Log actualizado do Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04:03, on 08-11-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\SupportAppPT\ztemon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programas\Winamp\winampa.exe
C:\Programas\Unlocker\UnlockerAssistant.exe
C:\Programas\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe
C:\Programas\Creative\Fatal1ty Professional Laser Mouse\CTFaMicetra.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programas\Analog Devices\SoundMAX\Smax4.exe
C:\Programas\Java\jre1.6.0_07\bin\jusched.exe
C:\Programas\Ficheiros comuns\InstallShield\UpdateService\isuspm.exe
C:\Programas\Logitech\Gaming Software\LWEMon.exe
C:\Programas\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\FlashGet\FlashGet.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
C:\Programas\DAEMON Tools\daemon.exe
C:\Programas\RocketDock\RocketDock.exe
C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Programas\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programas\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHEI~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programas\FlashGet\getflash.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Programas\Winamp\winampa.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CreativeMS2020] C:\Programas\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programas\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Programas\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SweetIM] C:\Programas\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Flashget] C:\Programas\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programas\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SweetIM] C:\Programas\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Programas\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Programas\Gnuf\Casino\casinogame.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Gnuf Poker - {A99C8F70-4D5B-482c-8854-05BC0BB8B182} - C:\Programas\Gnuf\Poker\MPPoker.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programas\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programas\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173091029506
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHEI~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe
O23 - Service: ZTE CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon.exe
--
End of file - 12501 bytes
Log do SDfix:
SDFix: Version 1.240
Run by Administrador on 07-11-2008 at 23:30
Microsoft Windows XP [VersÆo 5.1.2600]
Running From: C:\sdfix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 23:51:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:79,29,35,e1,90,95,74,73,e0,b4,59,c2,40,39,55,cc,85,72,a2,fb,28,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:d0,6e,99,9e,e5,14,96,d6,5f,3f,53,c4,aa,16,54,8d,9c,a1,d7,81,2b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:62,c4,5a,10,35,fa,67,44,2b,1d,82,0b,89,b5,e7,10,10,9f,60,90,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:61,0f,75,f3,70,4c,b6,a8,6f,33,a2,87,71,0e,b1,0c,05,c9,0c,68,e3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:79,29,35,e1,90,95,74,73,e0,b4,59,c2,40,39,55,cc,85,72,a2,fb,28,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:d0,6e,99,9e,e5,14,96,d6,5f,3f,53,c4,aa,16,54,8d,9c,a1,d7,81,2b,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"]%ð?À?ó?<%Ú? ?(?T?r?u?e?T?y?p?e?)?"="KAIU.TTF"
"\x201c%Ë?\xae?\xb7?<%Ú? ?&? ?À?s?\x201c%Ë?\xae?\xb7?<%Ú? ?(?T?r?u?e?T?y?p?e?)?"="MINGLIU.TTC"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programas\\MSN Messenger\\msncall.exe"="C:\\Programas\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Programas\\FoxScript\\mirc32.exe"="C:\\Programas\\FoxScript\\mirc32.exe:*:Enabled:mIRC"
"C:\\Programas\\EA SPORTS\\FIFA 07\\fifa07.exe"="C:\\Programas\\EA SPORTS\\FIFA 07\\fifa07.exe:*:Enabled:fifa07"
"C:\\Programas\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Programas\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Enabled
es6.exe"
"C:\\Programas\\uTorrent\\utorrent.exe"="C:\\Programas\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Executar uma DLL como uma aplica‡Æo"
"C:\\Programas\\Steam\\SteamApps\\campeao69\\counter-strike\\hl.exe"="C:\\Programas\\Steam\\SteamApps\\campeao69\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Programas\\Bowlfish\\eMule.exe"="D:\\Programas\\Bowlfish\\eMule.exe:*:Enabled:eMule"
"C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\MiniRacingOnline\\MiniRacingOnline\\MiniRacingOnLine.exe"="C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\MiniRacingOnline\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Programas\\HLSW\\hlsw.exe"="C:\\Programas\\HLSW\\hlsw.exe:*:Enabled:HLSW"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Consola de gestÆo da Microsoft"
