisas eu didnt compreender então desceu morro de lá ..

Agora eu cant get em determinados sites, ou quer que ele leva-me a bater atualizar cerca de cem vezes! Às vezes, uma parte do site ..... cargas e pessoas estranhas continuar recebendo mensagens de mim em Facebook

Qualquer ideia que diabos é esse e como espécie-lo? Além disso, não tenho certeza se ele poderia estar relacionado, mas uma vez que tudo isto, o meu Sky + caixa vai trabalhar? No momento ela não vai mesmo ligar ... Duvido suas coligadas, mas pensei que eu iria verificar ..

Ajuda por favor!

[Hybr! D]

Siga o guia e postar os arquivos de log como antes, por favor.

[ah24]

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 22:18:20, em 06/11/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgam.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ Program Files \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ AVG \ AVG8 \ avgui.exe
C: \ Program Files \ AVG \ AVG8 \ avgscanx.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no arquivo)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Classe) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
Fim do processo - 7142 bytes

[evilfantasy]

Você está executando dois antivírus ao mesmo tempo.

Eu (bem como Microsoft, McAfee e Symantec) Recomendamos que você NÃO ter mais de um produto antivírus instalado e funcionando em seu computador em uma hora.

A proteção em tempo real dos dois programas antivírus podem entrar em conflito com mutuamente e causar os seguintes:

1) Falsos alarmes: Quando o software antivírus que você diz que o seu PC tiver um vírus, quando na verdade ela não o faz.
2) Conflitos: O sistema pode bloquear devido a ambos os produtos tentando acessar o mesmo arquivo ao mesmo tempo.
3) Desempenho: Mais que um antivírus fará com que o PC se torne lento e pode mesmo falhar ou tela azul.

Eu sugerem fortemente que você quer configurar apenas um programa antivírus para permitir a digitalização automática em tempo real, e deixar o resto com deficiência, utilizando-os para o on-demand scanner ou vá para Iniciar > Painel de Controle > Adicionar ou Remover Programas e todos, mas desinstalar um programa antivírus.

Por favor, desinstalar um agora para evitar problemas com os exames e nós precisamos fazer correções.

----------

Baixar Malwarebytes' Anti-Malware (MBAM)

• Dê um clique duplo mbam-setup.exe e siga as instruções para instalar o programa.
• Ao final, certifique-se de uma marca de verificação é colocada ao lado da seguinte forma:
  • Actualizar Malwarebytes' Anti-Malware
  • Lançamento Malwarebytes' Anti-Malware
• Em seguida, clique em Concluir.
• Se uma atualização for encontrada, ela vai baixar e instalar a versão mais recente.
• Uma vez carregado o programa, selecione Execute verificação rápidaE, em seguida, clique em Scan.
• Quando a pesquisa estiver concluída, clique em OKE, em seguida, Mostrar resultados para ver os resultados.
• Tenha certeza de que tudo está marcada, e clique em Remover Selecionados.
• Desinfecção Quando estiver concluída, será aberto um log no Bloco de Notas e você pode ser solicitado a reiniciar. (Veja Nota Extra)
• O log é automaticamente salvo pelo MBAM e pode ser visualizada clicando no separador no MBAM Logs.
• Copie e cole todo o relatório em sua próxima resposta.

Nota adicional: Se MBAM encontrar um arquivo que é difícil de remover, você será presenteado com 1 de 2 solicitações, clique em OK para deixar MBAM e quer avançar com o processo de desinfecção, se solicitado para reiniciar o computador, faça-o imediatamente.

----------

Baixar aleatório do sistema de informação ferramenta (RSIT) por acaso / aleatório e de guardá-lo para o seu desktop.

• Dê um clique duplo sobre RSIT.exe para ser executado.
• Clique Continuar a renúncia tela.
• Assim que tiver terminado, dois logs serão abertos.
• log.txt <será maximizada e info.txt <será minimizado
• Por favor, postar o conteúdo de ambos toras na próxima resposta.

[ah24]

Vou desativar e se livrar de AVG agora ...

Só para que você saiba, thats sido apenas por aqui cerca de uma hora ou assim que eu penso - alguém recomendou que eu DL'd ele rapidamente e não se livrou dele ainda ...

