Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Ernane Ramos

[Arquivado] Log

Recommended Posts

Pessoal...

Um colega acessou a internet pelo meu PC e lotou de virus.

Até ai beleza...

Consegui tirar varios...só que tem algo errado ainda...

Fiz o Log no HijackThis, e peço que verifiquem, por favor.

 

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:38:09, on 26/1/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\nvsvc32.exeC:\Arquivos de programas\Spyware Terminator\sp_rsser.exeC:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wuauclt.exeC:\Arquivos de programas\Internet Explorer\iexplore.exeC:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ernanesbuffet.com.br/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: DirecX - {83FDA784-0154-418F-810B-F1839272C361} - C:\WINDOWS\system32\DirectX\Dinput\diagx3d.dllO2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [SkyTel] SkyTel.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Sothink SWF Catcher - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe--End of file - 5797 bytes

 

Valeuu!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Alguem poderia me ajudar?

pq tpw...não posso formatar novamente...larguei o pc semana passada com meu irmão e ele tbm colocou virus...ai nem perdi tempo formatei..só que agora presciso trabalhar e dependo mto desta maquina...

Alguem poderia me ajudar???

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Ernane Ramos

 

<@> Baixe: < RSIT > ( ...by random/random )

<@> Salve-o,diretamente,no Disco Local ( C ).

<@> Dê um duplo clique em RSIT.exe,para executar a ferramenta.

<@> Na janela que abrir,disclamer,clique em "Continue".

<@> Aguarde a conclusão de "Running HijackThis".

<@> Terminando,abrir-se-à o Bloco de Notas com o relatório: log.txt <-- Relatório para postagem!

<@> Poste,também,na sua resposta: info.txt,que estará em C:\rsit\info.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ai vai o LOG.TXT:

