renangv 0 Denunciar post Postado Junho 26, 2010 Quando eu clico em algum jogo aparece rapidamente uma tela azul e meu pc reinicia sozinho. O log gerado foi esse: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:41:03, on 26/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\uTorrent\uTorrent.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Arquivos de programas\kikin\ie_kikin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CloneCDTray] "C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [javahr] c:\path\javahr.exe O4 - HKLM\..\Run: [javahr2] c:\path\javahr2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB002" /M "Stylus C87" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Arquivos de programas\kikin\ie_kikin.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Arquivos de programas\kikin\ie_kikin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O20 - AppInit_DLLs: O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Update Service (gupdate1caa77bb41fd422) (gupdate1caa77bb41fd422) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8633 bytes Isso começo a acontecer depois que eu baixei um programa para utilizar o controle de playstation 2 no pc. Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 27, 2010 Alguem me ajuda por favor... Estou desesperado!!!!!!!! Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 27, 2010 Boa noite renangv 1. *Baixe o AD-Remover e salve-o no desktop *Duplo clique em AD-R.exe *Clique em [Clean]...aguarde o término. A reinicialização do PC poderá ser solicitada pelo programa. *Cole o relatório criado em C:\Ad-Report-CLEAN.log 2. *Baixe o MalwareBytes Anti-malware e salve-o no desktop *Instale o programa *Se alguma atualização existir,o download será automático. Aguarde... *O programa será aberto automaticamente. *Na aba [Verificação], selecione a opção [Verificação completa] *Clique em [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\) *Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados] *Clique em [Remover Selecionados] *Um relatório (mbam-log-ano-mês-data.txt) será apresentado. *Cole-o na sua próxima resposta Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 27, 2010 Relatório do AD-Report ======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 ======= Updated by C_XX on 23/06/10 at 19:20 Contact: AdRemover.contact@gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 23:42:39 on 26/06/2010, Normal boot Microsoft Windows XP Professional Service Pack 3 (X86) Renangv@RENAN ( ) ============== ACTION(S) ============== 0,Folder deleted: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 0,Folder deleted: C:\Documents and Settings\Renangv\Dados de aplicativos\Mozilla\FireFox\Profiles\6jxvzrvu.default\extensions\toolbar@ask.com 0,File deleted: C:\Documents and Settings\Renangv\Dados de aplicativos\Mozilla\FireFox\Profiles\6jxvzrvu.default\searchplugins\askcom.xml 0,Folder deleted: C:\DOCUME~1\Renangv\CONFIG~1\Temp\AskSearch 0,File deleted: C:\DOCUME~1\Renangv\CONFIG~1\Temp\ASKSUTBLOG 0,File deleted: C:\DOCUME~1\Renangv\CONFIG~1\Temp\Del_AskHPRFF.VBS 0,File deleted: C:\DOCUME~1\Renangv\CONFIG~1\Temp\GLB1.tmp 0,Folder deleted: C:\Arquivos de programas\Ask.com 0,Folder deleted: C:\Documents and Settings\Renangv\Configurações locais\Dados de aplicativos\AskToolbar 0,Folder deleted: C:\Documents and Settings\Renangv\Configurações locais\Dados de aplicativos\Conduit 0,Folder deleted: C:\Arquivos de programas\Conduit 0,Folder deleted: C:\Documents and Settings\Renangv\Dados de aplicativos\DesktopIcon 3,File deleted: C:\WINDOWS\Installer\11586c4.msi (!) -- Temporary files deleted. -- File opened: C:\Documents and Settings\Renangv\Dados de aplicativos\Mozilla\FireFox\Profiles\6jxvzrvu.default\Prefs.js -- Line deleted: user_pref("browser.search.defaultengine", "Ask.com"); Line deleted: user_pref("browser.search.defaultenginename", "Ask.com"); Line deleted: user_pref("browser.search.order.1", "Ask.com"); Line deleted: user_pref("browser.search.selectedEngine", "Ask.com"); Line deleted: user_pref("extensions.asktb.cbid", "FV"); Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}... Line deleted: user_pref("extensions.asktb.enable-kw-search", true); Line deleted: user_pref("extensions.asktb.fresh-install", false); Line deleted: user_pref("extensions.asktb.l", "dis"); Line deleted: user_pref("extensions.asktb.last-config-req", "1277561092860"); Line deleted: user_pref("extensions.asktb.locale", "en_BR"); Line deleted: user_pref("extensions.asktb.o", "14594"); Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line deleted: user_pref("extensions.asktb.qsrc", "2871"); Line deleted: user_pref("extensions.asktb.r", "5"); Line deleted: user_pref("extensions.enabledItems", "DTToolbar@toolbarnet.com:1.1.2.0185,{CAFEEFAC-0016-0000-0018-A... -- File closed -- 1,Key deleted: HKLM\Software\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} 1,Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Key deleted: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B} 1,Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 0,Key deleted: HKLM\Software\Conduit 0,Key deleted: HKCU\Software\Ask.com 0,Key deleted: HKCU\Software\AskToolbar 0,Key deleted: HKCU\Software\Conduit 0,Key deleted: HKCU\Software\AppDataLow\AskBarDis 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.4 (pt-BR)] ** -- C:\Documents