Divulgaremos logs em um par de minutos

[evilfantasy]

CA e AVG são sobre o mesmo na minha opinião. Então eu não acho que ele faria qualquer instalação bom.

[ah24]

RST's aleatória log;

"Log.txt":

Logfile aleatório do sistema de informação ferramenta 1,04 (escrito por acaso / aleatório)
Corre por Adam em 2008/11/06 22:43:21
Microsoft Windows XP Professional Service Pack 2
Sistema de unidade C: tem 42 GB (57%), isenta de 73 GB
Total RAM: 510 MB (36% livre)
Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 22:43:38, em 06/11/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Malwarebytes' Anti-Malware \ mbam.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no arquivo)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / instalação / silêncio
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Classe) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
Fim do processo - 6709 bytes
====== Pasta Tarefas agendadas ======
C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job
====== Registry dump ======
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"SoundMAXPnP" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004/10/14 1404928]
"DLA" = C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe [2004-08-13 122939]
"UpdateManager" = C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe [2004/01/07 110592]
"Realtime Monitor" = C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe [2004/04/06 504080]
"" = []
"igfxtray" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"igfxhkcmd" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"igfxpers" = C: \ WINDOWS \ system32 \ igfxpers.exe [2005/09/20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"iTunesHelper" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008/06/10 144784]
"Adobe Photo Downloader" = C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes' Anti-Malware" = C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Run]
"ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-04 15360]
"A Sony Ericsson PC Suite" = C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Menu Iniciar \ Programas \ Arranque
Adobe Reader Speed Launch.lnk - C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005/09/20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ standard profile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntversion \ explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871c-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

====== Arquivo associações ======
. js - edite - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Lista dos arquivos / pastas criadas no passado 1 mês ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes' Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Avg8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Program Files \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Dados de aplicativos \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Dados de aplicativos \ BVRP Software (2)
2008-11-04 23:51:31 ---- D ---- C: \ Program Files \ tinyproxy
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ JAVA.EXE
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Teoria Teste
2008-10-25 22:29:24 ---- D ---- C: \ Config.Msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Lista dos arquivos / pastas modificadas nos últimos 1 mês ======
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008/11/06 22:42:13 ---- RD ---- C: \ Program Files
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt
2008-11-06 22:36:16 ---- D ---- C: \ WINDOWS
2008/11/06 22:30:43 ---- ---- RSHDC C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ prefetch
2008/11/06 21:45:09 ---- SHD ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ winSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:52 ---- HD ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Arquivos de Programas \ Arquivos Comuns
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:21 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Instalações
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 ---- HD ---- C: \ Program Files \ InstallShield Informações de instalação
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 ---- SD ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Arquivos de Programas \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 ---- HD ---- C: \ WINDOWS \ $ hf_mig $
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Lista dos maquinistas (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R1 intelppm; Processador Intel Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Intelppm.sys [2004-08-04 36096]
R1 kbdhid; Keyboard HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5; C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln; C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm; C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ Drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio; C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs; C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct; C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres; C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004/08/13 2239]
R2 tfsnifs; tfsnifs; C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio; C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool; C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
R2 tfsnudf; tfsnudf; C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa; C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ DRIVERS \ e100b325.sys [2004/02/10 154112]
R3 GEARAspiWDM; GEARAspiWDM; C: \ WINDOWS \ System32 \ Drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Class Driver; C: \ WINDOWS \ system32 \ DRIVERS \ hidusb.sys [2004/08/04 9600]
R3 ialm; ialm; C: \ WINDOWS \ system32 \ DRIVERS \ ialmnt5.sys [2005-09-20 1302332]
R3 MBAMSwissArmy; MBAMSwissArmy; \? \ C: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys []
R3 mouhid; Mouse HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt; C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm; C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ DRIVERS \ usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft USB PRINTER Class; C: \ WINDOWS \ system32 \ DRIVERS \ Usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ DRIVERS \ USBSTOR.SYS [2004-08-03 26496]
====== Lista de serviços (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5; C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004/04/06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004/04/06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004/04/06 254224]
R2 UMWdf; Windows User Mode Driver Framework, C: \ WINDOWS \ system32 \ Wdfmgr.exe [2005-01-28 38912]
R3 iPod Service; iPod Service; C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 ose; Office Source Engine; C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader serviço; C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
----------------- ----------------- EOF



