Silver472 0 Denunciar post Postado Dezembro 18, 2008 Quando eu inicio o computador, antes da tela de logon aparece uma mensagem estranha geralmente com um caractere estranho ou um caminho de um arquivo. a mensagem tem um botao de ok que tem que clicar e ela desaparece. tambem apareceu do nada um negocio chamado web folders que fica em meu computador. eu ouvi dizer que o webfolders eh normal, mas essa mensagem estranha acho que nao, pode ate ser coisa do kaspersky, mas acho que eh virus. eu ja passei um monte de programas que me recomendaram, porem nenhum conseguiu remover a mensagem estranha. obrigado pela compreensao. Log do Hijack this: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:22, on 2008-12-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\arquivos de programas\a-squared free\a2service.exe C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\WINDOWS\VM303_STI.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CursorXP\CursorXP.exe C:\Arquivos de programas\UberIcon\UberIcon Manager.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe C:\Arquivos de programas\YzShadow\YzShadow.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\WINDOWS\BricoPacks\LeopardXP\FindeXer.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [uberIcon] "C:\Arquivos de programas\UberIcon\UberIcon Manager.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: panther.CurXPTheme.lnk = ? (User 'SYSTEM') O4 - S-1-5-18 Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe (User 'SYSTEM') O4 - .DEFAULT Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe (User 'Default user') O4 - .DEFAULT Startup: panther.CurXPTheme.lnk = ? (User 'Default user') O4 - .DEFAULT Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe (User 'Default user') O4 - .DEFAULT Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe (User 'Default user') O4 - Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe O4 - Startup: panther.CurXPTheme.lnk = ? O4 - Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe O4 - Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Adicionar ao Bloqueador de Banners - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.13\MediaManager\grab.html O9 - Extra button: Estatísticas de protecção do Tráfego de Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1169208152012 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\adialhk.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\arquivos de programas\a-squared free\a2service.exe O23 - Service: Agendador do LiveUpdate automático - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe -- End of file - 11660 bytes obrigado por me ajudarem. Edit: eu consegui uma foto da imagem estranha. Entrem aqui: http://i316.photobucket.com/albums/mm329/S...72/DSC04365.jpg Não se importem é apenas o visual de mac. Obrigado pela ajuda ate agora. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Dezembro 21, 2008 Boa Tarde! Silver472 <@> Baixe: < RSIT > <@> Salve-o,diretamente,no Disco Local ( C )! <@> Dê um duplo clique em RSIT.exe,para executar a ferramenta. <@> Na janela que abrir,disclamer,clique em "Continue". <@> Terminando,abrir-se-à o Bloco de Notas com o relatório: log.txt <-- Relatório para postagem! <@> Poste,também,na sua resposta: info.txt,que estará em C:\rsit\info.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Silver472 0 Denunciar post Postado Dezembro 22, 2008 Boa Tarde DigRam. obrigado pela ajuda. aqui esta o log do rsit e o info. Log.txt: Logfile of random's system information tool 1.05 (written by random/random) Run by Usuário at 2008-12-22 16:38:30 Microsoft Windows XP Professional Service Pack 2 System drive C: has 9 GB (12%) free of 76 GB Total RAM: 1021 MB (38% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38, on 2008-12-22 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe c:\arquivos de programas\a-squared free\a2service.exe C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\WINDOWS\VM303_STI.EXE C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CursorXP\CursorXP.exe C:\Arquivos de programas\UberIcon\UberIcon Manager.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe C:\Arquivos de programas\YzShadow\YzShadow.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\distnoted.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\SyncServer.exe C:\RSIT.exe C:\Arquivos de programas\Trend Micro\HijackThis\Usuário.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\WINDOWS\BricoPacks\LeopardXP\FindeXer.