and Settings\Renangv\Dados de aplicativos\Mozilla\FireFox\Profiles\6jxvzrvu.default\Prefs.js -- browser.download.lastDir, C:\\Documents and Settings\\Renangv\\Desktop browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= browser.startup.homepage, hxxp://www.daemon-search.com/startpage|hxxp://search.bearshare.com/ browser.startup.homepage_override.mstone, rv:1.9.2.4 ======================================== ** Internet Explorer Version [6.0.2900.5512] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Arquivos de programas\Ad-Remover\Quarantine: 63 File(s) C:\Arquivos de programas\Ad-Remover\Backup: 15 File(s) C:\Ad-Report-CLEAN[1].txt - 26/06/2010 (2929 Byte(s)) End at: 23:43:42, 26/06/2010 ============== E.O.F ============== Cara o incrivel é que quando eu termino a verificação com o MalwareBytes Anti-malware aparece a tela azul ai meu pc reinicia sozinho e não aparece nenhum relatório O que eu devo fazer? você acha que pode me ajudar mesmo sem o relatório do MalwareBytes Anti-malware? Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 27, 2010 1. *Execute novamente o AD-Remover *Clique em [uninstall] 2. *Baixe o RSIT e salve-o no desktop *Duplo clique em RSIT *Clique em [Continue] *Ao término do processo, cole os relatórios criados em C:\rsit\log.txt e C:\rsit\info.txt 3. *Verifique se a fonte do PC está ok e a temperatura do HD também. Tais problemas podem ser causados por Hardware (fonte e cooler). Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 27, 2010 Ta ai info.txt logfile of random's system information tool 1.06 2010-06-27 14:11:28 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Arquivos de programas\uTorrent\uTorrent.exe" /UNINSTALL Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001} AhnLab Online Security-->C:\Arquivos de programas\AhnLab\ASP\Common\aosremove.exe Alien Breed: Impact-->"C:\Arquivos de programas\Team17\Alien Breed Impact\unins000.exe" Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe Assistente de Conexão do Windows Live-->MsiExec.exe /I{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48} Atualização de Segurança para o Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Atualização de Segurança para o Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Atualização de Segurança para Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Atualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Atualização para Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Atualização para Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Atualização para Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Atualização para Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Atualização para Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Atualização para Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Atualização para Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Atualização para Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Atualização para Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" aTube Catcher-->C:\Arquivos de programas\DsNET Corp\aTube Catcher 1.0\uninstall.exe CloneCD-->"C:\Arquivos de programas\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Arquivos de programas\SlySoft\CloneCD" CloneDVD2-->"C:\Arquivos de programas\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Arquivos de programas\Elaborate Bytes\CloneDVD2" Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715} DAEMON Tools Toolbar-->C:\Arquivos de programas\DAEMON Tools Toolbar\uninst.exe DVDStyler v1.8.0.2-->"C:\Arquivos de programas\DVDStyler\unins000.exe" eBay Icon-->C:\Documents and Settings\Renangv\Dados de aplicativos\Desktopicon\uninst.exe EPSON Easy Photo Print-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\Setup.exe" -l0x416 UNINST Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Football Manager 2010-->"C:\Arquivos de programas\Sports Interactive\Football Manager 2010\Uninstall_Football Manager 2010\Uninstall Football Manager 2010.exe" FormatFactory 2.20-->C:\Arquivos de programas\FreeTime\FormatFactory\uninst.exe Gemini Lost Deluxe-->"C:\Arquivos de programas\Zylom Games\Gemini Lost Deluxe\GameInstlr.exe" --uninstall UnInstall.log Google Chrome-->"C:\Arquivos de programas\Google\Chrome\Application\5.0.375.70\Installer\setup.exe" --uninstall --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2-->"C:\Documents and Settings\Renangv\Meus documentos\Downloads\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix para o Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix para Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix para Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix para Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" ImgBurn-->"C:\Arquivos de programas\ImgBurn\uninstall.exe" Ink Monitor-->C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe -U Java 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF} Jetz Rampage 4 Gold-->"C:\Arquivos de programas\S64Games\Jetz Rampage 4 Gold\unins000.exe" kikin plugin (DVDStyler Edition) 2.0-->C:\Arquivos de programas\kikin\uninst.exe Legend of Mana Sword-->C:\Arquivos de programas\softendo.com\Legend of Mana Sword\Uninstal.exe Lexmark 510 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBZUN5C.EXE -dLexmark 510 Series LUNA Online v1.2.0-->C:\gPotato\Luna Online\uninst.exe Malwarebytes' Anti-Malware-->"C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe" MapleStory-->"C:\Level Up! Games\MapleStory\unins000.exe" Metal Slug - Special Mission-->C:\Arquivos de programas\softendo.com\Metal Slug - Special Mission\Uninstal.