"Info.txt":

info.txt logfile aleatório do sistema de informação ferramenta 1/04 2008/11/06 22:43:42
====== Uninstall list ======
-> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERSOR
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / I (09DA4F91-2A09-4232-AB8C-6BC740096DE3) REMOVA = UpdateMgrFeature
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (9541FED0-327F-4df0-8B96-EF57EF622F19)
-> MsiExec.exe / I (C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844)
-> rundll32.exe setupapi.dll, DefaultUnInstall InstallHinfSection 132 C: \ WINDOWS \ INF \ PCHealth.inf
Adobe Flash Player ActiveX -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Help Center 2.1 -> MsiExec.exe / I (25569723-DC5A-4467-A639-79535BF01B71)
Adobe Photoshop Elements 5.0 -> msiexec / I (A7B609FB-83D8-4FC3-8477-1BC65ECFE85B)
Adobe Reader 8 -> MsiExec.exe / I (AC76BA86-7AD7-1033-7B44-A80000000002)
Apple Software Update -> MsiExec.exe / I (B74F042E-E1B9-4A5B-8D46-387BB172F0A4)
Avanquest update -> C: \ Program Files \ InstallShield Installation Information \ (76E41F43-59D2-4F30-BA42-9A762EE1E8DE) \ Setup.exe-runfromtemp-l0x0009-removeonly
CA eTrust Antivirus -> MsiExec.exe / X (99747F0D-D4F8-4877-9CA0-4AE96D963633)
Canon iP4200 -> C: \ WINDOWS \ system32 \ CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC: \ Documents and Settings \ All Users \ Application Data \ CanonBJ \ IJPrinter \ CNMWINDOWS \ Canon iP4200 Installer \ Inst2 \ cnmis.dll ""-RCDLLcnmi0409.dll "
DivX Codec -> C: \ Program Files \ DivX \ DivXCodecUninstall.exe / CODEC
DivX Content Uploader -> C: \ Program Files \ DivX \ DivXContentUploaderUninstall.exe / CUPLOADER
DivX Converter -> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERSOR
DivX Player -> C: \ Program Files \ DivX \ DivXPlayerUninstall.exe / PLAYER
DivX Web Player -> C: \ Program Files \ DivX \ DivXWebPlayerUninstall.exe / PLUGIN
DSA Teoria Teste -> C: \ PROGRA ~ 1 \ common ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I Driver.exe / M (79D1BA4A-BEB4-4357-A431-C3EF58E72E6C)
Free Mp3 Wma Converter 1.7.2 V -> "C: \ Program Files \ Free Audio Pack \ unins000.exe"
HijackThis 2.0.2 -> "C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe" / uninstall
Hotfix para o Windows Internet Explorer 7 (KB947864 )-->" C: \ WINDOWS \ ie7updates \ KB947864-IE7 \ spuninst \ spuninst.exe "
Hotfix para o Windows XP (KB914440 )-->" C: \ WINDOWS \ $ NtUninstallKB914440 $ \ spuninst \ spunin st.exe "
Hotfix para o Windows XP (KB915865 )-->" C: \ WINDOWS \ $ NtUninstallKB915865 $ \ spuninst \ spunin st.exe "
Hotfix para o Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ spuninst \ spunin st.exe "
Intel (R) Extreme Graphics Driver 2 -> RUNDLL32.EXE C: \ WINDOWS \ system32 \ ialmrem.dll, UninstallW2KIGfx PCI \ VEN_8086 & DEV_2572
Intel (R) PRO Network Adapters e Drivers -> Prounstl.exe
iTunes -> MsiExec.exe / I (446DBFFA-4088-48E3-8932-74316BA4CAE4)
Java (TM) 6 Update 6 -> MsiExec.exe / I (3248F0A8-6813-11D6-A77B-00B0D0160060)
Java (TM) 6 Update 7 -> MsiExec.exe / I (3248F0A8-6813-11D6-A77B-00B0D0160070)
Macromedia Dreamweaver 8 -> MsiExec.exe / I (0837A661-FEC3-48B3-876C-91E7D32048A9)
Macromedia Extension Manager -> MsiExec.exe / I (5546CDB5-2CE2-498B-B059-5B3BF81FC41F)
Malwarebytes' Anti-Malware -> "C: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Nomes de domínio internacionalizados Microsoft Mitigação APIs -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA IPs $ \ spuninst \ spuninst.exe"
Microsoft National Language Support Downlevel APIs -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Professional Edition 2003 -> MsiExec.exe / I (90110409-6000-11D3-8CFE-0150048383C9)
Microsoft Visual C + + 2005 Redistributable -> MsiExec.exe / X (7299052b-02a4-4627-81f2-1818da5d550d)
MSN -> C: \ Program Files \ MSN \ MsnInstaller \ msninst.exe / Ação: ARP
MSXML 4.0 SP2 (KB936181) -> MsiExec.exe / I (C04E32E0-0416-434D-AFB9-6969D703A9EF)
PowerDVD -> Rundll32 C: \ PROGRA ~ 1 \ common ~ 1 \ INSTAL ~ 1 \ motor \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ setup.exe "-uninstall
QuickTime -> MsiExec.exe / I (50D8FFDD-90CD-4859-841F-AA1961C7767A)
Real Alternative 1.7.5 -> "C: \ Program Files \ Real Alternative \ unins000.exe"
Atualização de segurança para o Windows Internet Explorer 7 (KB938127 )-->" C: \ WINDOWS \ ie7updates \ KB938127-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB939653 )-->" C: \ WINDOWS \ ie7updates \ KB939653-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB942615 )-->" C: \ WINDOWS \ ie7updates \ KB942615-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB944533 )-->" C: \ WINDOWS \ ie7updates \ KB944533-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB950759 )-->" C: \ WINDOWS \ ie7updates \ KB950759-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB953838 )-->" C: \ WINDOWS \ ie7updates \ KB953838-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Internet Explorer 7 (KB956390 )-->" C: \ WINDOWS \ ie7updates \ KB956390-IE7 \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Media Player (KB911564 )-->" C: \ WINDOWS \ $ NtUninstallKB911564 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows Media Player 6.4 (KB925398 )-->" C: \ WINDOWS \ $ NtUninstallKB925398_WMP64 $ \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows Media Player 9 (KB936782 )-->" C: \ WINDOWS \ $ NtUninstallKB936782_WMP9 $ \ spuninst \ s puninst.exe "