"C:\\Programas\\Cyanide\\GameCenter\\GameCenter.exe"="C:\\Programas\\Cyanide\\GameCenter\\GameCenter.exe:*:Enabled:GameCenter"
"C:\\Documents and Settings\\Administrador\\Defini‡äes locais\\Temp\\Rar$EX07.532\\MiniRacingOnline\\MiniRacingOnLine.exe"="C:\\Documents and Settings\\Administrador\\Defini‡äes locais\\Temp\\Rar$EX07.532\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"D:\\MiniRacingOnline\\MiniRacingOnLine.exe"="D:\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\\Nexon\\KartRider\\NMService.exe"="C:\\Nexon\\KartRider\\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\\Programas\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Programas\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
"C:\\Programas\\LimeWire\\LimeWire.exe"="C:\\Programas\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled
ro Evolution Soccer 2008"
"C:\\Programas\\EA SPORTS\\FIFA 08\\FIFA08.exe"="C:\\Programas\\EA SPORTS\\FIFA 08\\FIFA08.exe:*:Enabled:FIFA08"
"C:\\Programas\\Steam\\SteamApps\\decopt\\counter-strike\\hl.exe"="C:\\Programas\\Steam\\SteamApps\\decopt\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Programas\\Hamachi\\hamachi.exe"="C:\\Programas\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Conf\\fc.exe"="C:\\Conf\\fc.exe:*:Enabled:fc"
"C:\\Documents and Settings\\All Users\\start menu\\programs\\startup\\fc.exe"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\fc.exe:*:Enabled:fc"
"C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\fc.exe"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\fc.exe:*:Enabled:fc"
"C:\\Windows\\Menu Iniciar\\Iniciar\\fc.exe"="C:\\Windows\\Menu Iniciar\\Iniciar\\fc.exe:*:Enabled:fc"
"C:\\Programas\\Steam\\Steam.exe"="C:\\Programas\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Programas\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Programas\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"C:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Programas\\Ficheiros comuns\\Ahead\\Nero Web\\SetupX.exe"="C:\\Programas\\Ficheiros comuns\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Programas\\Skype\\Phone\\Skype.exe"="C:\\Programas\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Programas\\Piolet\\Piolet.exe"="C:\\Programas\\Piolet\\Piolet.exe:*:Enablediolet"
"C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"="C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe:*:Enabledro Cycling Manager - Season 2008"
"C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"="C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe:*:Enabledro Cycling Manager - Season 2008 - AutoRun"
"C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\racer060\\racer\\racer.exe"="C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\racer060\\racer\\racer.exe:*:Enabled:racer"
"C:\\Programas\\bmoworld\\BomberMan.exe"="C:\\Programas\\bmoworld\\BomberMan.exe:*:Enabled:BomberMan"
"C:\\Programas\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Programas\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\Programas\\FlashGet\\flashget.exe"="C:\\Programas\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"C:\\Programas\\Aspyr\\Top Spin 2\\Data\\Top Spin 2.exe"="C:\\Programas\\Aspyr\\Top Spin 2\\Data\\Top Spin 2.exe:*:Enabled:Top Spin 2"
"C:\\Programas\\TmNationsForever\\TmForever.exe"="C:\\Programas\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Programas\\Sega\\Beijing 2008\\Beijing.exe"="C:\\Programas\\Sega\\Beijing 2008\\Beijing.exe:*:Enabled:Beijing 2008T"
"C:\\Programas\\sina\\SAP\\SAPlatform.exe"="C:\\Programas\\sina\\SAP\\SAPlatform.exe:*:Enabled:SAPlatform.exe"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Assistˆncia Remota - Windows Messenger e Voz"
"C:\\Programas\\AVG\\AVG8\\avgam.exe"="C:\\Programas\\AVG\\AVG8\\avgam.exe:*:Enabled:avgam.exe"
"C:\\Programas\\AVG\\AVG8\\avgupd.exe"="C:\\Programas\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Programas\\AVG\\AVG8\\avgnsx.exe"="C:\\Programas\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programas\\MSN Messenger\\msncall.exe"="C:\\Programas\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files :
Files with Hidden Attributes :
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Programas\Messenger\msmsgs.exe"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Programas\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SDHelper.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Programas\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Programas\Spybot - Search & Destroy\Tools.dll"
Mon 5 Mar 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 5 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 18 Jan 2008 400 A..H. --- "C:\Programas\Ficheiros comuns\Symantec Shared\COH\COH32LU.reg"
Fri 18 Jan 2008 403 A..H. --- "C:\Programas\Ficheiros comuns\Symantec Shared\COH\COHDLU.reg"
Finished!
