Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
4 replies to this topic

#1 planmas

planmas

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 23 October 2009 - 04:42 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:32:26, on 23-10-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Programas\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\Lexmark X1100 Series\lxbkbmon.exe
C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\sms.exe
C:\Programas\Java\jre6\bin\jusched.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Programas\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Programas\Alwil Software\Avast4\ashWebSv.exe
C:\Programas\Windows Live\Contacts\wlcomm.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ivo Marques\Ambiente de trabalho\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [nwiz] C:\Programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [System More Service] C:\WINDOWS\system32\sms.exe
O4 - HKLM\..\Run: [Windows Live Conctacts Get] C:\WINDOWS\system32\msnmsgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://download.autodesk.com/esd/mapguide/...NG/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Serviço Google Update (gupdate1c9f90c6a81eed6) (gupdate1c9f90c6a81eed6) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Programas\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Programas\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 8910 bytes

BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:39 PM

Posted 31 October 2009 - 09:16 PM

Hello,

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and
we are trying our best to keep up.

My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if you
would let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Then please post back here with the following:
  • log.txt
  • info.txt
Thanks

unite.jpg


#3 planmas

planmas
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 01 November 2009 - 01:07 PM

---------LOG-----------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Ivo Marques at 2009-11-01 18:03:53
Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (21%) free of 153 GB
Total RAM: 1022 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:04:02, on 01-11-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\Lexmark X1100 Series\lxbkbmon.exe
C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\sms.exe
C:\Programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Programas\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Programas\Alwil Software\Avast4\ashWebSv.exe
C:\Programas\Windows Live\Contacts\wlcomm.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ivo Marques\Ambiente de trabalho\RSIT.exe
C:\Documents and Settings\Ivo Marques\Ambiente de trabalho\HiJackThis\Ivo Marques.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [nwiz] C:\Programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [System More Service] C:\WINDOWS\system32\sms.exe
O4 - HKLM\..\Run: [Windows Live Conctacts Get] C:\WINDOWS\system32\msnmsgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://download.autodesk.com/esd/mapguide/...NG/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Serviço Google Update (gupdate1c9f90c6a81eed6) (gupdate1c9f90c6a81eed6) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Programas\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Programas\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 8870 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Facilitador de Leitor de Link Adobe PDF - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programas\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-16 577536]
"Lexmark X1100 Series"=C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"NBKeyScan"=C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe Reader Speed Launcher"=C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-10-03 39792]
"GrooveMonitor"=C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"nwiz"=C:\Programas\NVIDIA Corporation\nView\nwiz.exe [2009-07-08 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"System More Service"=C:\WINDOWS\system32\sms.exe [2009-07-30 20766720]
"Windows Live Conctacts Get"=C:\WINDOWS\system32\msnmsgr.exe [2009-07-30 36864]
"SunJavaUpdateSched"=C:\Programas\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Adobe ARM"=C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Programas\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programas\BT Next Evolution\btnext.exe"="C:\Programas\BT Next Evolution\btnext.exe:*:Enabled:btnext"
"C:\Programas\uTorrent\uTorrent.exe"="C:\Programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\BT Next Evolution\btnext.exe"="C:\Documents and Settings\BT Next Evolution\btnext.exe:*:Enabled:btnext"
"C:\Programas\DW\BT Next Evolution\btnext.exe"="C:\Programas\DW\BT Next Evolution\btnext.exe:*:Enabled:btnext"
"C:\Documents and Settings\Ivo Marques\Os meus documentos\uTorrent\RatioMaster-1.7.5\RatioMaster-vs.exe"="C:\Documents and Settings\Ivo Marques\Os meus documentos\uTorrent\RatioMaster-1.7.5\RatioMaster-vs.exe:*:Enabled:Ratio Master"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Programas\eMule\eMule.exe"="C:\Programas\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\Programas\LimeWire\LimeWire.exe"="C:\Programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programas\Mozilla Firefox\firefox.exe"="C:\Programas\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programas\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Programas\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Programas\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programas\Microsoft Office\Office12\GROOVE.EXE"="C:\Programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programas\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"D:\Vários Jogos\(Juego PC) Puzzle Bubble\PBOBBLE\PB.EXE"="D:\Vários Jogos\(Juego PC) Puzzle Bubble\PBOBBLE\PB.EXE:*:Enabled:PB"
"C:\Programas\Java\jre6\bin\java.exe"="C:\Programas\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary"
"C:\Soldat\Soldat.exe"="C:\Soldat\Soldat.exe:*:Enabled:Soldat"
"C:\Programas\Windows Live\Messenger\wlcsdk.exe"="C:\Programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programas\Bid For Power\quake3.exe"="C:\Programas\Bid For Power\quake3.exe:*:Enabled:quake3"
"C:\Programas\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Programas\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistência Remota - Windows Messenger e Voz"
"C:\Programas\Windows Live\Messenger\msnmsgr.exe"="C:\Programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programas\Java\jre6\bin\javaw.exe"="C:\Programas\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"
"C:\Programas\Packet Tracer 5.2\bin\PacketTracer5.exe"="C:\Programas\Packet Tracer 5.2\bin\PacketTracer5.exe:*:Enabled:PacketTracer5"
"C:\Programas\Java\jdk1.6.0_11\bin\java.exe"="C:\Programas\Java\jdk1.6.0_11\bin\java.exe:*:Enabled:Java™ Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programas\Windows Live\Messenger\wlcsdk.exe"="C:\Programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programas\Windows Live\Messenger\msnmsgr.exe"="C:\Programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-11-01 18:03:53 ----D---- C:\rsit
2009-10-23 21:16:54 ----SHD---- C:\Config.Msi
2009-10-22 20:39:50 ----D---- C:\Documents and Settings\Ivo Marques\Application Data\Thinstall
2009-10-18 14:18:59 ----D---- C:\joao_ivo
2009-10-17 13:39:50 ----D---- C:\Programas\Packet Tracer 5.2
2009-10-15 18:39:33 ----D---- C:\Programas\DFX
2009-10-15 18:22:39 ----D---- C:\Documents and Settings\All Users\Application Data\DFX
2009-10-15 18:22:35 ----D---- C:\Programas\Ficheiros comuns\DFX
2009-10-14 19:30:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 19:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 19:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 19:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 19:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 19:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 19:23:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 19:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 19:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-04 13:19:13 ----D---- C:\Programas\Microsoft