Atualização de segurança para o Windows XP (KB890046 )-->" C: \ WINDOWS \ $ NtUninstallKB890046 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB893756 )-->" C: \ WINDOWS \ $ NtUninstallKB893756 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB896358 )-->" C: \ WINDOWS \ $ NtUninstallKB896358 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB896423 )-->" C: \ WINDOWS \ $ NtUninstallKB896423 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB896428 )-->" C: \ WINDOWS \ $ NtUninstallKB896428 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB899587 )-->" C: \ WINDOWS \ $ NtUninstallKB899587 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB899591 )-->" C: \ WINDOWS \ $ NtUninstallKB899591 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB900725 )-->" C: \ WINDOWS \ $ NtUninstallKB900725 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB901017 )-->" C: \ WINDOWS \ $ NtUninstallKB901017 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB901190 )-->" C: \ WINDOWS \ $ NtUninstallKB901190 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB901214 )-->" C: \ WINDOWS \ $ NtUninstallKB901214 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB902400 )-->" C: \ WINDOWS \ $ NtUninstallKB902400 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB904706 )-->" C: \ WINDOWS \ $ NtUninstallKB904706 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB905414 )-->" C: \ WINDOWS \ $ NtUninstallKB905414 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB905749 )-->" C: \ WINDOWS \ $ NtUninstallKB905749 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB908519 )-->" C: \ WINDOWS \ $ NtUninstallKB908519 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB911562 )-->" C: \ WINDOWS \ $ NtUninstallKB911562 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB911927 )-->" C: \ WINDOWS \ $ NtUninstallKB911927 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB913580 )-->" C: \ WINDOWS \ $ NtUninstallKB913580 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB914388 )-->" C: \ WINDOWS \ $ NtUninstallKB914388 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB914389 )-->" C: \ WINDOWS \ $ NtUninstallKB914389 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB917344 )-->" C: \ WINDOWS \ $ NtUninstallKB917344 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB917953 )-->" C: \ WINDOWS \ $ NtUninstallKB917953 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB918118 )-->" C: \ WINDOWS \ $ NtUninstallKB918118 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB918439 )-->" C: \ WINDOWS \ $ NtUninstallKB918439 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB919007 )-->" C: \ WINDOWS \ $ NtUninstallKB919007 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB920213 )-->" C: \ WINDOWS \ $ NtUninstallKB920213 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB920670 )-->" C: \ WINDOWS \ $ NtUninstallKB920670 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB920683 )-->" C: \ WINDOWS \ $ NtUninstallKB920683 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB920685 )-->" C: \ WINDOWS \ $ NtUninstallKB920685 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB921503 )-->" C: \ WINDOWS \ $ NtUninstallKB921503 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB922819 )-->" C: \ WINDOWS \ $ NtUninstallKB922819 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB923191 )-->" C: \ WINDOWS \ $ NtUninstallKB923191 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB923414 )-->" C: \ WINDOWS \ $ NtUninstallKB923414 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB923689 )-->" C: \ WINDOWS \ $ NtUninstallKB923689 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB923789) -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ genuinst.exe C: \ WINDOWS \ system32 \ Macromed \ Flash \ KB923789.inf