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [uberIcon] "C:\Arquivos de programas\UberIcon\UberIcon Manager.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: panther.CurXPTheme.lnk = ? (User 'SYSTEM') O4 - S-1-5-18 Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe (User 'SYSTEM') O4 - .DEFAULT Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe (User 'Default user') O4 - .DEFAULT Startup: panther.CurXPTheme.lnk = ? (User 'Default user') O4 - .DEFAULT Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe (User 'Default user') O4 - .DEFAULT Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe (User 'Default user') O4 - Startup: MacSearch.lnk = C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe O4 - Startup: panther.CurXPTheme.lnk = ? O4 - Startup: RK Launcher.lnk = C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe O4 - Startup: YzShadow.lnk = C:\Arquivos de programas\YzShadow\YzShadow.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Adicionar ao Bloqueador de Banners - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.13\MediaManager\grab.html O9 - Extra button: Estatísticas de protecção do Tráfego de Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1169208152012 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\adialhk.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\arquivos de programas\a-squared free\a2service.exe O23 - Service: Agendador do LiveUpdate automático - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe -- End of file - 11462 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GlaryInitialize.job C:\WINDOWS\tasks\GoogleUpdateTaskUser.job C:\WINDOWS\tasks\Norton Security Scan for Usuário.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Facilitador de Leitor de Link Adobe PDF - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-01 308856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-07-29 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD}] Loader Class - C:\WINDOWS\BricoPacks\LeopardXP\FindeXer.dll [2006-07-28 142848] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-06-23 98304] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-06-23 86016] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-06-23 81920] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "HP Software Update"=C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2006-09-07 303104] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 77824] "SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "AppleSyncNotifier"=C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936] "QuickTime Task"=C:\Arquivos de programas\QuickTime\QTTask.exe [2008-11-04 413696] "iTunesHelper"=C:\Arquivos de programas\iTunes\iTunesHelper.exe [2008-11-20 290088] "BigDog303"=C:\WINDOWS\VM303_STI.EXE [2005-10-25 61440] "AVP"=C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-07-29 206088] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360] "CursorXP"=C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000] "UberIcon"=C:\Arquivos de programas\UberIcon\UberIcon Manager.exe [2005-08-12 180224] C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Usuário\Menu Iniciar\Programas\Inicializar MacSearch.lnk - C:\Arquivos de programas\MacSearch_v.1.4.3\MacSearch.exe panther.CurXPTheme.lnk - C:\Arquivos de programas\CursorXP\Themes\panther.CurXPTheme RK Launcher.lnk - C:\Arquivos de programas\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe YzShadow.lnk - C:\Arquivos de programas\YzShadow\YzShadow.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\adialhk.dll,C:\ARQUIV~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-06-23 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-07-29 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth" "C:\Arquivos de programas\iTunes\iTunes.exe"="C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Arquivos de programas\Sierra Entertainment\Empire Earth III\EE3.exe"="C:\Arquivos de programas\Sierra Entertainment\Empire Earth III\EE3.exe:*:Enabled:Empire Earth III" "C:\Arquivos de programas\MegaCubo\bin\minifly.exe"="C:\Arquivos de programas\MegaCubo\bin\minifly.exe:*:Enabled:MiniFly" "C:\Arquivos de programas\MegaCubo\megacubo.exe"="C:\Arquivos de programas\MegaCubo\megacubo.exe:*:Enabled:MegaCubo" "C:\Arquivos de programas\BitTorrent\bittorrent.exe"="C:\Arquivos de