Logfile of random's system information tool 1.05 (written by random/random)Run by Ernane Ramos at 2009-01-26 11:42:37Microsoft Windows XP Professional Service Pack 3System drive C: has 40 GB (52%) free of 76 GBTotal RAM: 1023 MB (62% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:42:45, on 26/1/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\nvsvc32.exeC:\Arquivos de programas\Spyware Terminator\sp_rsser.exeC:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wscntfy.exeC:\Arquivos de programas\Internet Explorer\iexplore.exeC:\RSIT.exeC:\Arquivos de programas\Trend Micro\HijackThis\Ernane Ramos.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ernanesbuffet.com.br/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [SkyTel] SkyTel.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Sothink SWF Catcher - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeO9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeO9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe--End of file - 5907 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-11 16264192]"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]"avast!"=C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]"msnmsgr"=C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]nwiz.exe /install [][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]WgaLogon.dll [][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger""C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009""C:\Arquivos de programas\Adobe\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe"="C:\Arquivos de programas\Adobe\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3""C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]shell\AutoRun\command - G:\autorun.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d7abbe2-e9a2-11dd-a5f3-0018f30c63bb}]shell\AutoRun\command - D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exeshell\open\command - D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d7abbe3-e9a2-11dd-a5f3-0018f30c63bb}]shell\AutoRun\command - H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exeshell\open\command - H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe======File associations======.js - open - "C:\Arquivos de programas\Adobe\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe","%1"======List of files/folders created in the last 1 months======2009-01-26 11:42:37 ----D---- C:\rsit2009-01-26 11:42:24 ----A---- C:\RSIT.exe2009-01-26 09:13:37 ----D---- C:\WINDOWS\BDOSCAN82009-01-26 00:38:00 ----D---- C:\Arquivos de programas\Trend Micro2009-01-26 00:32:20 ----D---- C:\WINDOWS\ERDNT2009-01-26 00:30:34 ----D---- C:\Qoobox2009-01-25 22:02:53 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Malwarebytes2009-01-25 22:02:48 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes2009-01-25 22:02:48 ----D---- C:\Arquivos de programas\Malwarebytes' Anti-Malware2009-01-25 20:34:02 ----A---- C:\WINDOWS\system32\MFC71.dll2009-01-25 20:34:02 ----A---- C:\WINDOWS\system32\aswBoot.exe2009-01-25 20:33:59 ----D---- C:\Arquivos de programas\Alwil Software2009-01-25 06:16:09 ----D---- C:\Arquivos de programas\Spyware Terminator2009-01-24 18:29:12 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Thinstall2009-01-24 03:41:23 ----D---- C:\Arquivos de programas\CCleaner2009-01-23 20:01:54 ----D---- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared2009-01-23 19:17:03 ----D---- C:\Arquivos de programas\Adobe Media Player2009-01-23 19:16:14 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe AIR2009-01-23 12:59:52 ----D---- C:\Arquivos de programas\ReflexiveArcade2009-01-23 09:13:18 ----D---- C:\Arquivos de programas\ZaraSoft2009-01-23 09:05:48 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\KONAMI2009-01-23 08:56:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll2009-01-23 08:56:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll2009-01-23 08:56:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll2009-01-23 08:56:27 ----A---- C:\WINDOWS\system32\xactengine2_4.dll2009-01-23 08:56:27 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll2009-01-23 08:56:27 ----A---- C:\WINDOWS\system32\d3dx9_31.dll2009-01-23 08:56:26 ----A---- C:\WINDOWS\system32\xinput1_2.dll2009-01-23 08:56:26 ----A---- C:\WINDOWS\system32\xactengine2_3.dll2009-01-23 08:56:25 ----A---- C:\WINDOWS\system32\xinput1_1.dll2009-01-23 08:56:25 ----A---- C:\WINDOWS\system32\xactengine2_2.dll2009-01-23 08:56:24 ----A---- C:\WINDOWS\system32\xactengine2_1.dll2009-01-23 08:56:24 ----A---- C:\WINDOWS\system32\d3dx9_30.dll2009-01-23 08:56:23 ----A---- C:\WINDOWS\system32\xactengine2_0.dll2009-01-23 08:56:23 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll2009-01-23 08:56:23 ----A---- C:\WINDOWS\system32\d3dx9_29.dll2009-01-23 08:56:22 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll2009-01-23 08:56:22 ----A---- C:\WINDOWS\system32\d3dx9_28.dll2009-01-23 08:56:22 ----A---- C:\WINDOWS\system32\d3dx9_27.dll2009-01-23 08:56:21 ----A---- C:\WINDOWS\system32\d3dx9_26.dll2009-01-23 08:56:20 ----A---- C:\WINDOWS\system32\d3dx9_25.dll2009-01-23 08:56:19 ----A---- C:\WINDOWS\system32\d3dx9_24.dll2009-01-23 00:29:34 ----D---- C:\Arquivos de programas\WinClamAVShield2009-01-23 00:29:25 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Spyware Terminator2009-01-23 00:29:24 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Spyware Terminator2009-01-22 23:46:22 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Mozilla2009-01-22 23:44:18 ----D---- C:\Arquivos de programas\Mozilla Firefox2009-01-22 23:27:09 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Media Player Classic2009-01-22 23:08:20 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet2009-01-22 22:40:47 ----D---- C:\Arquivos de programas\Gabest2009-01-22 22:35:27 ----D---- C:\Arquivos de programas\Microsoft2009-01-22 22:34:51 ----D---- C:\Arquivos de programas\Windows Live SkyDrive2009-01-22 22:34:13 ----D---- C:\Arquivos de programas\Windows Live2009-01-22 22:30:33 ----D---- C:\Arquivos de programas\KONAMI2009-01-22 22:29:48 ----D---- C:\Arquivos de programas\Arquivos