Atualização de segurança para o Windows XP (KB923980 )-->" C: \ WINDOWS \ $ NtUninstallKB923980 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB924270 )-->" C: \ WINDOWS \ $ NtUninstallKB924270 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB924496 )-->" C: \ WINDOWS \ $ NtUninstallKB924496 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB924667 )-->" C: \ WINDOWS \ $ NtUninstallKB924667 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB925902 )-->" C: \ WINDOWS \ $ NtUninstallKB925902 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB926255 )-->" C: \ WINDOWS \ $ NtUninstallKB926255 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB926436 )-->" C: \ WINDOWS \ $ NtUninstallKB926436 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB927779 )-->" C: \ WINDOWS \ $ NtUninstallKB927779 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB927802 )-->" C: \ WINDOWS \ $ NtUninstallKB927802 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB928255 )-->" C: \ WINDOWS \ $ NtUninstallKB928255 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB928843 )-->" C: \ WINDOWS \ $ NtUninstallKB928843 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB929123 )-->" C: \ WINDOWS \ $ NtUninstallKB929123 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB930178 )-->" C: \ WINDOWS \ $ NtUninstallKB930178 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB931261 )-->" C: \ WINDOWS \ $ NtUninstallKB931261 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB931784 )-->" C: \ WINDOWS \ $ NtUninstallKB931784 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB932168 )-->" C: \ WINDOWS \ $ NtUninstallKB932168 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB933729 )-->" C: \ WINDOWS \ $ NtUninstallKB933729 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB935839 )-->" C: \ WINDOWS \ $ NtUninstallKB935839 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB935840 )-->" C: \ WINDOWS \ $ NtUninstallKB935840 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB936021 )-->" C: \ WINDOWS \ $ NtUninstallKB936021 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB937894 )-->" C: \ WINDOWS \ $ NtUninstallKB937894 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB938127 )-->" C: \ WINDOWS \ $ NtUninstallKB938127 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB938464 )-->" C: \ WINDOWS \ $ NtUninstallKB938464 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB938829 )-->" C: \ WINDOWS \ $ NtUninstallKB938829 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB939653 )-->" C: \ WINDOWS \ $ NtUninstallKB939653 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941202 )-->" C: \ WINDOWS \ $ NtUninstallKB941202 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941568 )-->" C: \ WINDOWS \ $ NtUninstallKB941568 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941569 )-->" C: \ WINDOWS \ $ NtUninstallKB941569 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941644 )-->" C: \ WINDOWS \ $ NtUninstallKB941644 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB941693 )-->" C: \ WINDOWS \ $ NtUninstallKB941693 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB943055 )-->" C: \ WINDOWS \ $ NtUninstallKB943055 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB943460 )-->" C: \ WINDOWS \ $ NtUninstallKB943460 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB943485 )-->" C: \ WINDOWS \ $ NtUninstallKB943485 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB944653 )-->" C: \ WINDOWS \ $ NtUninstallKB944653 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB945553 )-->" C: \ WINDOWS \ $ NtUninstallKB945553 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB946026 )-->" C: \ WINDOWS \ $ NtUninstallKB946026 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB946648 )-->" C: \ WINDOWS \ $ NtUninstallKB946648 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB948590 )-->" C: \ WINDOWS \ $ NtUninstallKB948590 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB948881 )-->" C: \ WINDOWS \ $ NtUninstallKB948881 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950749 )-->" C: \ WINDOWS \ $ NtUninstallKB950749 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB950974 )-->" C: \ WINDOWS \ $ NtUninstallKB950974 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951066 )-->" C: \ WINDOWS \ $ NtUninstallKB951066 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951376 )-->" C: \ WINDOWS \ $ NtUninstallKB951376 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe "
Atualização de segurança para o Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB952954 )-->" C: \ WINDOWS \ $ NtUninstallKB952954 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB953839 )-->" C: \ WINDOWS \ $ NtUninstallKB953839 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB954211 )-->" C: \ WINDOWS \ $ NtUninstallKB954211 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956391 )-->" C: \ WINDOWS \ $ NtUninstallKB956391 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956803 )-->" C: \ WINDOWS \ $ NtUninstallKB956803 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB956841 )-->" C: \ WINDOWS \ $ NtUninstallKB956841 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB957095 )-->" C: \ WINDOWS \ $ NtUninstallKB957095 $ \ spuninst \ spunin st.exe "
Atualização de segurança para o Windows XP (KB958644 )-->" C: \ WINDOWS \ $ NtUninstallKB958644 $ \ spuninst \ spunin st.exe "