programas\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\English\setup.exe"="C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\English\setup.exe:*:Enabled:Kaspersky Anti-Virus 2009 Setup" "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"="C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe:*:Enabled:Kaspersky Anti-Virus" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84c0a478-ac70-11db-a7fb-000e5065e039}] shell\AutoRun\command - vxsufl.exe shell\explore\command - vxsufl.exe shell\open\command - vxsufl.exe ======File associations====== .txt - open - C:\WINDOWS\NOTEPAD.EXE %1 ======List of files/folders created in the last 1 months====== 2008-12-22 16:38:30 ----D---- C:\rsit 2008-12-22 16:36:12 ----A---- C:\RSIT.exe 2008-12-19 14:02:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab 2008-12-19 14:02:33 ----D---- C:\Arquivos de programas\Kaspersky Lab 2008-12-18 14:57:06 ----AD---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP 2008-12-18 14:56:56 ----D---- C:\Arquivos de programas\Spyware Doctor 2008-12-18 12:03:42 ----D---- C:\LinhaDefensiva 2008-12-17 20:09:58 ----D---- C:\Documents and Settings\Usuário\Dados de aplicativos\Malwarebytes 2008-12-17 20:09:50 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes 2008-12-17 20:09:49 ----D---- C:\Arquivos de programas\Malwarebytes' Anti-Malware 2008-12-13 22:48:12 ----A---- C:\WINDOWS\system32\tmp.txt 2008-12-13 22:47:58 ----A---- C:\rapport.txt 2008-12-13 22:07:35 ----A---- C:\VundoFix.txt 2008-12-11 00:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-11 00:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-11 00:22:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-11 00:22:42 ----A---- C:\WINDOWS\imsins.BAK 2008-12-11 00:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2008-12-07 22:35:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\ESET 2008-12-07 22:10:58 ----A---- C:\WINDOWS\wininit.ini 2008-12-07 20:11:21 ----A---- C:\wttrqla.exe 2008-12-06 18:46:53 ----A---- C:\WINDOWS\system32\SkinCrafter2.dll 2008-12-02 21:54:28 ----D---- C:\GRSoft 2008-12-02 21:52:13 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL 2008-12-02 21:51:50 ----D---- C:\Arquivos de programas\Arquivos comuns\Borland Shared 2008-12-02 21:51:43 ----D---- C:\Spk Sistemas 2008-11-30 15:37:37 ----D---- C:\Arquivos de programas\Sierra Entertainment ======List of files/folders modified in the last 1 months====== 2008-12-22 16:38:36 ----D---- C:\WINDOWS\Prefetch 2008-12-22 16:38:25 ----D---- C:\WINDOWS\Temp 2008-12-22 16:28:21 ----D---- C:\Arquivos de programas\Mozilla Firefox 2008-12-21 10:56:15 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-12-19 18:00:00 ----D---- C:\Arquivos de programas\Norton Security Scan 2008-12-19 17:46:20 ----D---- C:\Arquivos de programas\MacSearch_v.1.4.3 2008-12-19 15:34:19 ----D---- C:\WINDOWS\system32\CatRoot2 2008-12-19 14:10:19 ----D---- C:\WINDOWS 2008-12-19 14:03:45 ----SHD---- C:\WINDOWS\Installer 2008-12-19 14:03:45 ----HD---- C:\Config.Msi 2008-12-19 14:03:38 ----D---- C:\WINDOWS\system32\drivers 2008-12-19 14:03:27 ----HD---- C:\WINDOWS\inf 2008-12-19 14:03:10 ----D---- C:\WINDOWS\system32 2008-12-19 14:02:33 ----D---- C:\Arquivos de programas 2008-12-19 13:59:44 ----D---- C:\Arquivos de programas\Spybot - Search & Destroy 2008-12-19 13:59:43 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2008-12-18 14:58:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-12-18 12:31:19 ----D---- C:\fixwareout 2008-12-18 12:24:13 ----A---- C:\WINDOWS\win.ini 2008-12-18 01:38:12 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-18 01:37:39 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-18 01:09:31 ----A---- C:\WINDOWS\NeroDigital.ini 2008-12-13 17:15:31 ----D---- C:\Documents and Settings\Usuário\Dados de aplicativos\FrostWire 2008-12-13 16:48:37 ----D---- C:\WINDOWS\Help 2008-12-13 04:37:59 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-12 00:53:24 ----D---- C:\Downloads 2008-12-11 17:26:58 ----D---- C:\WINDOWS\system32\CatRoot 2008-12-11 17:24:45 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-12-11 00:26:56 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help 2008-12-11 00:25:55 ----D---- C:\Arquivos de programas\Internet Explorer 2008-12-11 00:23:51 ----D---- C:\WINDOWS\Debug 2008-12-09 21:24:37 ----A---- C:\WINDOWS\system32\MRT.exe 2008-12-08 10:17:26 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab Setup Files 2008-12-07 22:32:18 ----D---- C:\Arquivos de programas\Arquivos comuns\Symantec