O avg so instalei para tentar resolver o problema porque sempre tive o norton e nunca precisei de outro antivirus..Entretanto vou desinstala-lo ja mas por agora nada de novo pelo menos ao nivel dos ficheiros e pastas.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04:03, on 08-11-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\SupportAppPT\ztemon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programas\Winamp\winampa.exe
C:\Programas\Unlocker\UnlockerAssistant.exe
C:\Programas\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe
C:\Programas\Creative\Fatal1ty Professional Laser Mouse\CTFaMicetra.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programas\Analog Devices\SoundMAX\Smax4.exe
C:\Programas\Java\jre1.6.0_07\bin\jusched.exe
C:\Programas\Ficheiros comuns\InstallShield\UpdateService\isuspm.exe
C:\Programas\Logitech\Gaming Software\LWEMon.exe
C:\Programas\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\FlashGet\FlashGet.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
C:\Programas\DAEMON Tools\daemon.exe
C:\Programas\RocketDock\RocketDock.exe
C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Programas\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programas\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHEI~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programas\FlashGet\getflash.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Programas\Winamp\winampa.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CreativeMS2020] C:\Programas\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programas\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Programas\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SweetIM] C:\Programas\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Flashget] C:\Programas\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programas\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SweetIM] C:\Programas\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Programas\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Programas\Gnuf\Casino\casinogame.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Gnuf Poker - {A99C8F70-4D5B-482c-8854-05BC0BB8B182} - C:\Programas\Gnuf\Poker\MPPoker.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programas\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programas\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173091029506
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHEI~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe
O23 - Service: ZTE CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon.exe
--
End of file - 12501 bytes
Log do SDfix:
SDFix: Version 1.240
Run by Administrador on 07-11-2008 at 23:30
Microsoft Windows XP [VersÆo 5.1.2600]
Running From: C:\sdfix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 23:51:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:79,29,35,e1,90,95,74,73,e0,b4,59,c2,40,39,55,cc,85,72,a2,fb,28,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:d0,6e,99,9e,e5,14,96,d6,5f,3f,53,c4,aa,16,54,8d,9c,a1,d7,81,2b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:62,c4,5a,10,35,fa,67,44,2b,1d,82,0b,89,b5,e7,10,10,9f,60,90,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:61,0f,75,f3,70,4c,b6,a8,6f,33,a2,87,71,0e,b1,0c,05,c9,0c,68,e3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programas\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:76,d1,db,89,61,87,7b,ee,18,90,48,71,bf,59,24,9b,57,c2,9b,d6,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,3d,f9,4f,bf,5a,22,cd,cf,05,b7,9c,56,eb,e7,09,0f,43,..
"khjeh"=hex:92,ce,6a,4a,ba,fc,b7,c4,44,9e,0c,16,39,46,b5,fe,63,7d,4a,ed,ea,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:79,29,35,e1,90,95,74,73,e0,b4,59,c2,40,39,55,cc,85,72,a2,fb,28,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:d0,6e,99,9e,e5,14,96,d6,5f,3f,53,c4,aa,16,54,8d,9c,a1,d7,81,2b,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"]%ð?À?ó?<%Ú? ?(?T?r?u?e?T?y?p?e?)?"="KAIU.TTF"
"\x201c%Ë?\xae?\xb7?<%Ú? ?&? ?À?s?\x201c%Ë?\xae?\xb7?<%Ú? ?(?T?r?u?e?T?y?p?e?)?"="MINGLIU.TTC"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programas\\MSN Messenger\\msncall.exe"="C:\\Programas\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Programas\\FoxScript\\mirc32.exe"="C:\\Programas\\FoxScript\\mirc32.exe:*:Enabled:mIRC"
"C:\\Programas\\EA SPORTS\\FIFA 07\\fifa07.exe"="C:\\Programas\\EA SPORTS\\FIFA 07\\fifa07.exe:*:Enabled:fifa07"
"C:\\Programas\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Programas\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Enabled
es6.exe""C:\\Programas\\uTorrent\\utorrent.exe"="C:\\Programas\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Executar uma DLL como uma aplica‡Æo"
"C:\\Programas\\Steam\\SteamApps\\campeao69\\counter-strike\\hl.exe"="C:\\Programas\\Steam\\SteamApps\\campeao69\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Programas\\Bowlfish\\eMule.exe"="D:\\Programas\\Bowlfish\\eMule.exe:*:Enabled:eMule"
"C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\MiniRacingOnline\\MiniRacingOnline\\MiniRacingOnLine.exe"="C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\MiniRacingOnline\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Programas\\HLSW\\hlsw.exe"="C:\\Programas\\HLSW\\hlsw.exe:*:Enabled:HLSW"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Consola de gestÆo da Microsoft"