Sonic DLA -> MsiExec.exe / I (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
Sonic RecordNow! Plus -> MsiExec.exe / I (9541FED0-327F-4DF0-8B96-EF57EF622F19)
Sonic Update Manager -> MsiExec.exe / I (09DA4F91-2A09-4232-AB8C-6BC740096DE3)
Sony Ericsson PC Suite 3.102.00 -> C: \ Program Files \ InstallShield Installation Information \ (2FFE93F0-BB72-4E52-8761-354D1AAA9387) \ Setup.exe-runfromtemp-l0x0009-removeonly
SoundMAX -> Rundll32 C: \ PROGRA ~ 1 \ common ~ 1 \ INSTAL ~ 1 \ profis ~ 1 \ Runtime \ 10 \ 00 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (F0A37341 -D692-11D4-A984-009027EC0A9C) \ SETUP.EXE "-l0x9-removeonly
Atualização para o Windows XP (KB894391 )-->" C: \ WINDOWS \ $ NtUninstallKB894391 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB898461 )-->" C: \ WINDOWS \ $ NtUninstallKB898461 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB900485 )-->" C: \ WINDOWS \ $ NtUninstallKB900485 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB904942 )-->" C: \ WINDOWS \ $ NtUninstallKB904942 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB908531 )-->" C: \ WINDOWS \ $ NtUninstallKB908531 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB910437 )-->" C: \ WINDOWS \ $ NtUninstallKB910437 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB911280 )-->" C: \ WINDOWS \ $ NtUninstallKB911280 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB916595 )-->" C: \ WINDOWS \ $ NtUninstallKB916595 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB920872 )-->" C: \ WINDOWS \ $ NtUninstallKB920872 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB922582 )-->" C: \ WINDOWS \ $ NtUninstallKB922582 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB927891 )-->" C: \ WINDOWS \ $ NtUninstallKB927891 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB930916 )-->" C: \ WINDOWS \ $ NtUninstallKB930916 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB932823-v3 )-->" C: \ WINDOWS \ $ NtUninstallKB932823-v3 $ \ spuninst \ spuninst.exe "
Atualização para o Windows XP (KB933360 )-->" C: \ WINDOWS \ $ NtUninstallKB933360 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB936357 )-->" C: \ WINDOWS \ $ NtUninstallKB936357 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB938828 )-->" C: \ WINDOWS \ $ NtUninstallKB938828 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB942763 )-->" C: \ WINDOWS \ $ NtUninstallKB942763 $ \ spuninst \ spunin st.exe "
Atualização para o Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe "
O Windows Installer 3.1 (KB893803 )-->" C: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Internet Explorer 7 -> "C: \ WINDOWS \ ie7 \ spuninst \ spuninst.exe"
Windows Live Messenger -> MsiExec.exe / I (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Live Sign-in Assistant -> MsiExec.exe / I (22B3CC30-77B8-419C-AA4B-F571FDF5D66D)
Windows Media Format Runtime -> "C: \ Program Files \ Windows Media Player \ Wmsetsdk.exe" / UninstallAll
Windows XP Hotfix - KB873339 -> C: \ WINDOWS \ $ NtUninstallKB873339 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885835 -> C: \ WINDOWS \ $ NtUninstallKB885835 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885836 -> C: \ WINDOWS \ $ NtUninstallKB885836 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - kb886185 -> C: \ WINDOWS \ $ NtUninstallKB886185 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB887472 -> C: \ WINDOWS \ $ NtUninstallKB887472 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB888302 -> C: \ WINDOWS \ $ NtUninstallKB888302 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB890859 -> "C: \ WINDOWS \ $ NtUninstallKB890859 $ \ spuninst \ spunin st.exe"
Windows XP Hotfix - KB891781 -> C: \ WINDOWS \ $ NtUninstallKB891781 $ \ spuninst \ spunins t.exe
WinRAR Archiver -> C: \ Program Files \ WinRAR \ uninstall.exe
WinZip -> "C: \ Program Files \ WinZip \ WINZIP32.EXE" / uninstall
====== Ambiente variáveis ======
"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% SystemRoot% \ system32;% SystemRoot%;% SystemR oot% \ System32 \ Wbem; C: \ PROGRA ~ 1 \ CA \ PARTILHADAS ~ 1 \ SCANEN ~ 1, C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1, C: \ Program Files \ QuickTime \ QTSystem \
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NÃO
"SO" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 15
"PROCESSOR_IDENTIFIER" = x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION" = 0401
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. EXE,. MTD;. CMD;. VBS;. VBE;. JS;. Jse,. FSM;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"AVENGINE" = C: \ PROGRA ~ 1 \ CA \ PARTILHADAS ~ 1 \ SCANEN ~ 1
"Inoculan" = C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1
"CLASSPATH" =.; C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
----------------- ----------------- EOF