Shared 2008-12-07 22:30:40 ----D---- C:\Arquivos de programas\Symantec 2008-12-07 22:28:56 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Symantec 2008-12-07 22:28:03 ----D---- C:\Arquivos de programas\Arquivos comuns 2008-12-07 22:26:50 ----SD---- C:\WINDOWS\Tasks 2008-12-07 21:25:36 ----D---- C:\Arquivos de programas\a-squared Free 2008-12-04 13:35:20 ----D---- C:\Arquivos de programas\MegaCubo 2008-12-04 13:28:42 ----D---- C:\Arquivos de programas\TVSuper3 2008-12-03 23:54:04 ----D---- C:\Arquivos de programas\SystemRequirementsLab 2008-11-30 18:49:39 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\TrackMania 2008-11-30 15:52:32 ----D---- C:\WINDOWS\system32\DirectX 2008-11-30 15:52:31 ----RSD---- C:\WINDOWS\assembly 2008-11-30 15:37:45 ----HD---- C:\Arquivos de programas\InstallShield Installation Information 2008-11-26 21:03:23 ----D---- C:\Arquivos de programas\FrostWire 2008-11-25 19:51:51 ----D---- C:\Arquivos de programas\Safari ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Arquivos de programas\Arquivos comuns\Symantec Shared\EENGINE\eeCtrl.sys [] R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-14 28672] R1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40192] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-12-19 213008] R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-07-25 165376] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-07-25 18048] R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-02-02 223128] R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-05 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-09-07 1178088] R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 ZSMC303;A4 TECH PC Camera H; C:\WINDOWS\System32\Drivers\usbVM303.sys [2005-10-27 390849] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] S3 a016bus;Sony Ericsson Device A016 driver (WDM); C:\WINDOWS\system32\DRIVERS\a016bus.sys [2008-01-18 83880] S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter; C:\WINDOWS\system32\DRIVERS\a016mdfl.sys [2008-01-18 15016] S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\a016mdm.sys [2008-01-18 110504] S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\a016mgmt.sys [2008-01-18 104488] S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\a016obex.sys [2008-01-18 100648] S3 alcan5ln;SpeedTouch USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2003-12-08 36256] S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Arquivos de programas\Comodo\CBOClean\BOCDRIVE.sys [] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 DSDrv4;DSDrv4; C:\WINDOWS\system32\drivers\DSDrv4.sys [] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-06-23 1095680] S3 MSTEE;Conversor em T entre locais de fluxo contínuo Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Conexão de TV e vídeo da Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-12-07 135936] S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [] S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; c:\arquivos de programas\a-squared free\a2service.exe [2007-06-15 224376] R2 Agendador do LiveUpdate automático;Agendador do LiveUpdate automático; C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-09 198336] R2 Apple Mobile Device;Dispositivo Celular da Apple; C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 AVP;Kaspersky Internet Security; C:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-07-29 206088] R2 Bonjour Service;Bonjour Service; C:\Arquivos de programas\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 InCDsrv;InCD Helper; C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe [2005-07-08 871424] R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 STacSV;SigmaTel Audio Service; C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe [2006-09-07 86016] R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2006-03-02 14336] R3 iPod Service;iPod Service; C:\Arquivos de programas\iPod\bin\iPodService.exe [2008-11-20 536872] S3 aspnet_state;Serviço de estado do ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-03 136120] S3 IDriverT;InstallDriver Table Manager; C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 LiveUpdate;LiveUpdate; C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-09 2528960] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464] S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WLSetupSvc;Windows Live Setup