======List of files/folders modified in the last 1 months======

2009-11-01 18:03:45 ----D---- C:\WINDOWS\Prefetch
2009-11-01 18:03:03 ----D---- C:\Programas\Mozilla Firefox
2009-11-01 16:29:00 ----D---- C:\WINDOWS\Temp
2009-11-01 13:46:08 ----A---- C:\WINDOWS\lexstat.ini
2009-11-01 01:04:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-30 23:19:28 ----D---- C:\Documents and Settings\Ivo Marques\Application Data\uTorrent
2009-10-28 20:08:44 ----D---- C:\Programas\Lexmark X1100 Series
2009-10-28 19:14:55 ----D---- C:\Programas\NaxDown
2009-10-25 11:17:29 ----D---- C:\WINDOWS\system32
2009-10-25 11:17:29 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-25 00:42:11 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-24 12:29:44 ----SHD---- C:\WINDOWS\Installer
2009-10-24 09:31:18 ----D---- C:\WINDOWS
2009-10-23 21:17:25 ----RD---- C:\Programas
2009-10-23 21:17:18 ----D---- C:\Programas\Ficheiros comuns\Microsoft Shared
2009-10-23 21:16:13 ----D---- C:\Programas\Ficheiros comuns
2009-10-23 21:14:38 ----D---- C:\WINDOWS\Debug
2009-10-23 21:14:37 ----D---- C:\WINDOWS\Minidump
2009-10-23 17:06:07 ----D---- C:\Programas\ffdshow
2009-10-20 21:19:23 ----HD---- C:\WINDOWS\inf
2009-10-20 20:18:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-20 20:12:01 ----D---- C:\Programas\Ficheiros comuns\Adobe
2009-10-18 10:40:49 ----D---- C:\Programas\DivX
2009-10-18 10:40:29 ----D---- C:\Programas\Ficheiros comuns\DivX Shared
2009-10-18 10:40:24 ----D---- C:\WINDOWS\WinSxS
2009-10-15 17:53:20 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 17:53:16 ----RSD---- C:\WINDOWS\assembly
2009-10-14 19:30:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-14 19:30:22 ----D---- C:\Programas\Internet Explorer
2009-10-14 19:30:13 ----D---- C:\WINDOWS\ie8updates
2009-10-14 19:30:08 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-14 19:26:41 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-10-08 20:32:34 ----D---- C:\Program Files
2009-10-02 18:01:57 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Controlador de processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40320]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-13 11868]
R2 XilinxPC4Driver;XilinxPC4Driver; C:\WINDOWS\System32\drivers\xpc4drvr.sys [2008-02-20 16000]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 FETNDIS;Controlador de placa Fast Ethernet VIA PCI 10/100Mb para NT; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2008-04-13 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2008-04-13 220032]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-07 47360]
R3 PD0620VID;Creative WebCam Instant; C:\WINDOWS\system32\DRIVERS\P0620Vid.sys [2004-04-16 90700]
R3 usbehci;Microsoft USB 2.0 - controlador Miniport de anfitrião melhorado; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Controlador de concentrador padrão USB da Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe de impressoras USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Controlador de scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Controlador miniport do controlador Microsoft USB universal; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2008-04-13 685056]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2008-02-20 194362]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Controlador HID de teclado; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ayrzquxr;ayrzquxr; C:\WINDOWS\system32\drivers\ayrzquxr.sys []
S3 BthEnum;Controlador de bloqueio de pedidos Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Controlador de comunicações série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Controlador de porta Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272640]
S3 BTHUSB;Controlador USB de rádio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Descodificador de captura fechada; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FlashUSB;FlashUSB; C:\WINDOWS\system32\DRIVERS\FlashUSB.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Controlador de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Controlador HID de rato; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-11-20 12160]
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Conversor da Microsoft para fluxos Tee/Sink-to-Sink; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Ligação de TV/Vídeo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 RFCOMM;Dispositivo Bluetooth (TDI protocolo RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\IVOMAR~1\DEFINI~1\Temp\sony_ssm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 USBSTOR;Controlador de armazenamento de massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Programas\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Programas\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programas\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 NIDomainService;National Instruments Domain Service; C:\Programas\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-01-22 225280]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Programas\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Programas\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S2 gupdate1c9f90c6a81eed6;Serviço Google Update (gupdate1c9f90c6a81eed6); C:\Programas\Google\Update\GoogleUpdate.exe [2009-06-29 133104]
S3 aspnet_state;Serviço de estado do ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programas\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NILM License Manager;NILM License Manager; C:\Programas\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Serviço de Partilha de Rede do Windows Media Player; C:\Programas\Windows Media Player\WMPNetwk.exe [2007-01-05 915968]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------






