Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-07-17 18:48:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 16 GB (40%) free of 40 GB
Total RAM: 1015 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:49, on 17/7/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\Arquivos de programas\Winamp\winampa.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\Orbitdownloader\orbitdm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Orbitdownloader\orbitnet.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Sony Ericsson\Sony Ericsson Wireless Manager 5\WirelessManager.exe
C:\Arquivos de programas\uTorrent\uTorrent.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe
C:\Documents and Settings\User\Desktop\RSIT.exe
C:\Arquivos de programas\Trend Micro\HijackThis\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.pesbrasil.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
R3 - Default URLSearchHook is missing
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE LG webpro2 Camera
O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Arquivos de programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&
http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://127.0.0.1:9070/etc/var/TVUAx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 8643 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll [2008-10-31 130248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Facilitador de Leitor de Link Adobe PDF - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll [2009-01-20 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-07 669168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-20 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll [2008-10-31 441464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2003-01-21 40960]
"WinampAgent"=C:\Arquivos de programas\Winamp\winampa.exe [2008-08-03 36352]
"avast!"=C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"AlcoholAutomount"=C:\Arquivos de programas\Alcohol Soft\Alcohol 120\axcmd.exe [2007-07-02 219520]
"DAEMON Tools Lite"=C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-07 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2007-01-12 163840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2007-01-12 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2007-01-12 135168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-07 68856]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
Orbit.lnk - C:\Arquivos de programas\Orbitdownloader\orbitdm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-01-12 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
![Mad :mad: :mad:](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
xpsp2res.dll,-22019"
"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\JOGOS\Medal\mohpa.exe"="D:\JOGOS\Medal\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"D:\JOGOS\LOTR BFME\game.dat"="D:\JOGOS\LOTR BFME\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Arquivos de programas\DreaMule\emule.exe"="C:\Arquivos de programas\DreaMule\emule.exe:*:Enabled
![Big Grin :D :D](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
reamule"
"C:\Arquivos de programas\Orbitdownloader\orbitdm.exe"="C:\Arquivos de programas\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Arquivos de programas\Orbitdownloader\orbitnet.exe"="C:\Arquivos de programas\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\JOGOS\combat\Combat Arms\CombatArms.exe"="D:\JOGOS\combat\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\JOGOS\combat\Combat Arms\Engine.exe"="D:\JOGOS\combat\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"D:\JOGOS\combat\Combat Arms\NMService.exe"="D:\JOGOS\combat\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Arquivos de programas\uTorrent\uTorrent.exe"="C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\JOGOS\LOTR BFME\patchget.dat"="D:\JOGOS\LOTR BFME\patchget.dat:*:Enabled
![Stick Out Tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
atchgrabber"
"C:\Arquivos de programas\Garena\Garena.exe"="C:\Arquivos de programas\Garena\Garena.exe:*
![Big Grin :D :D](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
isabled:Garena"
"D:\JOGOS\Left for dead\Left 4 Dead\left4dead.exe"="D:\JOGOS\Left for dead\Left 4 Dead\left4dead.exe:*
![Big Grin :D :D](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
isabled:left4dead"
"D:\JOGOS\Futebol\pes2009.exe"="D:\JOGOS\Futebol\pes2009.exe:*:Enabled
![Stick Out Tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
ro Evolution Soccer 2009"
"D:\JOGOS\Futebol\PES2008\PES2008.exe"="D:\JOGOS\Futebol\PES2008\PES2008.exe:*:Enabled
![Stick Out Tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
ro Evolution Soccer 2008"
"C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled
![Stick Out Tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
ro Evolution Soccer 2008"
"C:\Arquivos de programas\PEScript2009\mirc_wem.exe"="C:\Arquivos de programas\PEScript2009\mirc_wem.exe:*:Enabled:mIRC traduzido por Teco"
"C:\Arquivos de programas\Megacubo\megacubo.exe"="C:\Arquivos de programas\Megacubo\megacubo.exe:*
![Big Grin :D :D](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
isabled:MegaCubo"
"C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2008\WEM2008.exe"="C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2008\WEM2008.exe:*:Enabled
![Stick Out Tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