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE} Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE} Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE} Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE} Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE} Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE} Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Motherboard Monitor 5-->"C:\Arquivos de programas\Motherboard Monitor 5\unins000.exe" Mozilla Firefox (3.6.4)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI NVIDIA ForceWare Network Access Manager-->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l2070 Pacote de Driver do Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\ARQUIV~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_997D018D2E01A9942C06298D6FE2CFA91C42E7EA\amdk8.inf Pando Media Booster-->C:\Arquivos de programas\Pando Networks\Media Booster\uninst.exe Plants vs Zombies-->C:\Arquivos de programas\Plants vs Zombies\Uninstal.exe Ragnarok Online-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{2CBEDEBA-8DCE-4C0E-9DA0-0D2B303991A0}\setup.exe" -l0x416 -removeonly RealPlayer-->C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x416 -removeonly RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Runtime Files Pack 3-->C:\WINDOWS\ST4UNST.EXE -n "C:\WINDOWS\system32\ST4UNST.000" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} ShadowFlare-->C:\Arquivos de programas\ShadowFlare\SFUninst.exe Software para Impressoras EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R SR9600 Driver-->MsiExec.exe /I{9B3D7519-F678-49A4-B7D9-A7F56471C6EC} StarCraft II Beta-->C:\Arquivos de programas\Arquivos comuns\Blizzard Entertainment\StarCraft II Beta\Uninstall.exe The KMPlayer (remove only)-->"C:\Arquivos de programas\The KMPlayer\uninstall.exe" TVUPlayer 2.5.2.2-->C:\Arquivos de programas\TVUPlayer\uninst.exe Visual Basic 4 Runtime Files-->C:\WINDOWS\ST4UNST.EXE -n "C:\WINDOWS\system32\ST4UNST.LOG" Windows Live Call-->MsiExec.exe /I{32BC546A-8AA3-4239-AE92-9CF3291C35A6} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Essentials-->C:\Arquivos de programas\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{F2CD4651-F948-467C-B014-71FD981B7F59} Windows Live Messenger-->MsiExec.exe /X{B5ED7AB0-3838-4389-8549-7C8E22DD48F4} Windows Media Format 11 runtime-->"C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Arquivos de programas\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" ======System event log====== Computer Name: RENAN Event Code: 7036 Message: O serviço Serviço de descoberta SSDP entrou no estado executando. Record Number: 9641 Source Name: Service Control Manager Time Written: 20100617214342.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 7035 Message: O serviço Adaptador de desempenho WMI recebeu com êxito um controle Iniciar. Record Number: 9640 Source Name: Service Control Manager Time Written: 20100617214342.000000-180 Event Type: Informações User: AUTORIDADE NT\SYSTEM Computer Name: RENAN Event Code: 7036 Message: O serviço Adaptador de desempenho WMI entrou no estado executando. Record Number: 9639 Source Name: Service Control Manager Time Written: 20100617214342.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 7036 Message: O serviço Reconhecimento de local da rede (NLA) entrou no estado executando. Record Number: 9638 Source Name: Service Control Manager Time Written: 20100617214342.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 7035 Message: O serviço Reconhecimento de local da rede (NLA) recebeu com êxito um controle Iniciar. Record Number: 9637 Source Name: Service Control Manager Time Written: 20100617214342.000000-180 Event Type: Informações User: AUTORIDADE NT\SYSTEM =====Application event log===== Computer Name: RENAN Event Code: 1005 Message: O usuário recusou o Eula. Record Number: 2673 Source Name: WgaSetup Time Written: 20100425210320.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 0 Message: Record Number: 2672 Source Name: gupdate1caa77bb41fd422 Time Written: 20100425210319.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 1004 Message: O usuário aceitou o Eula. Record Number: 2671 Source Name: WgaSetup Time Written: 20100425210317.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 1002 Message: Starting interactive setup. Record Number: 2670 Source Name: WgaSetup Time Written: 20100425210317.000000-180 Event Type: Informações User: Computer Name: RENAN Event Code: 1006 Message: O Eula foi aceito anteriormente. Record Number: 2669 Source Name: WgaSetup Time Written: 20100425210317.000000-180 Event Type: Informações User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=6b01 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Cara não é problema na fonte e nem na temperatura pois eu coloquei coolers faiz uns 3 meses E ai amigo o que eu faço agora? Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 27, 2010 Você só colou um log amigo..cadê o outro? C:\rsit\log.txt Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 28, 2010 Foi mal, naum tinha visto Logfile of random's system information tool 1.07 (written by random/random) Run by Renangv at 2010-06-27 14:11:19 Microsoft Windows XP Professional Service Pack 3 System drive C: has 169 GB (71%) free of 238 GB Total RAM: 2559 MB (80% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:11:26, on 27/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\uTorrent\uTorrent.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Renangv\Desktop\RSIT.exe C:\Arquivos de programas\trend micro\Renangv.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Arquivos de programas\kikin\ie_kikin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sh1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CloneCDTray] "C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [javahr] c:\path\javahr.exe O4 - HKLM\..\Run: [javahr2] c:\path\javahr2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB002" /M "Stylus C87" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Arquivos de programas\kikin\ie_kikin.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Arquivos de programas\kikin\ie_kikin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Update Service (gupdate1caa77bb41fd422) (gupdate1caa77bb41fd422) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8828 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-2077806209-1177238915-1003.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-2077806209-1177238915-1003.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-14 50376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}] 4shared.com Toolbar - C:\Arquivos de programas\4shared.com\tb4sh1.dll [2010-03-20 2349080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-28 341600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2010-03-26 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}] kikin Plugin - C:\Arquivos de programas\kikin\ie_kikin.dll [2010-02-04 750256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-26 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - 4shared.com Toolbar - C:\Arquivos de programas\4shared.com\tb4sh1.dll [2010-03-20 2349080] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432] "nwiz"=nwiz.exe /install [] "CloneCDTray"=C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344] "SunJavaUpdateSched"=C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [2010-02-18 248040] "javahr"=c:\path\javahr.exe [] "javahr2"=c:\path\javahr2.exe [] ""= [] "TkBellExe"=C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe [2010-03-28 202256] "Ink Monitor"=C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe [2004-05-05 262210] "EPSON Stylus C87 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE [2005-01-27 98304] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] ""= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "uTorrent"=C:\Arquivos de programas\uTorrent\uTorrent.exe [2010-03-20 319792] "msnmsgr"=C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] "Pando Media Booster"=C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe [2010-03-20 2937528] "MSMSGS"=C:\Arquivos de programas\Messenger\msmsgs.exe [2008-04-13 1695232] "DAEMON Tools Lite"=C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server" "C:\Arquivos de programas\uTorrent\uTorrent.exe"="C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Arquivos de programas\BearShare Applications\BearShare\BearShare.exe"="C:\Arquivos de programas\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" "C:\Documents and Settings\Renangv\Meus documentos\Downloads\MWOdownloaderbuild0910.exe"="C:\Documents and Settings\Renangv\Meus documentos\Downloads\MWOdownloaderbuild0910.exe:*:Enabled:MWOdownloaderbuild0910.exe" "C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe"="C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" "C:\Arquivos de programas\Sports Interactive\Football Manager 2010\fm.exe"="C:\Arquivos de programas\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010" "C:\Arquivos de programas\TVUPlayer\TVUPlayer.exe"="C:\Arquivos de programas\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component" "C:\Arquivos de programas\StarCraft II Beta\Support\BlizzardDownloader.exe"="C:\Arquivos de programas\StarCraft II Beta\Support\BlizzardDownloader.exe:*:Enabled:Blizzard Downloader" "C:\Arquivos de programas\StarCraft II Beta\StarCraft II.exe"="C:\Arquivos de programas\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher" "C:\Arquivos de programas\StarCraft II Beta\Starcraft II - Beta Launcher.exe"="C:\Arquivos de programas\StarCraft II Beta\Starcraft II - Beta Launcher.exe:*:Enabled:Starcraft II - Beta Launcher" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f391fa81-129d-11df-b606-806d6172696f}] shell\AutoRun\command - D:\Bin\assetup.exe ======List of files/folders created in the last 1 months====== 2010-06-27 14:11:19 ----D---- C:\rsit 2010-06-27 14:11:19 ----D---- C:\Arquivos de programas\trend micro 2010-06-26 23:48:22 ----D---- C:\Documents and Settings\Renangv\Dados de aplicativos\Malwarebytes 2010-06-26 23:48:15 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes 2010-06-26 23:48:15 ----D---- C:\Arquivos de programas\Malwarebytes' Anti-Malware 2010-06-26 20:40:21 ----D---- C:\HiJackThis 2010-06-26 20:40:07 ----A---- C:\HiJackThis.exe 2010-06-26 00:26:22 ----D---- C:\Arquivos de programas\Gravity 2010-06-25 22:52:08 ----D---- C:\Arquivos de programas\Plants vs Zombies 2010-06-17 21:41:23 ----D---- C:\WINDOWS\USB Vibration 2010-06-17 21:31:35 ----A---- C:\WINDOWS\system32\ntpadcpl.dll 2010-06-17 21:31:35 ----A---- C:\WINDOWS\system32\ntpad.dll 2010-06-17 21:15:19 ----D---- C:\Documents and Settings\Renangv\Dados de aplicativos\fltk.org 2010-06-16 20:35:50 ----D---- C:\Documents and Settings\Renangv\Dados de aplicativos\Uniblue 2010-06-16 20:26:19 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-06-16 20:26:19 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-06-16 20:26:19 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-06-16 20:26:19 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-06-16 20:26:19 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-06-16 20:26:18 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-06-16 20:26:18 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-06-16 20:25:06 ----D---- C:\Arquivos de programas\Team17 2010-06-10 14:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-06-10 14:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-06-10 14:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-06-10 14:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-06-10 14:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-06-10 14:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-06-10 14:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$ 2010-05-30 14:50:15 ----D---- C:\gPotato ======List of files/folders modified in the last 1 months====== 2010-06-27 14:11:19 ----RD---- C:\Arquivos de programas 2010-06-27 14:04:28 ----D---- C:\WINDOWS\Temp 2010-06-27 14:04:26 ----SD---- C:\WINDOWS\Tasks 2010-06-27 14:04:26 ----D---- C:\Documents and Settings\Renangv\Dados de aplicativos\uTorrent 2010-06-27 13:52:22 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-27 00:18:22 ----D---- C:\WINDOWS 2010-06-27 00:18:21 ----D---- C:\WINDOWS\Minidump 2010-06-26 23:48:16 ----D---- C:\WINDOWS\system32\drivers 2010-06-26 23:43:36 ----SHD---- C:\WINDOWS\Installer 2010-06-26 23:42:48 ----D---- C:\WINDOWS\Prefetch 2010-06-26 12:29:51 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-26 12:17:01 ----D---- C:\Arquivos de programas\Arquivos comuns 2010-06-26 03:02:21 ----D---- C:\WINDOWS\system32 2010-06-26 00:26:22 ----HD---- C:\Arquivos de programas\InstallShield Installation Information 2010-06-22 19:57:33 ----D---- C:\Arquivos de programas\Mozilla Firefox 2010-06-22 16:40:17 ----HD---- C:\WINDOWS\inf 2010-06-20 20:31:12 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help 2010-06-20 20:31:09 ----RSD---- C:\WINDOWS\Fonts 2010-06-19 22:54:13 ----D---- C:\Documents and Settings\Renangv\Dados de aplicativos\AdobeUM 2010-06-17 21:41:32 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-06-17 21:34:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\wbem 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\usmt 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\Setup 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\Restore 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\oobe 2010-06-16 20:50:12 ----D---- C:\WINDOWS\system32\1046 2010-06-16 20:50:12 ----D---- C:\WINDOWS\srchasst 2010-06-16 20:50:12 ----D---- C:\WINDOWS\Network Diagnostic 2010-06-16 20:50:12 ----D---- C:\WINDOWS\msagent 2010-06-16 20:50:12 ----D---- C:\WINDOWS\ime 2010-06-16 20:50:12 ----D---- C:\Arquivos de programas\Windows NT 2010-06-16 20:50:12 ----D---- C:\Arquivos de programas\Arquivos comuns\System 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\Windows Media Player 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\Outlook Express 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\NetMeeting 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\Movie Maker 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\Messenger 2010-06-16 20:50:11 ----D---- C:\Arquivos de programas\Internet Explorer 2010-06-16 20:48:26 ----D---- C:\WINDOWS\Media 2010-06-16 20:48:26 ----D---- C:\WINDOWS\Cursors 2010-06-16 20:26:20 ----D---- C:\WINDOWS\system32\DirectX 2010-06-14 18:49:07 ----D---- C:\Arquivos de programas\StarCraft II Beta 2010-06-10 14:45:25 ----A---- C:\WINDOWS\imsins.BAK 2010-06-10 14:45:23 ----HD---- C:\WINDOWS\$hf_mig$ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520] R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2010-02-07 11296] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-17 26024] R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys [] R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Protocolo de transporte compatível; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320] R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232] R2 NwlnkSpx;Protocolo NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936] R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-15 34760] R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-09 4449280] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-05-20 46080] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-05-20 19968] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584] R3 padenum;Enumerador de dispositivos de NTPAD; C:\WINDOWS\system32\DRIVERS\padenum.sys [2002-03-07 10624] R3 SR9USB;SR9600 USB To Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\sr9usb.sys [2009-03-15 14720] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 VendorJoystickEnabler;Driver para joystick paralelo de consola; C:\WINDOWS\system32\drivers\ntpad.sys [2005-03-26 42880] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys [] S3 afrxpqs3;afrxpqs3; C:\WINDOWS\system32\drivers\afrxpqs3.sys [] S3 dump_wmimmc;dump_wmimmc; \??