comuns\EZB Systems2009-01-22 22:29:47 ----D---- C:\Arquivos de programas\UltraISO2009-01-22 22:29:42 ----A---- C:\WINDOWS\system32\rmoc3260.dll2009-01-22 22:29:42 ----A---- C:\WINDOWS\system32\pndx5032.dll2009-01-22 22:29:42 ----A---- C:\WINDOWS\system32\pndx5016.dll2009-01-22 22:29:42 ----A---- C:\WINDOWS\system32\pncrt.dll2009-01-22 22:29:39 ----A---- C:\WINDOWS\system32\yv12vfw.dll2009-01-22 22:29:39 ----A---- C:\WINDOWS\system32\xvidvfw.dll2009-01-22 22:29:39 ----A---- C:\WINDOWS\system32\xvidcore.dll2009-01-22 22:29:39 ----A---- C:\WINDOWS\system32\qt-dx331.dll2009-01-22 22:29:39 ----A---- C:\WINDOWS\system32\dpl100.dll2009-01-22 22:29:38 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest2009-01-22 22:29:38 ----A---- C:\WINDOWS\system32\ff_vfw.dll2009-01-22 22:29:38 ----A---- C:\WINDOWS\system32\divx.dll2009-01-22 22:29:37 ----A---- C:\WINDOWS\system32\msvcr71.dll2009-01-22 22:29:37 ----A---- C:\WINDOWS\system32\msvcp71.dll2009-01-22 22:29:36 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Real2009-01-22 22:29:36 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Real2009-01-22 22:29:36 ----D---- C:\Arquivos de programas\K-Lite Codec Pack2009-01-22 22:21:25 ----D---- C:\Arquivos de programas\Arquivos comuns\Windows Live2009-01-22 22:20:44 ----A---- C:\WINDOWS\ODBC.INI2009-01-22 22:20:37 ----A---- C:\WINDOWS\system32\mdimon.dll2009-01-22 22:19:57 ----D---- C:\Arquivos de programas\Microsoft.NET2009-01-22 22:19:33 ----D---- C:\Arquivos de programas\Arquivos comuns\DESIGNER2009-01-22 22:19:16 ----D---- C:\WINDOWS\SHELLNEW2009-01-22 22:18:16 ----D---- C:\Arquivos de programas\Microsoft Office2009-01-22 22:17:19 ----RHD---- C:\MSOCache2009-01-22 22:08:02 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe Systems2009-01-22 22:07:49 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared2009-01-22 22:07:18 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe2009-01-22 22:07:08 ----D---- C:\Arquivos de programas\Adobe2009-01-22 22:04:08 ----D---- C:\Arquivos de programas\Arquivos comuns\SourceTec2009-01-22 22:04:06 ----D---- C:\Arquivos de programas\SourceTec2009-01-22 21:58:36 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Download Manager2009-01-22 21:47:05 ----D---- C:\Arquivos de programas\WinAVIVideoConverter2009-01-22 21:46:19 ----D---- C:\Arquivos de programas\WinRAR2009-01-22 21:32:21 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage2009-01-22 21:26:41 ----D---- C:\WINDOWS\system32\PreInstall2009-01-22 21:16:19 ----D---- C:\WINDOWS\system32\Lang2009-01-22 21:14:31 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe2009-01-22 21:14:29 ----A---- C:\WINDOWS\system32\vusetup.dll2009-01-22 21:13:51 ----A---- C:\WINDOWS\IsUn0416.exe2009-01-22 21:13:32 ----A---- C:\WINDOWS\AS_Debug.txt2009-01-22 21:12:31 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll2009-01-22 21:12:13 ----D---- C:\WINDOWS\system32\RTCOM2009-01-22 21:12:05 ----A---- C:\WINDOWS\system32\ksuser.dll2009-01-22 21:12:00 ----R---- C:\WINDOWS\SoundMan.exe2009-01-22 21:11:59 ----R---- C:\WINDOWS\SkyTel.exe2009-01-22 21:11:59 ----R---- C:\WINDOWS\RtlUpd.exe2009-01-22 21:11:56 ----R---- C:\WINDOWS\RTLCPL.exe2009-01-22 21:11:48 ----R---- C:\WINDOWS\RTHDCPL.exe2009-01-22 21:11:47 ----R---- C:\WINDOWS\MicCal.exe2009-01-22 21:11:44 ----R---- C:\WINDOWS\Alcmtr.exe2009-01-22 21:11:42 ----R---- C:\WINDOWS\alcwzrd.exe2009-01-22 21:11:42 ----D---- C:\WINDOWS\ie7updates2009-01-22 21:11:41 ----D---- C:\Arquivos de programas\Realtek2009-01-22 21:11:39 ----HD---- C:\Arquivos de programas\InstallShield Installation Information2009-01-22 21:11:34 ----R---- C:\WINDOWS\RtlExUpd.dll2009-01-22 21:11:23 ----D---- C:\WINDOWS\WBEM2009-01-22 21:11:10 ----A---- C:\WINDOWS\Ascd_tmp.ini2009-01-22 21:10:37 ----HDC---- C:\WINDOWS\ie72009-01-22 21:10:27 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$2009-01-22 21:10:15 ----N---- C:\WINDOWS\system32\spmsg.dll2009-01-22 21:10:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$2009-01-22 21:10:05 ----HD---- C:\WINDOWS\$hf_mig$2009-01-22 21:09:04 ----A---- C:\WINDOWS\system32\MRT.exe2009-01-22 21:06:11 ----SHD---- C:\RECYCLER2009-01-22 21:06:04 ----D---- C:\Arquivos de programas\7-Zip2009-01-22 21:03:08 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Adobe2009-01-22 21:02:37 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Macromedia2009-01-22 20:59:23 ----D---- C:\WINDOWS\nvidia icons2009-01-22 20:59:10 ----D---- C:\WINDOWS\nview2009-01-22 20:59:10 ----A---- C:\WINDOWS\system32\nvudisp.exe2009-01-22 20:58:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE2009-01-22 20:58:42 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield2009-01-22 20:58:33 ----D---- C:\NVIDIA2009-01-22 20:57:33 ----D---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Identities2009-01-22 20:57:31 ----HD---- C:\Arquivos de programas\Uninstall Information2009-01-22 20:57:27 ----D---- C:\WINDOWS\system32\SoftwareDistribution2009-01-22 20:57:23 ----ASH---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\desktop.ini2009-01-22 20:57:22 ----SD---- C:\Documents and Settings\Ernane Ramos\Dados de aplicativos\Microsoft2009-01-22 20:55:29 ----D---- C:\WINDOWS\SoftwareDistribution2009-01-22 20:55:20 ----D---- C:\WINDOWS\Prefetch2009-01-22 20:55:19 ----SD---- C:\WINDOWS\system32\Microsoft2009-01-22 20:55:19 ----A---- C:\WINDOWS\SchedLgU.Txt2009-01-22 20:50:30 ----D---- C:\WINDOWS\system32\xircom2009-01-22 20:50:30 ----D---- C:\Arquivos de programas\xerox2009-01-22 20:50:30 ----D---- C:\Arquivos de programas\microsoft frontpage2009-01-22 20:50:11 ----A---- C:\WINDOWS\control.ini2009-01-22 20:50:11 ----A---- C:\AUTOEXEC.BAT2009-01-22 20:49:43 ----A---- C:\WINDOWS\system32\mapi32.dll2009-01-22 20:48:39 ----SD---- C:\WINDOWS\Downloaded Program Files2009-01-22 20:48:39 ----RD---- C:\WINDOWS\Offline Web Pages2009-01-22 20:48:39 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest2009-01-22 20:48:33 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest2009-01-22 20:48:29 ----HD---- C:\Arquivos de programas\WindowsUpdate2009-01-22 20:48:15 ----D---- C:\Arquivos de