Service; C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Serviço de Partilha de Rede do Windows Media Player; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [2006-11-02 914944] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336] S4 usnjsvc;Pastas Partilhadas do Messenger - USN Journal Reader Service; C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] -----------------EOF----------------- agora o info.txt: info.txt logfile of random's system information tool 1.05 2008-12-22 16:38:50 ======Uninstall list====== !xSpeedPro 1.4-->c:\!xSpeedPro\uninstal.exe -->C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->MsiExec /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7} -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} -->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {98003BDC-1B68-4970-B28E-ACC8000D2F3E} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {B818F15C-FA76-4262-AB26-C04D0772EED8} A4 TECH USB PC Camera H-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}\setup.exe" -l0x416 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.3 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A81300000003} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log AGEIA PhysX v7.03.21-->MsiExec.exe /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7} Anti-Blaxx 1.18-->"C:\Arquivos de programas\Anti-Blaxx 1.18\unins000.exe" Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} a-squared Free 2.1-->"C:\Arquivos de programas\a-squared Free\unins000.exe" Assistente de Conexão do Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Atualização de Segurança para o Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Atualização de Segurança para Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Atualização para Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Atualização para Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Atualização para Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Atualização para Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Atualização para Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Atualização para Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Atualização para Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Atualização para Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Atualização para Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Atualização para Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Atualização para Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Atualização para Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Atualização para Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Atualização para Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Atualização para Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Atualização para Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Atualização para Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Atualização para Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Atualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Atualização para Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Calculator Powertoy for Windows XP-->MsiExec.exe /I{B37C842A-B624-46B8-A727-654E72F1C91A} Câmera Livre da Vizinhança The Sims 2-->"C:\Documents and Settings\Usuário\Meus documentos\EA Games\The Sims 2\Cameras\unins000.exe" Carom3D-->C:\WINDOWS\NeoUninstall.exe "C:\Program Files\Neoact\Carom3D\Uninstall.ini" CCleaner (remove only)-->"C:\Arquivos de programas\CCleaner\uninst.exe" CEP - Color Enable Package-->"C:\ARQUIV~1\EAGAME~1\zCEP_Uninstaller\unins000.exe" CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u DIMIN Hotkeys (remove only)-->"C:\Arquivos de programas\Winamp\Plugins\gen_DiminHotkeys\uninstall.exe" DVD Decrypter (Remove Only)-->"C:\Arquivos de programas\DVD Decrypter\uninstall.exe" DVD Shrink 3.2-->"C:\Arquivos de programas\DVD Shrink\unins000.exe" DVD Solution-->"C:\Arquivos de programas\Uninstall_CDS.exe" Empire Earth III-->C:\Arquivos de programas\InstallShield Installation Information\{B17E235C-7A3B-4482-B650-21FFDE1D452E}\setup.exe -runfromtemp -l0x0009 -removeonly e-Tocave-->MsiExec.exe /I{2493E318-0F44-40BE-8FAE-3F6DD25E1635} FlyakiteOSX-->C:\WINDOWS\FlyakiteOSX\Uninstall.exe FoxyTunes for Firefox-->"C:\Arquivos de programas\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul FrostWire 4.17.2-->C:\Arquivos de programas\FrostWire\Uninstall.exe Glary Utilities 2.6-->"C:\Arquivos de programas\Glary