----------------INFO------------------

info.txt logfile of random's system information tool 1.06 2009-11-01 18:04:06

======Uninstall list======

-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0816-0000-0000000FF1CE} /uninstall {C450104C-4F9F-4924-8B97-92FB09DE9A92}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0816-0000-0000000FF1CE} /uninstall {6C04B8BC-6DC4-422F-B871-0236D11C50AB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
AC3Filter (remove only)-->C:\Programas\AC3Filter\uninstall.exe
Actualização Crítica para o Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Actualização de Segurança para o Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Actualização de segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Actualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Actualização para Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Actualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Actualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Actualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Actualização para Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Actualização para Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Actualização para Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Actualização para Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Actualização para Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.7 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A81300000003}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Arquivo do WinRAR-->C:\Programas\WinRAR\uninstall.exe
avast! Antivirus-->C:\Programas\Alwil Software\Avast4\aswRunDll.exe "C:\Programas\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BT Next Evolution-->C:\Programas\BT Next Evolution\Desinstalar.exe
ConvertXtoDVD 3.5.1.135-->"C:\Programas\VSO\ConvertX\3\unins000.exe"
Correcção para o Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Creative WebCam Center-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9 /remove
Creative WebCam Instant Driver (1.00.08.0416)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script PD0620.uns -unsext NT -plugin P0620Pin.dll -pluginres P0620Pin.crl
Creative WebCam Instant User's Guide (English)-->C:\WINDOWS\IsUninst.exe -f"C:\Programas\Creative\Creative WebCam Instant\Creative WebCam Instant User's Guide\English\CTManual.isu"
DFX for Windows Media Player-->C:\Programas\DFX\uninstall_WMP.exe
DivX Codec-->C:\Programas\DivX\DivXCodecUninstall.exe /CODEC
DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}
eMule Plus 1.2d-->"C:\Programas\eMule\unins000.exe"
ffdshow [rev 3097] [2009-10-08]-->"C:\Programas\ffdshow\unins000.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Documents and Settings\Ivo Marques\Ambiente de trabalho\HiJackThis\HijackThis.exe" /uninstall
HI-TECH C51-lite V9.60PL0-->"C:\Programas\HI-TECH Software\HC51\lite\9.60\resources\setup.exe"
HI-TECH PICC lite V9.60PL0-->"C:\Programas\HI-TECH Software\PICC\lite\9.60\resources\setup.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix para Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix para Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Java DB 10.4.1.3-->MsiExec.exe /X{998D6972-F58E-479D-9248-8F179E55AE38}
Java™ 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java™ SE Development Kit 6 Update 11-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160110}
Keil µVision3-->C:\Keil\Uninstall.exe
lcc-win32 version 3.2 (base system)-->C:\lcc\unins000.exe
Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x416
MATLAB R2009a-->C:\Programas\MATLAB\R2009a\uninstall\uninstall.exe C:\Programas\MATLAB\R2009a\
Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c}
Messenger Plus! Live-->"C:\Programas\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Language Pack - PTG-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PTG\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0015-0816-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0016-0816-0000-0000000FF1CE}
Microsoft Office Groove MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-00BA-0816-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0044-0816-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-00A1-0816-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001A-0816-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0018-0816-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001F-0816-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-002C-0816-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0019-0816-0000-0000000FF1CE}