programas\Serviços on-line2009-01-22 20:47:54 ----D---- C:\WINDOWS\system32\DirectX2009-01-22 20:47:47 ----A---- C:\WINDOWS\system32\atrace.dll2009-01-22 20:47:45 ----A---- C:\WINDOWS\system32\desktop.ini2009-01-22 20:47:45 ----A---- C:\WINDOWS\desktop.ini2009-01-22 20:47:37 ----A---- C:\WINDOWS\system32\nmevtmsg.dll2009-01-22 20:47:36 ----A---- C:\WINDOWS\system32\acctres.dll2009-01-22 20:47:35 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços2009-01-22 20:47:32 ----SD---- C:\WINDOWS\Tasks2009-01-22 20:47:32 ----A---- C:\WINDOWS\system32\icfgnt5.dll2009-01-22 20:47:30 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap2009-01-22 20:47:26 ----D---- C:\WINDOWS\srchasst2009-01-22 20:47:25 ----D---- C:\WINDOWS\system32\Macromed2009-01-22 20:47:22 ----A---- C:\WINDOWS\system32\wuweb.dll2009-01-22 20:47:22 ----A---- C:\WINDOWS\system32\wucltui.dll2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wups.dll2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuauserv.dll2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuaueng1.dll2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuaueng.dll2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuauclt1.exe2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuauclt.exe2009-01-22 20:47:21 ----A---- C:\WINDOWS\system32\wuapi.dll2009-01-22 20:47:20 ----A---- C:\WINDOWS\system32\qmgrprxy.dll2009-01-22 20:47:20 ----A---- C:\WINDOWS\system32\qmgr.dll2009-01-22 20:47:20 ----A---- C:\WINDOWS\system32\bitsprx4.dll2009-01-22 20:47:20 ----A---- C:\WINDOWS\system32\bitsprx3.dll2009-01-22 20:47:20 ----A---- C:\WINDOWS\system32\bitsprx2.dll2009-01-22 20:47:16 ----D---- C:\Arquivos de programas\Movie Maker2009-01-22 20:46:54 ----A---- C:\WINDOWS\system32\safrslv.dll2009-01-22 20:46:54 ----A---- C:\WINDOWS\system32\safrdm.dll2009-01-22 20:46:54 ----A---- C:\WINDOWS\system32\safrcdlg.dll2009-01-22 20:46:54 ----A---- C:\WINDOWS\system32\racpldlg.dll2009-01-22 20:46:49 ----A---- C:\WINDOWS\system32\fltMc.exe2009-01-22 20:46:49 ----A---- C:\WINDOWS\system32\fltlib.dll2009-01-22 20:46:48 ----D---- C:\WINDOWS\system32\Restore2009-01-22 20:46:48 ----A---- C:\WINDOWS\system32\srsvc.dll2009-01-22 20:46:48 ----A---- C:\WINDOWS\system32\srrstr.dll2009-01-22 20:46:48 ----A---- C:\WINDOWS\system32\srclient.dll2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\nmmkcert.dll2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\msconf.dll2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\mnmsrvc.exe2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\mnmdd.dll2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\isrdbg32.dll2009-01-22 20:46:47 ----A---- C:\WINDOWS\system32\ils.dll2009-01-22 20:46:44 ----D---- C:\Arquivos de programas\NetMeeting2009-01-22 20:46:44 ----A---- C:\WINDOWS\system32\msoert2.dll2009-01-22 20:46:43 ----A---- C:\WINDOWS\system32\msoeacct.dll2009-01-22 20:46:42 ----A---- C:\WINDOWS\system32\inetres.dll2009-01-22 20:46:42 ----A---- C:\WINDOWS\system32\inetcomm.dll2009-01-22 20:46:40 ----D---- C:\Arquivos de programas\Outlook Express2009-01-22 20:46:40 ----A---- C:\WINDOWS\system32\schedsvc.dll2009-01-22 20:46:39 ----A---- C:\WINDOWS\system32\mstinit.exe2009-01-22 20:46:39 ----A---- C:\WINDOWS\system32\mstask.dll2009-01-22 20:46:39 ----A---- C:\WINDOWS\system32\isign32.dll2009-01-22 20:46:39 ----A---- C:\WINDOWS\system32\icwphbk.dll2009-01-22 20:46:39 ----A---- C:\WINDOWS\system32\icwdial.dll2009-01-22 20:46:38 ----A---- C:\WINDOWS\system32\inetcfg.dll2009-01-22 20:46:31 ----D---- C:\Arquivos de programas\Arquivos comuns\System2009-01-22 20:46:29 ----D---- C:\Arquivos de programas\Internet Explorer2009-01-22 20:45:49 ----D---- C:\Arquivos de programas\ComPlus Applications2009-01-22 20:45:47 ----A---- C:\WINDOWS\vbaddin.ini2009-01-22 20:45:47 ----A---- C:\WINDOWS\vb.ini2009-01-22 20:45:43 ----D---- C:\WINDOWS\Registration2009-01-22 20:45:37 ----D---- C:\Arquivos de programas\Windows Media Player2009-01-22 20:45:10 ----D---- C:\Arquivos de programas\Messenger2009-01-22 20:45:06 ----D---- C:\Arquivos de programas\MSN Gaming Zone2009-01-22 20:45:06 ----A---- C:\WINDOWS\system32\write.exe2009-01-22 20:44:54 ----A---- C:\WINDOWS\system32\sndvol32.exe2009-01-22 20:44:54 ----A---- C:\WINDOWS\system32\hticons.dll2009-01-22 20:44:54 ----A---- C:\WINDOWS\system32\avwav.dll2009-01-22 20:44:54 ----A---- C:\WINDOWS\system32\avmeter.dll2009-01-22 20:44:46 ----A---- C:\WINDOWS\system32\avtapi.dll2009-01-22 20:44:40 ----A---- C:\WINDOWS\system32\winchat.exe2009-01-22 20:44:32 ----A---- C:\WINDOWS\system32\getuname.dll2009-01-22 20:44:32 ----A---- C:\WINDOWS\system32\charmap.exe2009-01-22 20:44:32 ----A---- C:\WINDOWS\system32\calc.exe2009-01-22 20:44:31 ----A---- C:\WINDOWS\system32\winmine.exe2009-01-22 20:44:31 ----A---- C:\WINDOWS\system32\sol.exe2009-01-22 20:44:31 ----A---- C:\WINDOWS\system32\mshearts.exe2009-01-22 20:44:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd2009-01-22 20:44:30 ----A---- C:\WINDOWS\system32\reset.exe2009-01-22 20:44:30 ----A---- C:\WINDOWS\system32\freecell.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\tsshutdn.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\tslabels.ini2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\tskill.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\tsdiscon.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\tscon.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\shadow.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\rwinsta.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\regini.