"C:\\Programas\\Cyanide\\GameCenter\\GameCenter.exe"="C:\\Programas\\Cyanide\\GameCenter\\GameCenter.exe:*:Enabled:GameCenter"
"C:\\Documents and Settings\\Administrador\\Defini‡äes locais\\Temp\\Rar$EX07.532\\MiniRacingOnline\\MiniRacingOnLine.exe"="C:\\Documents and Settings\\Administrador\\Defini‡äes locais\\Temp\\Rar$EX07.532\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"D:\\MiniRacingOnline\\MiniRacingOnLine.exe"="D:\\MiniRacingOnline\\MiniRacingOnLine.exe:*:Enabled:MiniRacingOnLine"
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\\Nexon\\KartRider\\NMService.exe"="C:\\Nexon\\KartRider\\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\\Programas\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Programas\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
"C:\\Programas\\LimeWire\\LimeWire.exe"="C:\\Programas\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\\Programas\\EA SPORTS\\FIFA 08\\FIFA08.exe"="C:\\Programas\\EA SPORTS\\FIFA 08\\FIFA08.exe:*:Enabled:FIFA08"
"C:\\Programas\\Steam\\SteamApps\\decopt\\counter-strike\\hl.exe"="C:\\Programas\\Steam\\SteamApps\\decopt\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Programas\\Hamachi\\hamachi.exe"="C:\\Programas\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Conf\\fc.exe"="C:\\Conf\\fc.exe:*:Enabled:fc"
"C:\\Documents and Settings\\All Users\\start menu\\programs\\startup\\fc.exe"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\fc.exe:*:Enabled:fc"
"C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\fc.exe"="C:\\Documents and Settings\\All Users\\Menu Iniciar\\Programas\\Inicializar\\fc.exe:*:Enabled:fc"
"C:\\Windows\\Menu Iniciar\\Iniciar\\fc.exe"="C:\\Windows\\Menu Iniciar\\Iniciar\\fc.exe:*:Enabled:fc"
"C:\\Programas\\Steam\\Steam.exe"="C:\\Programas\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Programas\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Programas\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"C:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Programas\\Ficheiros comuns\\Ahead\\Nero Web\\SetupX.exe"="C:\\Programas\\Ficheiros comuns\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Programas\\Skype\\Phone\\Skype.exe"="C:\\Programas\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Programas\\Piolet\\Piolet.exe"="C:\\Programas\\Piolet\\Piolet.exe:*:Enabled
iolet""C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"="C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe:*:Enabled
ro Cycling Manager - Season 2008""C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"="C:\\Programas\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe:*:Enabled
ro Cycling Manager - Season 2008 - AutoRun""C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\racer060\\racer\\racer.exe"="C:\\Documents and Settings\\Administrador\\Ambiente de trabalho\\racer060\\racer\\racer.exe:*:Enabled:racer"
"C:\\Programas\\bmoworld\\BomberMan.exe"="C:\\Programas\\bmoworld\\BomberMan.exe:*:Enabled:BomberMan"
"C:\\Programas\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Programas\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\Programas\\FlashGet\\flashget.exe"="C:\\Programas\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"C:\\Programas\\Aspyr\\Top Spin 2\\Data\\Top Spin 2.exe"="C:\\Programas\\Aspyr\\Top Spin 2\\Data\\Top Spin 2.exe:*:Enabled:Top Spin 2"
"C:\\Programas\\TmNationsForever\\TmForever.exe"="C:\\Programas\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Programas\\Sega\\Beijing 2008\\Beijing.exe"="C:\\Programas\\Sega\\Beijing 2008\\Beijing.exe:*:Enabled:Beijing 2008T"
"C:\\Programas\\sina\\SAP\\SAPlatform.exe"="C:\\Programas\\sina\\SAP\\SAPlatform.exe:*:Enabled:SAPlatform.exe"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Assistˆncia Remota - Windows Messenger e Voz"
"C:\\Programas\\AVG\\AVG8\\avgam.exe"="C:\\Programas\\AVG\\AVG8\\avgam.exe:*:Enabled:avgam.exe"
"C:\\Programas\\AVG\\AVG8\\avgupd.exe"="C:\\Programas\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Programas\\AVG\\AVG8\\avgnsx.exe"="C:\\Programas\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programas\\MSN Messenger\\msncall.exe"="C:\\Programas\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files :
Files with Hidden Attributes :
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Programas\Messenger\msmsgs.exe"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Programas\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SDHelper.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Programas\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Programas\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Programas\Spybot - Search & Destroy\Tools.dll"
Mon 5 Mar 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 5 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 18 Jan 2008 400 A..H. --- "C:\Programas\Ficheiros comuns\Symantec Shared\COH\COH32LU.reg"
Fri 18 Jan 2008 403 A..H. --- "C:\Programas\Ficheiros comuns\Symantec Shared\COH\COHDLU.reg"
Finished!
O avg so instalei para tentar resolver o problema porque sempre tive o norton e nunca precisei de outro antivirus..Entretanto vou desinstala-lo ja mas por agora nada de novo pelo menos ao nivel dos ficheiros e pastas.