Utilities\unins000.exe" Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Talk (remove only)-->"C:\Arquivos de programas\Google\Google Talk\uninstall.exe" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" Hotfix para o Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix para Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix para Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" HP Customer Participation Program 7.0-->C:\Arquivos de programas\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Imaging Device Functions 7.0-->C:\Arquivos de programas\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart and Deskjet 7.0 Software (ptb)-->C:\Arquivos de programas\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Solution Center 7.0-->C:\Arquivos de programas\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} iColorFolder-->C:\Arquivos de programas\iColorFolder\uninstall.exe InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Intel® PRO Network Connections-->MsiExec.exe /I{F6B23E59-1240-4C20-AE0B-70658A91976A} iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} LightModem 3.0-->"C:\Arquivos de programas\Turbo\Modem\unins000.exe" LiveUpdate 3.1 (Symantec Corporation)-->"C:\Arquivos de programas\Symantec\LiveUpdate\LSETUP.EXE" /U LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Malwarebytes' Anti-Malware-->"C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe" Manual de Instalação 3.0-->"C:\Arquivos de programas\Turbo\Manual\unins000.exe" Megacubo 5.0.9-->"C:\Arquivos de programas\Megacubo\unins000.exe" Messenger Plus! Live-->"C:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Language Pack - PTB-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PTB\install.exe Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE} Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE} Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE} Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE} Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE} Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE} Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE} Microsoft Speech Recognition Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscsrgpc.inf, Uninstall.NT Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03} Mozilla Firefox (3.0.5)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe MP3 Player Utilities 4.00-->MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22} MP3 Player Utilities 4.13-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9} MP3 Player Utilities 5.06-->MsiExec.exe /I{8E79F5DD-4A0A-452B-B3F8-0651E4D24854} MP3 Player Utilities-->MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} Multimedia Launcher-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall MV RegClean 5.5-->"C:\Arquivos de programas\Marcos Velasco Security\MV RegClean 5.5\unins000.exe" Nero OEM-->C:\Arquivos de programas\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Norton Security Scan (Symantec Corporation)-->"C:\Arquivos de programas\Arquivos comuns\Symantec Shared\NSSSetup\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\NSSSetup.exe" /X Norton Security Scan-->MsiExec.exe /X{3FADAA19-E595-44CA-A072-58B6B0851768} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI Pack LeopardXP 1.0-->C:\WINDOWS\BricoPacks\LeopardXP\Remove.exe Picasa 2-->"C:\Arquivos de programas\Picasa2\Uninstall.exe" PowerDVD-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Prism-->C:\Arquivos de programas\NCH Software\Prism\uninst.exe Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727} QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} RealPlayer-->C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 RipIt4Me-->C:\Arquivos de programas\RipIt4Me\Uninstal.exe Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907} San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:C:\Arquivos de programas\San Andreas Mod Installer\Uninstall\uninstall.xml" Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} SigmaTel Audio-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x416 -remove -removeonly SimPE 0.64 (alpha)-->"C:\Arquivos de programas\SimPE\unins000.exe" Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{0D30C477-9454-4F7F-8278-487743A8DDAB} Sony Ericsson PC Suite 3.209.00-->C:\Arquivos de programas\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x0816 -removeonly Star Wars Galactic