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\rdpcfgex.dll2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\qwinsta.exe2009-01-22 20:44:29 ----A---- C:\WINDOWS\system32\qappsrv.exe2009-01-22 20:44:28 ----A---- C:\WINDOWS\system32\msg.exe2009-01-22 20:44:28 ----A---- C:\WINDOWS\system32\msdtcprf.ini2009-01-22 20:44:28 ----A---- C:\WINDOWS\system32\logoff.exe2009-01-22 20:44:28 ----A---- C:\WINDOWS\system32\cdmodem.dll2009-01-22 20:44:22 ----A---- C:\WINDOWS\system32\wmimgmt.msc2009-01-22 20:44:21 ----A---- C:\WINDOWS\system32\accwiz.exe2009-01-22 20:44:20 ----A---- C:\WINDOWS\system32\sndrec32.exe2009-01-22 20:44:20 ----A---- C:\WINDOWS\system32\mplay32.exe2009-01-22 20:44:20 ----A---- C:\WINDOWS\system32\hypertrm.dll2009-01-22 20:44:19 ----D---- C:\Arquivos de programas\Windows NT2009-01-22 20:44:19 ----A---- C:\WINDOWS\system32\mspaint.exe2009-01-22 20:44:19 ----A---- C:\WINDOWS\system32\clipbrd.exe2009-01-22 20:44:18 ----A---- C:\WINDOWS\system32\spider.exe2009-01-22 20:44:17 ----A---- C:\WINDOWS\system32\tsgqec.dll2009-01-22 20:44:17 ----A---- C:\WINDOWS\system32\tscfgwmi.dll2009-01-22 20:44:17 ----A---- C:\WINDOWS\system32\rhttpaa.dll2009-01-22 20:44:17 ----A---- C:\WINDOWS\system32\aaclient.dll2009-01-22 20:44:16 ----A---- C:\WINDOWS\system32\mstscax.dll2009-01-22 20:44:16 ----A---- C:\WINDOWS\system32\mstsc.exe2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\termsrv.dll2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\sessmgr.exe2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\remotepg.dll2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\rdshost.exe2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\rdsaddin.exe2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\rdpwsx.dll2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\rdpsnd.dll2009-01-22 20:44:15 ----A---- C:\WINDOWS\system32\rdchost.dll2009-01-22 20:44:14 ----D---- C:\WINDOWS\system32\MsDtc2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\rdpclip.exe2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\qprocess.exe2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\mtxoci.dll2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\msdtcuiu.dll2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\icaapi.dll2009-01-22 20:44:14 ----A---- C:\WINDOWS\system32\cfgbkend.dll2009-01-22 20:44:13 ----A---- C:\WINDOWS\system32\xolehlp.dll2009-01-22 20:44:13 ----A---- C:\WINDOWS\system32\msdtctm.dll2009-01-22 20:44:13 ----A---- C:\WINDOWS\system32\msdtcprx.dll2009-01-22 20:44:13 ----A---- C:\WINDOWS\system32\msdtclog.dll2009-01-22 20:44:13 ----A---- C:\WINDOWS\system32\msdtc.exe2009-01-22 20:44:12 ----A---- C:\WINDOWS\system32\mtxlegih.dll2009-01-22 20:44:12 ----A---- C:\WINDOWS\system32\mtxex.dll2009-01-22 20:44:12 ----A---- C:\WINDOWS\system32\mtxdm.dll2009-01-22 20:44:12 ----A---- C:\WINDOWS\system32\dcomcnfg.exe2009-01-22 20:44:11 ----D---- C:\WINDOWS\system32\Com2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\stclient.dll2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\comrepl.dll2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\comaddin.dll2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\colbact.dll2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\clbcatex.dll2009-01-22 20:44:11 ----A---- C:\WINDOWS\system32\catsrvps.dll2009-01-22 20:44:10 ----A---- C:\WINDOWS\system32\comsvcs.dll2009-01-22 20:44:10 ----A---- C:\WINDOWS\system32\catsrvut.dll2009-01-22 20:44:10 ----A---- C:\WINDOWS\system32\catsrv.dll2009-01-22 20:44:09 ----A---- C:\WINDOWS\system32\comuid.dll2009-01-22 20:44:09 ----A---- C:\WINDOWS\system32\comsnap.dll2009-01-22 20:44:09 ----A---- C:\WINDOWS\system32\clbcatq.dll2009-01-22 20:44:02 ----A---- C:\WINDOWS\system32\servdeps.dll2009-01-22 20:44:02 ----A---- C:\WINDOWS\system32\mmfutil.dll2009-01-22 20:44:02 ----A---- C:\WINDOWS\system32\licwmi.dll2009-01-22 20:44:02 ----A---- C:\WINDOWS\system32\cmprops.dll2009-01-22 18:43:10 ----A---- C:\WINDOWS\system32\h323log.txt2009-01-22 18:40:48 ----A---- C:\WINDOWS\system32\usbui.dll2009-01-22 18:39:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2009-01-22 18:39:51 ----SHD---- C:\WINDOWS\Installer2009-01-22 18:39:51 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC2009-01-22 18:39:51 ----A---- C:\WINDOWS\ODBCINST.INI2009-01-22 18:39:47 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines2009-01-22 18:39:46 ----RD---- C:\Arquivos de programas2009-01-22 18:39:46 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared2009-01-22 18:39:46 ----D---- C:\Arquivos de programas\Arquivos comuns2009-01-22 18:39:43 ----RA---- C:\WINDOWS\system32\kbdazel.dll2009-01-22 18:39:42 ----RA---- C:\WINDOWS\system32\kbdtuq.dll2009-01-22 18:39:42 ----RA---- C:\WINDOWS\system32\kbdtuf.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdycc.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbduzb.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdur.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdtat.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdru1.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdru.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdmon.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdkyr.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdkaz.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdbu.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdblr.dll2009-01-22 18:39:40 ----RA---- C:\WINDOWS\system32\kbdaze.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhept.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhela3.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhela2.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhe319.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhe220.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdhe.dll2009-01-22 18:39:38 ----RA---- C:\WINDOWS\system32\kbdgkl.dll2009-01-22 18:39:36 ----RA---- C:\WINDOWS\system32\kbdlv1.dll2009-01-22 18:39:36 ----RA---- C:\WINDOWS\system32\kbdlv.dll2009-01-22 18:39:36 ----RA---- C:\WINDOWS\system32\kbdlt1.dll2009-01-22 18:39:36 ----RA---- C:\WINDOWS\system32\kbdlt.dll2009-01-22 18:39:36 ----RA---- C:\WINDOWS\system32\kbdest.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdsl1.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdsl.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdro.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdpl1.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdpl.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdhu1.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdhu.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdcz2.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdcz1.