ro Evolution Soccer 2008"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Arquivos de programas\Valve\hl.exe"="C:\Arquivos de programas\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
![Mad :mad: :mad:](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
xpsp2res.dll,-22019"
"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\JOGOS\combat\Combat Arms\CombatArms.exe"="D:\JOGOS\combat\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\JOGOS\combat\Combat Arms\Engine.exe"="D:\JOGOS\combat\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-17 18:48:39 ----D---- C:\rsit
2009-07-08 19:21:43 ----D---- C:\Documents and Settings\User\Dados de aplicativos\Malwarebytes
2009-07-08 19:21:38 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
2009-07-08 19:21:38 ----D---- C:\Arquivos de programas\Malwarebytes' Anti-Malware
2009-07-07 20:22:52 ----A---- C:\WINDOWS\WEManager MOD - Addon Uninstall Log.txt
2009-07-07 20:17:29 ----D---- C:\Arquivos de programas\vghd
2009-07-07 20:17:28 ----D---- C:\Documents and Settings\User\Dados de aplicativos\vghd
2009-07-01 17:09:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-06-18 20:40:17 ----A---- C:\WINDOWS\system32\lfpng13n.dll
======List of files/folders modified in the last 1 months======
2009-07-17 18:48:47 ----D---- C:\WINDOWS\Prefetch
2009-07-17 18:48:23 ----D---- C:\Documents and Settings\User\Dados de aplicativos\uTorrent
2009-07-17 18:22:11 ----D---- C:\Arquivos de programas\Mozilla Firefox
2009-07-17 18:06:04 ----D---- C:\WINDOWS\Temp
2009-07-17 08:39:45 ----D---- C:\Documents and Settings\User\Dados de aplicativos\Orbit
2009-07-17 08:39:03 ----D---- C:\WINDOWS\system32\drivers
2009-07-17 08:39:02 ----D---- C:\WINDOWS\system32\config
2009-07-16 22:14:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 22:14:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-16 09:30:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-13 22:22:40 ----D---- C:\Arquivos de programas\DreaMule
2009-07-11 16:50:26 ----D---- C:\Arquivos de programas\PEScript2009
2009-07-08 19:50:30 ----D---- C:\Arquivos de programas
2009-07-08 11:50:41 ----D---- C:\WINDOWS
2009-07-07 21:30:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-07 20:17:30 ----D---- C:\WINDOWS\system32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2008-02-20 4224]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-02-20 3968]
R1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-06-02 278984]
R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2008-02-20 4960]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-06-02 25416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-12 5672032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-05 12288]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 sembbus;SEMC WMC Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sembbus.sys [2008-02-06 260992]
R3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sembcard.sys [2008-02-06 337408]
R3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter; C:\WINDOWS\system32\DRIVERS\sembmdfl2.sys [2008-02-06 14976]
R3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver; C:\WINDOWS\system32\DRIVERS\sembmdm2.sys [2008-02-06 380672]
R3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sembmgmt.sys [2008-02-06 343680]
R3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS); C:\WINDOWS\system32\DRIVERS\sembnd5.sys [2008-02-06 24960]
R3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM); C:\WINDOWS\system32\DRIVERS\sembunic.sys [2008-02-06 344064]
R3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sembwwan.sys [2008-02-06 337408]
R3 SEMCReserved;SEMC Reserved Interface; C:\WINDOWS\system32\DRIVERS\semcreserved.sys [2008-02-15 17408]
R3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader; C:\WINDOWS\system32\DRIVERS\sesc.sys [2007-08-14 12672]
R3 usbaudio;Driver de áudio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 ZSMC302;LG webpro2 Camera; C:\WINDOWS\System32\Drivers\usbvm302.sys [2004-06-16 91271]
S1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-02-20 775680]
S1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2008-02-20 27776]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S2 asc3550p;asc3550p; C:\WINDOWS\system32\drivers\asc3550p.sys []
S3 awoy0ky0;awoy0ky0; C:\WINDOWS\system32\drivers\awoy0ky0.sys []
S3 ayottguv;ayottguv; C:\WINDOWS\system32\drivers\ayottguv.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Conversor em T entre locais de fluxo contínuo Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Conexão de TV e vídeo da Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 MDM;Machine Debug Manager; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 StarWindServiceAE;StarWind AE Service; C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S2 Avg7Alrt;AVG7 Alert Manager Server; C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe []
S2 Avg7UpdSvc;AVG7 Update Service; C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe []
S2 AVGEMS;AVG E-mail Scanner; C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-20 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Serviço de Compartilhamento de Rede do Windows Media Player; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [2006-11-02 914944]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
-----------------EOF-----------------