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-006E-0816-0000-0000000FF1CE}
Microsoft Office Word MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001B-0816-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
ModelSim XE III 6.3c-->"C:\Programas\InstallShield Installation Information\{ED472FBE-FF70-47CE-B1A1-B22365EE9304}\setup.exe" -runfromtemp -l0x0009 -uninst -removeonly
Movie Templates - Starter Kit-->MsiExec.exe /X{e498385e-1c51-459a-b45f-1721e37aa1a0}
Mozilla Firefox (3.5.4)-->C:\Programas\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
National Instruments Software-->"C:\Programas\National Instruments\Shared\NIUninstaller\uninst.exe"
NaxDown 2.7.0-->"C:\Programas\NaxDown\unins000.exe"
Nero 9 Trial-->C:\Programas\Ficheiros comuns\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH"
Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}
Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}
Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}
Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Live-->MsiExec.exe /X{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}
Nero PhotoSnap-->MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac}
Nero Recode-->MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f}
Nero Rescue Agent-->MsiExec.exe /X{368ba326-73ad-4351-84ed-3c0a7a52cc53}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
Nero Vision-->MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b}
Nero WaveEditor-->MsiExec.exe /X{a209525b-3377-43f4-b886-32f6b6e7356f}
NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8}
NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}
NeroLiveGadget-->MsiExec.exe /X{9e9fdde6-2c26-492a-85a0-05646b3f2795}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetBeans IDE 6.5-->"C:\Programas\NetBeans 6.5\uninstall.exe"
NetWaiting-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\Setup.exe" -l0x816 ControlPanelAnyText
NI EULA Depot-->MsiExec.exe /I{0BEA337D-71D0-44C7-A575-932612A00908}
NI MDF Support-->MsiExec.exe /I{53FE1175-1B37-4677-924C-62AFFCC83800}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Programas\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
Online help of lcc-win32-->C:\lcc\unins001.exe
OrCAD 9.1-->C:\WINDOWS\uninst.exe -f"C:\Program Files\OrCAD\DeIsL1.isu"
Packet Tracer 5.2-->"C:\Programas\Packet Tracer 5.2\unins000.exe"
PDFCreator-->C:\Programas\PDFCreator\unins000.exe
PowerDVD-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PSpice Student 9.1-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\OrCAD_Demo\DeIsL2.isu"
Real Alternative 1.8.4-->"C:\Programas\Real Alternative\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x816 -removeonly
Résistor-->C:\Programas\Résistor\Uninstall.exe
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundTrax-->MsiExec.exe /X{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}
Subtitle Workshop 2.51-->"C:\Programas\URUSoft\Subtitle Workshop\uninstall.exe"
Sueca - O Jogo-->"C:\Programas\Sueca - O Jogo\unins000.exe"
System Requirements Lab-->C:\Programas\SystemRequirementsLab\Uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
V92 PCI Voice Faxmodem-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FF04A828-ABA4-11D7-A021-0060979CE4D3}\setup.exe" -l0x9
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6i-->C:\Programas\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Programas\Gabest\VobSub\uninstall.exe"
WinAVI Video Converter 9.0-->"C:\WINDOWS\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Programas\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{418001D0-F48E-4910-966C-0DCCC996A87A}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Programas\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{50CEA963-2745-46A8-BE71-767F2B36FEF2}
Windows Live Messenger-->MsiExec.exe /X{20B05668-C9F0-4469-AEF4-14DF41D6ACB6}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Programas\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Xilinx ISE 10.1-->C:\Programas\ISE/bin/nt/setup.exe -uninstall

======Security center information======

AV: avast! antivirus 4.8.1351 [VPS 091101-0]

======System event log======

Computer Name: IVO-6DA712B2655
Event Code: 7035
Message: Foi enviado com êxito para o serviço avast! Web Scanner um controlo Iniciar.