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdcz.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\kbdcr.dll2009-01-22 18:39:34 ----RA---- C:\WINDOWS\system32\KBDAL.DLL2009-01-22 18:39:33 ----RA---- C:\WINDOWS\system32\kbdycl.dll2009-01-22 18:39:31 ----A---- C:\WINDOWS\system32\spxcoins.dll2009-01-22 18:39:31 ----A---- C:\WINDOWS\system32\irclass.dll2009-01-22 18:39:31 ----A---- C:\WINDOWS\system32\dgsetup.dll2009-01-22 18:39:31 ----A---- C:\WINDOWS\system32\dgrpsetu.dll2009-01-22 18:39:30 ----A---- C:\WINDOWS\system32\EqnClass.Dll2009-01-22 18:39:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP2009-01-22 18:39:28 ----A---- C:\WINDOWS\TASKMAN.EXE2009-01-22 18:39:27 ----A---- C:\WINDOWS\system32\batt.dll2009-01-22 18:39:27 ----A---- C:\WINDOWS\NOTEPAD.EXE2009-01-22 18:39:26 ----A---- C:\WINDOWS\system32\storprop.dll2009-01-22 18:39:20 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini2009-01-22 18:39:16 ----RA---- C:\WINDOWS\SET8.tmp2009-01-22 18:39:13 ----RA---- C:\WINDOWS\SET4.tmp2009-01-22 18:39:12 ----RA---- C:\WINDOWS\SET3.tmp2009-01-22 18:39:06 ----D---- C:\WINDOWS\system32\CatRoot22009-01-22 18:39:06 ----D---- C:\WINDOWS\system32\CatRoot2009-01-22 18:39:01 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft2009-01-22 18:38:37 ----D---- C:\Documents and Settings2009-01-22 18:38:36 ----SHD---- C:\System Volume Information2009-01-22 18:38:01 ----SH---- C:\boot.ini2009-01-22 18:31:30 ----RSHDC---- C:\WINDOWS\system32\dllcache2009-01-22 18:31:30 ----RSD---- C:\WINDOWS\Fonts2009-01-22 18:31:30 ----RD---- C:\WINDOWS\Web2009-01-22 18:31:30 ----HD---- C:\WINDOWS\inf2009-01-22 18:31:30 ----D---- C:\WINDOWS\WinSxS2009-01-22 18:31:30 ----D---- C:\WINDOWS\twain_322009-01-22 18:31:30 ----D---- C:\WINDOWS\Temp2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\wins2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\wbem2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\usmt2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\spool2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\ShellExt2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\Setup2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\ras2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\pt-BR2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\oobe2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\npp2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\mui2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\inetsrv2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\IME2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\icsxml2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\ias2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\export2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\drivers2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\dhcp2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\config2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\3com_dmi2009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\30762009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\20522009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10542009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10462009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10422009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10412009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10372009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10332009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10312009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10282009-01-22 18:31:30 ----D---- C:\WINDOWS\system32\10252009-01-22 18:31:30 ----D---- C:\WINDOWS\system322009-01-22 18:31:30 ----D---- C:\WINDOWS\system2009-01-22 18:31:30 ----D---- C:\WINDOWS\security2009-01-22 18:31:30 ----D---- C:\WINDOWS\Resources2009-01-22 18:31:30 ----D---- C:\WINDOWS\repair2009-01-22 18:31:30 ----D---- C:\WINDOWS\Provisioning2009-01-22 18:31:30 ----D---- C:\WINDOWS\PeerNet2009-01-22 18:31:30 ----D---- C:\WINDOWS\pchealth2009-01-22 18:31:30 ----D---- C:\WINDOWS\Network Diagnostic2009-01-22 18:31:30 ----D---- C:\WINDOWS\mui2009-01-22 18:31:30 ----D---- C:\WINDOWS\msapps2009-01-22 18:31:30 ----D---- C:\WINDOWS\msagent2009-01-22 18:31:30 ----D---- C:\WINDOWS\Media2009-01-22 18:31:30 ----D---- C:\WINDOWS\L2Schemas2009-01-22 18:31:30 ----D---- C:\WINDOWS\java2009-01-22 18:31:30 ----D---- C:\WINDOWS\ime2009-01-22 18:31:30 ----D---- C:\WINDOWS\Help2009-01-22 18:31:30 ----D---- C:\WINDOWS\ehome2009-01-22 18:31:30 ----D---- C:\WINDOWS\Driver Cache2009-01-22 18:31:30 ----D---- C:\WINDOWS\Debug2009-01-22 18:31:30 ----D---- C:\WINDOWS\Cursors2009-01-22 18:31:30 ----D---- C:\WINDOWS\Connection Wizard2009-01-22 18:31:30 ----D---- C:\WINDOWS\Config2009-01-22 18:31:30 ----D---- C:\WINDOWS\AppPatch2009-01-22 18:31:30 ----D---- C:\WINDOWS\addins2009-01-22 18:31:30 ----D---- C:\WINDOWS======List of files/folders modified in the last 1 months======2009-01-22 22:20:23 ----A---- C:\WINDOWS\win.ini2009-01-22 18:39:45 ----A---- C:\WINDOWS\system.ini2009-01-07 17:20:24 ----A---- C:\WINDOWS\system32\LegitCheckControl.DLL======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Arquivos de programas\UltraISO\drivers\ISODrive.sys []R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-11 4381184]R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-06 6912]R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]S3 HidUsb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 aswUpdSv;avast! iAVS4 Control Service; C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]R2 avast! Antivirus;avast! Antivirus; C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe [2009-01-25 606720]R3 avast! Mail Scanner;avast! Mail Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]R3 avast! Web Scanner;avast! Web Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]S3 Adobe LM Service;Adobe LM Service; C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-22 72704]S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-23 655624]S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]-----------------EOF-----------------