\C:\Arquivos de programas\Gravity\Ragnarok Online\GameGuard\dump_wmimmc.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 HidUsb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] S3 Mkd2kfNt;Mkd2kfNt; C:\WINDOWS\system32\drivers\Mkd2kfNt.sys [2008-10-17 131072] S3 Mkd2Nadr;Mkd2Nadr; C:\WINDOWS\system32\drivers\Mkd2Nadr.sys [2008-10-17 79104] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-05 12288] S3 nm;Driver de monitor de rede; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] S3 PciCon;PciCon; \??\D:\PciCon.sys [] S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ForcewareWebInterface;Forceware Web Interface; C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2007-05-15 20543] R2 JavaQuickStarterService;Java Quick Starter; C:\Arquivos de programas\Java\jre6\bin\jqs.exe [2010-03-26 153376] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-11-06 307200] R2 nSvcIp;ForceWare IP service; C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2007-05-21 135233] R2 nSvcLog;ForceWare user log service; C:\Arquivos de programas\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2007-05-21 65605] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716] R2 NWCWorkstation;Serviço de cliente para NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gupdate1caa77bb41fd422;Google Update Service (gupdate1caa77bb41fd422); C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2010-02-06 133104] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-02-22 3539180] S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Serviço de Compartilhamento de Rede do Windows Media Player; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [2006-11-02 914944] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 28, 2010 1. *Delete o RSIT e a pasta C:\rsit 2. *Desative temporariamente seu antivírus *Baixe o ComboFix e salve-o no desktop *Execute o Combofix e aceite o contrato *Se o console de recuperação do Windows já estiver instalado, o ComboFix continuará o processo automaticamente. Caso contrário, clique em [sIM] para a sua instalação. *Clique em [sIM] para continuar. *Aguarde a conclusão de todas as etapas *Enquanto o ComboFix estiver em execução, evite usar o mouse e o teclado!!..... Para interromper o procedimento tecle N ou 2 e depois ENTER. *O programa será fechado automaticamente e um relatório (C:\combofix.txt) será apresentado. Cole-o na próxima resposta. Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 28, 2010 ComboFix 10-06-27.06 - Renangv 28/06/2010 13:45:34.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2559.2076 [GMT -3:00] Executando de: c:\documents and settings\Renangv\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\path\javahr.exe c:\windows\system32\vbzlib1.dll . (((((((((((((((( Arquivos/Ficheiros criados de 2010-05-28 to 2010-06-28 )))))))))))))))))))))))))))) . 2010-06-27 17:42 . 2010-06-28 01:23 -------- d-----w- c:\arquivos de programas\Plants vs Zombies 2010-06-27 17:11 . 2010-06-27 17:11 -------- d-----w- c:\arquivos de programas\trend micro 2010-06-27 02:48 . 2010-06-27 02:48 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\Malwarebytes 2010-06-27 02:48 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-27 02:48 . 2010-06-27 02:48 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2010-06-27 02:48 . 2010-06-27 02:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes 2010-06-27 02:48 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-26 23:40 . 2010-06-26 23:40 -------- d-----w- C:\HiJackThis 2010-06-26 23:40 . 2010-06-26 23:39 401720 ----a-w- C:\HiJackThis.exe 2010-06-26 06:02 . 2005-01-04 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2010-06-26 03:26 . 2010-06-26 03:26 -------- d-----w- c:\arquivos de programas\Gravity 2010-06-26 02:51 . 2010-06-28 01:23 25 ----a-w- c:\windows\popcinfot.dat 2010-06-22 23:57 . 2010-03-25 14:27 1107264 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll 2010-06-18 00:47 . 2006-07-09 13:47 10240 ----a-w- c:\windows\system32\drivers\GF0012.SYS 2010-06-18 00:41 . 2008-04-13 21:58 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-06-18 00:41 . 2008-04-13 21:58 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-06-18 00:41 . 2010-06-18 00:41 -------- d-----w- c:\windows\USB Vibration 2010-06-18 00:31 . 2005-03-26 20:13 42880 ----a-w- c:\windows\system32\drivers\NTPAD.sys 2010-06-18 00:31 . 2005-03-01 04:42 123392 ----a-w- c:\windows\system32\ntpadcpl.dll 2010-06-18 00:31 . 2005-03-01 04:25 57344 ----a-w- c:\windows\system32\ntpad.dll 2010-06-18 00:31 . 2002-03-07 06:33 10624 ----a-w- c:\windows\system32\drivers\padenum.sys 2010-06-18 00:15 . 2010-06-18 00:15 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\fltk.org 2010-06-16 23:35 . 2010-06-16 23:35 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\Uniblue 2010-06-16 23:26 . 2009-09-04 20:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-06-16 23:26 . 2009-09-04 20:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2010-06-16 23:26 . 2009-09-04 20:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2010-06-16 23:26 . 2009-09-04 20:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2010-06-16 23:26 . 