Esperando malwarebytes para terminar:)

[ah24]

Malwarebytes' Anti-Malware 1/30
Database version: 1370
5/1/2600 Windows Service Pack 2
06/11/2008 22:51:35
mbam-log-2008-11-06 (22-51-35). txt
Scan type: Quick Scan
Objetos digitalizados: 52152
Tempo decorrido: 8 minuto (s), 22 segundo (s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Valores do Registro infectados: 0
Dados de Registro Items Infected: 0
Pastas infectadas: 1
Arquivos infectados: 2
Memory Processes Infected:
(N º itens maliciosos detectados)
Memory Modules Infected:
(N º itens maliciosos detectados)
Registry Keys Infected:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ actuais ntVersion \ Ext \ Stats \ (af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0) (Adware.VideoEgg) -> quarentena e eliminado com sucesso.
Valores do Registro infectados:
(N º itens maliciosos detectados)
Dados de Registro Items Infected:
(N º itens maliciosos detectados)
Folders Infected:
C: \ Program Files \ TinyProxy (Trojan.Proxy) -> quarentena e eliminado com sucesso.
Arquivos Infectados:
C: \ Program Files \ TinyProxy \ tinyproxy (2). Exe (Trojan.Proxy) -> quarentena e eliminado com sucesso.
C: \ WINDOWS \ fmark2.dat (Malware.Trace) -> quarentena e eliminado com sucesso.

[evilfantasy]

Precisava de MalwareBytes log primeiro. Após ser concluído, em seguida, executar um novo RSIT digitalizar e postar o log. É só criar um log do segundo tempo.