Battlegrounds-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{A202BDBA-753F-41B9-B649-CFB0B45FC03E}\Setup.exe" Switch Sound File Converter-->C:\Arquivos de programas\NCH Swift Sound\Switch\uninst.exe System Requirements Lab-->C:\Arquivos de programas\SystemRequirementsLab\Uninstall.exe TeamSpeak 2 RC2-->"C:\Arquivos de programas\Teamspeak2_RC2\unins000.exe" The Sims 2 - Aberto Para Negócios-->C:\Arquivos de programas\EA GAMES\The Sims 2 - Aberto Para Negócios\EAUninstall.exe The Sims 2 Diversão em Família Coleção de Objetos-->C:\Arquivos de programas\EA GAMES\The Sims 2 Diversão em Família Coleção de Objetos\EAUninstall.exe The Sims 2 University-->C:\Arquivos de programas\EA GAMES\The Sims 2 University\EAUninstall.exe The Sims 2: Vida Noturna-->C:\Arquivos de programas\EA GAMES\The Sims 2 Vida Noturna\EAUninstall.exe The Sims 2-->C:\Arquivos de programas\EA GAMES\The Sims 2\EAUninstall.exe The Sims™ 2 Bichos de Estimação-->C:\Arquivos de programas\EA GAMES\The Sims 2 Bichos de Estimação\EAUninstall.exe The Sims™ 2 Bon Voyage-->C:\Arquivos de programas\EA GAMES\The Sims 2 Bon Voyage\EAUninstall.exe The Sims™ 2 Celebrações! Coleção de Objetos-->C:\Arquivos de programas\EA GAMES\The Sims 2 Celebrações! Coleção de Objetos\EAUninstall.exe The Sims™ 2 Estilo Teen Coleção de Objetos-->C:\Arquivos de programas\EA GAMES\The Sims 2 Estilo Teen Coleção de Objetos\EAUninstall.exe The Sims™ 2 Glamour Coleção de Objetos-->C:\Arquivos de programas\EA GAMES\The Sims 2 Glamour Coleção de Objetos\EAUninstall.exe The Sims™ 2 H&M® Fashion Coleção de Objetos-->C:\Arquivos de programas\EA GAMES\The Sims 2 H&M® Fashion Coleção de Objetos\EAUninstall.exe The Sims™ 2 Quatro Estações-->C:\Arquivos de programas\EA GAMES\The Sims 2 Quatro Estações\EAUninstall.exe The Sims™ 2 Tempo Livre-->C:\Arquivos de programas\EA GAMES\The Sims 2 Tempo Livre\EAUninstall.exe TmNationsForever-->"C:\Arquivos de programas\TmNationsForever\unins000.exe" TmUnitedForever-->"C:\Arquivos de programas\TmUnitedForever\unins000.exe" Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe TrackMania United 0.2.0.8-->"C:\Arquivos de programas\TrackMania United\unins000.exe" TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B} TVSuper 3.0-->"C:\Arquivos de programas\TVSuper3\unins000.exe" Uninstall 1.0.0.0-->"C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft\unins000.exe" Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302} USB MP3 Player WIN98 Drivers-->C:\WINDOWS\IsUninst.exe -f"C:\Arquivos de programas\MP3\U-MP3\Uninst.isu" VDownloader 0.74-->"C:\Arquivos de programas\VDOWNLOADER\unins000.exe" Virtools 3D Life Player-->C:\Arquivos de programas\Virtools\3D Life Player\WebplayerConfig.exe -u Winamp-->"C:\Arquivos de programas\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{3A417047-2E30-4D05-8977-F706D40BFF39} Windows Live Messenger-->MsiExec.exe /X{B98023FD-EC2A-404B-BFC3-49E7ECE4490E} Windows Media Format 11 runtime-->"C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Arquivos de programas\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe WinRAR archiver-->C:\Arquivos de programas\WinRAR\uninstall.exe WinSCP 4.1.6-->"C:\Arquivos de programas\WinSCP\unins000.exe" =====HijackThis Backups===== O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" F3 - REG:win.ini: run= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR F3 - REG:win.ini: load= O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O20 - Winlogon Notify: khfddby - C:\WINDOWS\SYSTEM32\khfddby.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O2 - BHO: (no name) - {FB148392-6EE4-4595-8311-DAE7EFBBB91B} - (no file) O2 - BHO: (no name) - {A380D211-5824-4FE7-824A-023B0D8B3C91} - C:\WINDOWS\system32\awvvv.dll O2 - BHO: (no name) - {C59348F9-25FC-4FB6-A3A1-83811507178A} - C:\WINDOWS\system32\jkhhg.dll O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - C:\WINDOWS\system32\khfddby.dll O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - C:\WINDOWS\system32\khfddby.dll O20 - Winlogon Notify: khfddby - C:\WINDOWS\SYSTEM32\khfddby.dll O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - C:\WINDOWS\system32\khfddby.dll O20 - Winlogon Notify: khfddby - C:\WINDOWS\SYSTEM32\khfddby.dll O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - C:\WINDOWS\system32\khfddby.dll O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O20 - Winlogon Notify: khfddby - C:\WINDOWS\SYSTEM32\khfddby.dll O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O2 - BHO: (no name) - {FB148392-6EE4-4595-8311-DAE7EFBBB91B} - (no file) O2 - BHO: (no name) - {1AF9DEDB-344A-4963-8980-0DC6348F7DD0} - C:\WINDOWS\system32\gebyv.dll O2 - BHO: (no name) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O20 - Winlogon Notify: khfddby - C:\WINDOWS\ O4 - HKLM\..