Record Number: 26993
Source Name: Service Control Manager
Time Written: 20090914124749.000000+060
Event Type: Informações
User: NT AUTHORITY\SYSTEM

Computer Name: IVO-6DA712B2655
Event Code: 7036
Message: O serviço avast! Mail Scanner entrou no estado execução.

Record Number: 26992
Source Name: Service Control Manager
Time Written: 20090914124748.000000+060
Event Type: Informações
User:

Computer Name: IVO-6DA712B2655
Event Code: 7035
Message: Foi enviado com êxito para o serviço avast! Mail Scanner um controlo Iniciar.

Record Number: 26991
Source Name: Service Control Manager
Time Written: 20090914124748.000000+060
Event Type: Informações
User: NT AUTHORITY\SYSTEM

Computer Name: IVO-6DA712B2655
Event Code: 7036
Message: O serviço Serviço COM de gravação de CD de IMAPI entrou no estado execução.

Record Number: 26990
Source Name: Service Control Manager
Time Written: 20090914124747.000000+060
Event Type: Informações
User:

Computer Name: IVO-6DA712B2655
Event Code: 7035
Message: Foi enviado com êxito para o serviço Serviço COM de gravação de CD de IMAPI um controlo Iniciar.

Record Number: 26989
Source Name: Service Control Manager
Time Written: 20090914124747.000000+060
Event Type: Informações
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: IVO-6DA712B2655
Event Code: 1002
Message: Starting interactive setup.

Record Number: 5674
Source Name: WgaSetup
Time Written: 20090524105552.000000+060
Event Type: Informações
User:

Computer Name: IVO-6DA712B2655
Event Code: 1006
Message: O EULA foi aceite anteriormente.

Record Number: 5673
Source Name: WgaSetup
Time Written: 20090524105551.000000+060
Event Type: Informações
User:

Computer Name: IVO-6DA712B2655
Event Code: 1000
Message: Aplicação em falha wa.exe, versão 3.0.0.0, módulo em falha wa.exe, versão 3.0.0.0, endereço em falha 0x0008391f.

Record Number: 5672
Source Name: Application Error
Time Written: 20090524000655.000000+060
Event Type: Erro
User:

Computer Name: IVO-6DA712B2655
Event Code: 1000
Message: Aplicação em falha wa.exe, versão 3.0.0.0, módulo em falha wa.exe, versão 3.0.0.0, endereço em falha 0x0000f720.

Record Number: 5671
Source Name: Application Error
Time Written: 20090523212548.000000+060
Event Type: Erro
User:

Computer Name: IVO-6DA712B2655
Event Code: 1000
Message: Aplicação em falha wa.exe, versão 3.0.0.0, módulo em falha wa.exe, versão 3.0.0.0, endereço em falha 0x0000f720.

Record Number: 5670
Source Name: Application Error
Time Written: 20090523212526.000000+060
Event Type: Erro
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%XILINX%\bin\nt;%XILINX%\lib\nt;%LMC_HOME%\lib\pcnt.lib;%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programas\MATLAB\R2009a\bin;C:\Programas\MATLAB\R2009a\bin\win32;C:\Programas\Ficheiros comuns\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"XILINX"=C:\Programas\ISE
"LMC_HOME"=C:\Programas\ISE\smartmodel\nt\installed_nt
"KMP_DUPLICATE_LIB_OK"=TRUE
"MKL_SERIAL"=YES
"PT5HOME"=C:\Programas\Packet Tracer 5.2

-----------------EOF-----------------






Tanks for helping!

#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:39 PM

Posted 01 November 2009 - 02:14 PM

Hi planmas,


Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


  • Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs, as this process may crash your computer.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.
  • Double click on Gmer to run it.
  • Allow the gmer.sys driver to load if asked.
  • You may see a rootkit warning window, If you do, click No.
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.



Please post back here with the following logs:
  • MBAM log
  • Gmer log
  • New Rsit log
Thanks

unite.jpg


#5 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:12:39 PM

Posted 05 November 2009 - 07:45 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users