2009-09-04 20:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2010-06-16 23:26 . 2009-09-04 20:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-06-16 23:26 . 2009-09-04 20:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-06-16 23:25 . 2010-06-16 23:25 -------- d-----w- c:\arquivos de programas\Team17 2010-06-01 22:14 . 2010-06-01 22:14 45828 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll 2010-05-30 17:50 . 2010-05-30 17:50 -------- d-----w- C:\gPotato . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-28 16:41 . 2010-02-07 22:25 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\uTorrent 2010-06-26 03:26 . 2010-02-06 00:56 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-06-20 23:31 . 2010-03-22 20:32 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-06-20 01:54 . 2010-02-25 17:37 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\AdobeUM 2010-06-18 00:34 . 2008-04-14 12:00 48628 ----a-w- c:\windows\system32\perfc016.dat 2010-06-18 00:34 . 2008-04-14 12:00 344380 ----a-w- c:\windows\system32\perfh016.dat 2010-06-14 21:49 . 2010-05-22 20:13 -------- d-----w- c:\arquivos de programas\StarCraft II Beta 2010-05-24 17:50 . 2010-05-24 17:50 503808 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-345728f8-n\msvcp71.dll 2010-05-24 17:50 . 2010-05-24 17:50 499712 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-345728f8-n\jmc.dll 2010-05-24 17:50 . 2010-05-24 17:50 348160 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-345728f8-n\msvcr71.dll 2010-05-24 17:50 . 2010-05-24 17:50 61440 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-72986059-n\decora-sse.dll 2010-05-24 17:50 . 2010-05-24 17:50 12800 ----a-w- c:\documents and settings\Renangv\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-72986059-n\decora-d3d.dll 2010-05-22 20:17 . 2010-05-22 20:13 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Blizzard Entertainment 2010-05-22 20:17 . 2010-02-26 17:49 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Blizzard Entertainment 2010-05-07 13:40 . 2010-05-07 02:58 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\kikin 2010-05-07 02:58 . 2010-05-07 02:58 -------- d-----w- c:\arquivos de programas\kikin 2010-05-07 02:58 . 2010-05-07 02:58 -------- d-----w- c:\arquivos de programas\DVDStyler 2010-05-05 17:33 . 2010-05-05 17:33 -------- d-----w- c:\documents and settings\Renangv\Dados de aplicativos\EPSON 2010-05-05 17:27 . 2010-05-05 17:27 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\UDL 2010-05-05 17:27 . 2010-02-06 00:56 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield 2010-05-05 17:26 . 2010-05-05 17:19 -------- d-----w- c:\arquivos de programas\EPSON 2010-05-05 15:31 . 2010-05-05 15:07 -------- d-----w- c:\arquivos de programas\The KMPlayer 2010-05-02 22:44 . 2010-05-02 00:18 -------- d-----w- c:\arquivos de programas\DAEMON Tools Lite 2010-05-02 08:08 . 2008-04-14 12:00 1851392 ----a-w- c:\windows\system32\win32k.sys 2010-05-02 00:19 . 2010-03-24 03:21 -------- d-----w- c:\arquivos de programas\DAEMON Tools Toolbar 2010-04-20 05:31 . 2008-04-14 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll 2010-04-16 16:07 . 2008-04-14 12:00 669184 ----a-w- c:\windows\system32\wininet.dll 2010-04-16 16:07 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2010-04-02 19:54 . 2010-02-06 00:55 600680 ----a-w- c:\windows\system32\NVUNINST.EXE . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\arquivos de programas\4shared.com\tb4sh1.dll" [2010-03-20 2349080] [HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}] 2010-03-20 23:16 2349080 ----a-w- c:\arquivos de programas\4shared.com\tb4sh1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}] 2010-02-04 22:59 750256 ----a-w- c:\arquivos de programas\kikin\ie_kikin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\arquivos de programas\4shared.com\tb4sh1.dll" [2010-03-20 2349080] [HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}"= "c:\arquivos de programas\4shared.com\tb4sh1.dll" [2010-03-20 2349080] [HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\arquivos de programas\uTorrent\uTorrent.exe" [2010-03-20 319792] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "Pando Media Booster"="c:\arquivos de programas\Pando Networks\Media Booster\PMB.exe" [2010-03-20 2937528] "DAEMON Tools Lite"="c:\arquivos de programas\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "nwiz"="nwiz.exe" [2007-06-28 1626112] "CloneCDTray"="c:\arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2010-03-28 202256] "Ink Monitor"="c:\arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe" [2004-05-05 262210] "EPSON Stylus C87 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIABL.EXE" [2005-01-27 98304] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\Renangv\\Meus documentos\\Downloads\\MWOdownloaderbuild0910.exe"= "c:\\Arquivos de programas\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Arquivos de programas\\Sports Interactive\\Football Manager 2010\\fm.exe"= "c:\\Arquivos de programas\\TVUPlayer\\TVUPlayer.exe"= "c:\\Arquivos de programas\\StarCraft II Beta\\Support\\BlizzardDownloader.exe"= "c:\\Arquivos de programas\\StarCraft II Beta\\StarCraft II.