\Run: [WinDLLProcessor] "C:\windows\system32\setup(1).exe" O20 - Winlogon Notify: khfddby - C:\WINDOWS\ O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - (no file) O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - (no file) O2 - BHO: (no name) - {FB148392-6EE4-4595-8311-DAE7EFBBB91B} - (no file) O2 - BHO: (no name) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {FED51DF2-9644-4C58-9104-90244EDD6EEC} - (no file) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) O2 - BHO: (no name) - {FB148392-6EE4-4595-8311-DAE7EFBBB91B} - (no file) O2 - BHO: (no name) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O20 - Winlogon Notify: khfddby - C:\WINDOWS\ O4 - HKLM\..\Run: [nwiz] nwiz.exe /install ======Hosts File====== 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com ======Security center information====== AV: Kaspersky Internet Security FW: Kaspersky Internet Security System event log Computer Name: USU-36BB821B622 Event Code: 7036 Message: O serviço LiveUpdate entrou no estado interrompido. Record Number: 38916 Source Name: Service Control Manager Time Written: 20081124173713.000000-120 Event Type: Informações User: Computer Name: USU-36BB821B622 Event Code: 7036 Message: O serviço LiveUpdate entrou no estado executando. Record Number: 38915 Source Name: Service Control Manager Time Written: 20081124173529.000000-120 Event Type: Informações User: Computer Name: USU-36BB821B622 Event Code: 7035 Message: O serviço LiveUpdate recebeu com êxito um controle Iniciar. Record Number: 38914 Source Name: Service Control Manager Time Written: 20081124173529.000000-120 Event Type: Informações User: AUTORIDADE NT\SYSTEM Computer Name: USU-36BB821B622 Event Code: 7036 Message: O serviço Gerenciador de conexão de acesso remoto entrou no estado executando. Record Number: 38913 Source Name: Service Control Manager Time Written: 20081124173126.000000-120 Event Type: Informações User: Computer Name: USU-36BB821B622 Event Code: 7036 Message: O serviço IMAPI CD-Burning COM Service entrou no estado interrompido. Record Number: 38912 Source Name: Service Control Manager Time Written: 20081124173124.000000-120 Event Type: Informações User: Application event log Computer Name: USU-36BB821B622 Event Code: 0 Message: Record Number: 30958 Source Name: LiveUpdate Notice Service Time Written: 20081025174750.000000-120 Event Type: Informações User: Computer Name: USU-36BB821B622 Event Code: 0 Message: Record Number: 30957 Source Name: SymAppCore Time Written: 20081025174750.000000-120 Event Type: Informações User: Computer Name: USU-36BB821B622 Event Code: 35 Message: Record Number: 30956 Source Name: ccSvcHst Time Written: 20081025174749.000000-120 Event Type: Informações User: AUTORIDADE NT\SYSTEM Computer Name: USU-36BB821B622 Event Code: 34 Message: Record Number: 30955 Source Name: ccSvcHst Time Written: 20081025174749.000000-120 Event Type: Informações User: AUTORIDADE NT\SYSTEM Computer Name: USU-36BB821B622 Event Code: 35 Message: Record Number: 30954 Source Name: ccSvcHst Time Written: 20081025174749.000000-120 Event Type: Informações User: AUTORIDADE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Arquivos de programas\Intel\DMIX;C:\Arquivos de programas\QuickTime\QTSystem;C:\Arquivos de programas\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Arquivos de programas\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Arquivos de programas\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF----------------- obrigado pela ajuda ate agora. EDIT: Eu usei o combo fix e removeu a mensagem estranha. mto obrigado pela ajuda assim mesmo. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Dezembro 23, 2008 Bom Dia! Silver472 EDIT: Eu usei o combo fix e removeu a mensagem estranha. mto obrigado pela ajuda assim mesmo. <!> O relatório do RSIT,apontou infecção pelo Vundo. Mas...ainda podemos ter infecções,já que o Trojan.Vundo é muito renitente. ---------------------------- <!> Poste o relatório do ComboFix,que foi rodado voluntariamente. ( ComboFix.txt ) Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Janeiro 24, 2009 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