O INFO.TXT

info.txt logfile of random's system information tool 1.05 2009-01-26 11:42:48======Uninstall list======-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf7-Zip 4.42-->"C:\Arquivos de programas\7-Zip\Uninstall.exe"Adobe AIR-->C:\Arquivos de programas\Arquivos comuns\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstallAdobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{DE787736-66F0-4BD9-884B-E4BCA3661646}Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}Adobe Fireworks CS4-->C:\Arquivos de programas\Arquivos comuns\Adobe\Installers\ccb135070a90ff24d6e7cc4bc5a59cb\Setup.exe --uninstall=1Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exeAdobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}Adobe Setup-->MsiExec.exe /I{28773E11-6E44-46DC-90BD-273A3FA2CAC1}Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}Adobe XMP Panels CS4-->MsiExec.exe /I{18C9716F-C906-441F-BA66-CABAA5CB2DCE}Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exeAssistente de Conexão do Windows Live-->MsiExec.exe /I{51A857F8-35FA-42B2-A7BE-FBD5BAFDD84A}Atualização de Segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"Atualização de Segurança para Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"avast! Antivirus-->C:\Arquivos de programas\Alwil Software\Avast4\aswRunDll.exe "C:\Arquivos de programas\Alwil Software\Avast4\Setup\setiface.dll",RunSetupCCleaner (remove only)-->"C:\Arquivos de programas\CCleaner\uninst.exe"Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}HijackThis 2.0.2-->"C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe" /uninstallK-Lite Mega Codec Pack 3.9.5-->"C:\Arquivos de programas\K-Lite Codec Pack\unins000.exe"kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}Malwarebytes' Anti-Malware-->"C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe"Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"Microsoft Office Professional Edição 2003-->MsiExec.exe /I{90110416-6000-11D3-8CFE-0150048383C9}Mozilla Firefox (3.0.5)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exeMSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUIPhotoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}Realtek High Definition Audio Driver-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x416  -removeonlySegoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}Sothink SWF Decompiler-->"C:\Arquivos de programas\SourceTec\Sothink SWF Decompiler\unins000.exe"Spyware Terminator-->"C:\Arquivos de programas\Spyware Terminator\unins000.exe"Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}UltraISO Premium V9.3-->"C:\Arquivos de programas\UltraISO\unins000.exe"VobSub v2.23 (Remove Only)-->"C:\Arquivos de programas\Gabest\VobSub\uninstall.exe"WinAVIVideoConverter-->"C:\Arquivos de programas\WinAVIVideoConverter\unins000.exe"Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"Windows Live Call-->MsiExec.exe /I{844649F4-8B62-4B1F-85D9-F3098DF32F3C}Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}Windows Live Essentials-->C:\Arquivos de programas\Windows Live\Installer\wlarp.exeWindows Live Essentials-->MsiExec.exe /I{E8A1D4A3-26BE-4115-9CFC-612ED3954B20}Windows Live Messenger-->MsiExec.exe /X{C8DD4EAD-674B-461B-94D5-4C80CCFB8401}ZaraRadio 1.6.1-->"C:\Arquivos de programas\ZaraSoft\ZaraRadio\unins000.exe"======Hosts File======127.0.0.1				activate.adobe.com======Security center information======AV: avast! antivirus 4.8.1296 [VPS 090125-0]System event logComputer Name: ERNANE-29D95041Event Code: 3260Message: O computador ingressou em workgroup 'GRUPO' com êxito.Record Number: 5Source Name: WorkstationTime Written: 20090122204356.000000-120Event Type: InformaçõesUser: Computer Name: ERNANE-29D95041Event Code: 6011Message: O nome NetBIOS e o nome do host DNS deste computador foram alterados de MACHINENAME para ERNANE-29D95041.Record Number: 4Source Name: EventLogTime Written: 20090122204317.000000-120Event Type: InformaçõesUser: Computer Name: MACHINENAMEEvent Code: 2Message: Ao se verificar se \Device\Serial0 era uma porta serial, uma fila foi detectada e será usada.Record Number: 3Source Name: SerialTime Written: 20090122183901.000000-120Event Type: InformaçõesUser: Computer Name: MACHINENAMEEvent Code: 6005Message: O serviço Log de eventos foi iniciado.Record Number: 2Source Name: EventLogTime Written: 20090122183842.000000-120Event Type: InformaçõesUser: Computer Name: MACHINENAMEEvent Code: 6009Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.Record Number: 1Source Name: EventLogTime Written: 20090122183842.000000-120Event Type: InformaçõesUser: Application event logComputer Name: ERNANE-29D95041Event Code: 1000Message: Os contadores de desempenho para o serviço MSDTC (MSDTC) foram carregados com êxito.A página 'Registrar dados' contém os novos valores de índice atribuídosao serviço.Record Number: 5Source Name: LoadPerfTime Written: 20090122204539.000000-120Event Type: InformaçõesUser: Computer Name: ERNANE-29D95041Event Code: 1000Message: Os contadores de desempenho para o serviço TermService (Serviços de terminal) foram carregados com êxito.A página 'Registrar dados' contém os novos valores de índice atribuídosao serviço.Record Number: 4Source Name: LoadPerfTime Written: 20090122204537.000000-120Event Type: InformaçõesUser: Computer Name: ERNANE-29D95041Event Code: 1000Message: Os contadores de desempenho para o serviço RemoteAccess (Roteamento e acesso remoto) foram carregados com êxito.A página 'Registrar dados' contém os novos valores de índice atribuídosao serviço.Record Number: 3Source Name: LoadPerfTime Written: 20090122204347.000000-120Event Type: InformaçõesUser: Computer Name: ERNANE-29D95041Event Code: 1000Message: Os contadores de desempenho para o serviço PSched (PSched) foram carregados com êxito.A página 'Registrar dados' contém os novos valores de índice atribuídosao serviço.Record Number: 2Source Name: LoadPerfTime Written: 20090122204325.000000-120Event Type: InformaçõesUser: Computer Name: ERNANE-29D95041Event Code: 1000Message: Os contadores de desempenho para o serviço RSVP (QoS RSVP) foram carregados com êxito.A página 'Registrar dados' contém os novos valores de índice atribuídosao serviço.Record Number: 1Source Name: LoadPerfTime Written: 20090122204324.000000-120Event Type: InformaçõesUser: ======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Arquivos de programas\Arquivos comuns\Adobe\AGL"windir"=%SystemRoot%"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"PROCESSOR_ARCHITECTURE"=x86"PROCESSOR_LEVEL"=15"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD"PROCESSOR_REVISION"=2f02"NUMBER_OF_PROCESSORS"=1"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP"PROCESSOR_DUMP"=1"PROCESSOR_CORE"=46-----------------EOF-----------------