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57359:TCP"= 57359:TCP:Pando Media Booster "57359:UDP"= 57359:UDP:Pando Media Booster "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R3 padenum;Enumerador de dispositivos de NTPAD;c:\windows\system32\drivers\padenum.sys [17/6/2010 21:31 10624] R3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\sr9usb.sys [6/2/2010 00:00 14720] R3 VendorJoystickEnabler;Driver para joystick paralelo de consola;c:\windows\system32\drivers\NTPAD.sys [17/6/2010 21:31 42880] S2 gupdate1caa77bb41fd422;Google Update Service (gupdate1caa77bb41fd422);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [6/2/2010 19:28 133104] S3 dump_wmimmc;dump_wmimmc;\??\c:\arquivos de programas\Gravity\Ragnarok Online\GameGuard\dump_wmimmc.sys --> c:\arquivos de programas\Gravity\Ragnarok Online\GameGuard\dump_wmimmc.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [26/6/2010 23:48 38224] S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [21/3/2010 02:24 131072] S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [21/3/2010 02:24 79104] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2/11/2007 10:47 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2/11/2007 10:47 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2/11/2007 10:47 109992] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/3/2010 00:21 691696] . Conteúdo da pasta 'Tarefas Agendadas' 2010-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-02-06 22:28] 2010-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-02-06 22:28] 2010-06-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-299502267-2077806209-1177238915-1003.job - c:\arquivos de programas\Real\RealUpgrade\realupgrade.exe [2010-02-25 01:09] 2010-06-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-2077806209-1177238915-1003.job - c:\arquivos de programas\Real\RealUpgrade\realupgrade.exe [2010-02-25 01:09] 2010-06-28 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2010-02-20 01:18] . . ------- Scan Suplementar ------- . IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\arquivos de programas\kikin\ie_kikin.dll FF - ProfilePath - c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|http://search.bearshare.com/ FF - component: c:\documents and settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_0.dll FF - component: c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_6.dll FF - component: c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\arquivos de programas\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\documents and settings\All Users\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\Firefox\Profiles\6jxvzrvu.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\documents and settings\Renangv\Dados de aplicativos\Mozilla\plugins\np-mswmp.dll ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORFÃOS REMOVIDOS - - - - HKLM-Run-javahr - c:\path\javahr.exe HKLM-Run-javahr2 - c:\path\javahr2.exe AddRemove-eBay Icon - c:\documents and settings\Renangv\Dados de aplicativos\Desktopicon\uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-28 13:49 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . Tempo para conclusão: 2010-06-28 13:50:17 ComboFix-quarantined-files.txt 2010-06-28 16:50 Pré-execução: 16 pasta(s) 177.589.989.376 bytes disponíveis Pós execução: 18 pasta(s) 178.173.722.624 bytes disponíveis WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="C:" XP multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - C1FE4E770A4CFE55DE9AE83B1651768E Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 28, 2010 OK....o log está limpo. 1. *Clique em [iniciar] > [Executar] > digite: Combofix /uninstall *Clique [OK] *Clique em [Executar] *Aguarde até surgir a mensagem: "ComboFix está desinstalado" *Clique [OK] 2. Remova da inicialização do PC a opção do Microsoft Windows Recovery Console (Console de Recuperação) *Clique em [iniciar] > [Executar] > digite: msconfig *Clique OK *Clique na aba "BOOT.INI" *Selecione a linha C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons *Clique em [Verificar caminhos de inicialização] *Clique em [sIM] > [OK] *Reinicie o PC *Ao iniciar o Windows, o utilitário de configuração informará que foi alterado. *Clique em "Não mostrar esta mensagem ou iniciar o utilitário de configuração do sistema ao iniciar o Windows" Compartilhar este post Link para o post Compartilhar em outros sites
renangv 0 Denunciar post Postado Junho 29, 2010 Ok cara. Mais não resolveu meu problema Em todo caso vlw Abraço. Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Junho 29, 2010 *Baixe o Kaspersky Virus Removal Tool e salve-o no desktop *Instale o programa *A tela principal do programa será aberta automaticamente *Selecione a opção: [] Meu Computador *Clique em [start scan]....aguarde. Pode demorar. *Caso encontre algo, clique em [skip] *Ao término do scan, clique em [Report] *Uma janela chamada "Detailed report" será aberta *Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados *Clique com o botão direito do mouse e selecione "Select all" *Clique novamente com o botão direito do mouse e selecione "Copy" *Abra o bloco de notas e cole (Ctrl+v) e salve o arquivo no desktop como log.txt *Feche a janela "Detailed report" do Kasperky *Na tela principal do Kaspersky clique em [Exit] > [No] *Cole o relatório salvo no desktop na sua próxima resposta Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Julho 30, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