Agora execute RSIT um novo scan e post o log.

[ah24]

Aqui vai meu ..

Logfile aleatório do sistema de informação ferramenta 1,04 (escrito por acaso / aleatório)
Corre por Adam em 2008/11/06 23:00:19
Microsoft Windows XP Professional Service Pack 2
Sistema de unidade C: tem 42 GB (57%), isenta de 73 GB
Total RAM: 510 MB (40% livre)
Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 23:00:23, em 06/11/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no arquivo)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / instalação / silêncio
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Classe) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
Fim do processo - 6622 bytes
====== Pasta Tarefas agendadas ======
C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job
====== Registry dump ======
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"SoundMAXPnP" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004/10/14 1404928]
"DLA" = C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe [2004-08-13 122939]
"UpdateManager" = C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe [2004/01/07 110592]
"Realtime Monitor" = C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe [2004/04/06 504080]
"" = []
"igfxtray" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"igfxhkcmd" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"igfxpers" = C: \ WINDOWS \ system32 \ igfxpers.exe [2005/09/20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"iTunesHelper" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008/06/10 144784]
"Adobe Photo Downloader" = C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes' Anti-Malware" = C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Run]
"ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-04 15360]
"A Sony Ericsson PC Suite" = C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Menu Iniciar \ Programas \ Arranque
Adobe Reader Speed Launch.lnk - C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Arquivos de Programas \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005/09/20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ standard profile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntversion \ explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871c-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

====== Arquivo associações ======
. js - edite - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Lista dos arquivos / pastas criadas no passado 1 mês ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes' Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Avg8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Program Files \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Dados de aplicativos \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Dados de aplicativos \ BVRP Software (2)
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ JAVA.EXE
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Teoria Teste
2008-10-25 22:29:24 ---- D ---- C: \ Config.Msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Lista dos arquivos / pastas modificadas nos últimos 1 mês ======
2008/11/06 22:51:35 ---- RD ---- C: \ Program Files
2008-11-06 22:51:35 ---- D ---- C: \ WINDOWS
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt
2008/11/06 22:30:43 ---- ---- RSHDC C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ prefetch
2008/11/06 21:45:09 ---- SHD ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ winSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:53 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-06 19:30:52 ---- HD ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Arquivos de Programas \ Arquivos Comuns
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Instalações
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 ---- HD ---- C: \ Program Files \ InstallShield Informações de instalação
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 ---- SD ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Arquivos de Programas \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 ---- HD ---- C: \ WINDOWS \ $ hf_mig $
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Lista dos maquinistas (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R1 intelppm; Processador Intel Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Intelppm.sys [2004-08-04 36096]
R1 kbdhid; Keyboard HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5; C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln; C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm; C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ Drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio; C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs; C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct; C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres; C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004/08/13 2239]
R2 tfsnifs; tfsnifs; C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio; C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool; C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
R2 tfsnudf; tfsnudf; C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa; C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ DRIVERS \ e100b325.sys [2004/02/10 154112]
R3 GEARAspiWDM; GEARAspiWDM; C: \ WINDOWS \ System32 \ Drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Class Driver; C: \ WINDOWS \ system32 \ DRIVERS \ hidusb.sys [2004/08/04 9600]
R3 ialm; ialm; C: \ WINDOWS \ system32 \ DRIVERS \ ialmnt5.sys [2005-09-20 1302332]
R3 mouhid; Mouse HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt; C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm; C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ DRIVERS \ usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft USB PRINTER Class; C: \ WINDOWS \ system32 \ DRIVERS \ Usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ DRIVERS \ USBSTOR.SYS [2004-08-03 26496]
====== Lista de serviços (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5; C: \ Arquivos de Programas \ Adobe \ Photoshop Elements 5,0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004/04/06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004/04/06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004/04/06 254224]
R2 UMWdf; Windows User Mode Driver Framework, C: \ WINDOWS \ system32 \ Wdfmgr.exe [2005-01-28 38912]
R3 iPod Service; iPod Service; C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 ose; Office Source Engine; C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader serviço; C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
----------------- ----------------- EOF