 

Valeu!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Ernane Ramos

 

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-o no Desktop! --> Tire-o do zip!

<@> Desabilite,temporariamente,seus programas de proteção. <-- ( antivírus,antispyware e firewall )

<@> Para maiores detalhes,na instalação,siga as recomendações deste Tutorial. <-- Link

<@> Execute a ferramenta,com um duplo-clique em UsbFix.exe.

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ai...o UsbFix.txt:

 -------------- UsbFix V2.395 ---------------* User : Ernane Ramos - ERNANE-29D95041* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8* Recherche effectuée à 13:55:41 le seg 26/01/2009* Windows Xp - Internet Explorer 7.0.5730.13     --------------- [ Processus actifs ] ----------------      C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\userinit.exeC:\DOCUME~1\ERNANE~1\CONFIG~1\Temp\1.tmp\b2e.exe  --------------- [ Informations lecteurs ] ----------------     C: - Unidade de disco fixoD: - Unidade de disco remov¡velE: - Unidade de disco fixoF: - Unidade de CD-ROMG: - Unidade de CD-ROMH: - Unidade de disco remov¡vel +- Contenu de l'autorun : G:\autorun.inf  [autorun]open=autorun.exeicon=autorun.exe  --------------- [ Registre / Startup ] ----------------    ! REG.EXE VERSION 3.0HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run	NvCplDaemon	REG_SZ	RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup	NvMediaCenter	REG_SZ	RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit	RTHDCPL	REG_SZ	RTHDCPL.EXE	SkyTel	REG_SZ	SkyTel.EXE	Alcmtr	REG_SZ	ALCMTR.EXE	avast!	REG_SZ	C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents! REG.EXE VERSION 3.0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run	CTFMON.EXE	REG_SZ	C:\WINDOWS\system32\ctfmon.exe	msnmsgr	REG_SZ	"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /backgroundHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater  --------------- [ Registre / Mountpoint2 ] ----------------     Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command  Supprimé ! - HKEY_USERS\S-1-5-21-1214440339-412668190-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command  Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe2-e9a2-11dd-a5f3-0018f30c63bb}\Shell\AutoRun\command  Supprimé ! - HKEY_USERS\S-1-5-21-1214440339-412668190-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe2-e9a2-11dd-a5f3-0018f30c63bb}\Shell\AutoRun\command  Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe2-e9a2-11dd-a5f3-0018f30c63bb}\Shell\open\Command  Supprimé ! - HKEY_USERS\S-1-5-21-1214440339-412668190-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe2-e9a2-11dd-a5f3-0018f30c63bb}\Shell\open\Command  Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe3-e9a2-11dd-a5f3-0018f30c63bb}\Shell\AutoRun\command  Supprimé ! - HKEY_USERS\S-1-5-21-1214440339-412668190-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe3-e9a2-11dd-a5f3-0018f30c63bb}\Shell\AutoRun\command  Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe3-e9a2-11dd-a5f3-0018f30c63bb}\Shell\open\Command  Supprimé ! - HKEY_USERS\S-1-5-21-1214440339-412668190-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d7abbe3-e9a2-11dd-a5f3-0018f30c63bb}\Shell\open\Command    --------------- [ Nettoyage des disques ] ----------------      Echec de la supression !! - G:\autorun.exe   Echec de la supression !! - G:\autorun.inf   Echec de la supression !! - G:\setup.exe   Echec de la supression !! - G:\autorun.inf    --------------- ! Fin du rapport ! ----------------

 

HijackThis.log

 

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:02:30, on 26/1/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\nvsvc32.exeC:\Arquivos de programas\Spyware Terminator\sp_rsser.exeC:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wscntfy.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXEC:\Arquivos de programas\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\explorer.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ernanesbuffet.com.br/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [SkyTel] SkyTel.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Sothink SWF Catcher - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeO9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeO9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe--End of file - 5846 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Ernane Ramos

 

<!> Com o HijackThis,dê Fix nesta entrada:

 

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

 

<!> Será imprescindível,uma verificação em Kaspersky.

-------------------------------

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

 

<!> Acesse o site,e clique em: < kasperdx9.jpg >

 

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

Kas-Savetxt.gif

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.