Logo Hardware.com.br
renner_santos
renner_santo... Novo Membro Registrado
7 Mensagens 0 Curtidas

Análise de LOG do Hijack This

#1 Por renner_santo... 14/07/2010 - 18:07
Boa noite pessoal,

Alguem poderia analisar esse log do Hijack This para mim, por favor?!

Tem 2 arquivos que estão sendo rodados que eu estou desconfiado que seja vírus ou algum tipo de spyware, são eles: atieclxx.exe e csrss.exe


Por favor, me ajudem!

Obrigado!
Renner


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:30, on 2010/07/14
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conex? do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O4 - HKLM\..\Run: [Razer Orochi Driver] C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Renner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Atualizador de licenças ESET.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/ja/uno1/GAME_UNO1.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASP.NET ?????? (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNService3 - Unknown owner - C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: CyberLink Media Server Monitor Service - Unknown owner - C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSMonitorService.exe
O23 - Service: CyberLink Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSServer.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files (x86)\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13529 bytes
igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#2 Por igoreso
15/07/2010 - 20:16
-- ETAPA 1 --
Faça o download do Malwarebytes' Anti-Malware
http://www.besttechie.net/tools/mbam-setup.exe
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
Faça a instalação dando um duplo clique em "mbam-setup.exe";
Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
Marque "Verificação Completa" e depois clique em Verificar;
Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
Se algo for detectado, veja se tudo está marcado e clique em "Remover";
O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
Copie e cole todo o relatório em sua próxima resposta.

-- ETAPA 2 --
● Faça o download aqui:

http://images.malwareremoval.com/random/RSIT.exe

Salve-o no desktop.

● Dê um duplo clique para iniciar RSIT.exe.

● Leia o conteúdo da tela e clique no aviso Continue (se você aceitar as condições).

● Se a ferramenta HijackThis (versão atual) não está presente ou não foi detectado no seu computador, baixe o RSIT (autorizado o acesso ao seu firewall, se solicitado) e você deve aceitar a licença.

● Quando o scan estiver completo, dois arquivos de texto será aberta.

● Copie o conteúdo log.txt e extras.txt
observe.pngNão respondo duvidas por MP, e-mail e msn! Use o fórum!

renner_santos
renner_santo... Novo Membro Registrado
7 Mensagens 0 Curtidas
#3 Por renner_santo...
16/07/2010 - 10:21
Obrigado por me ajudarem!


-- ETAPA 1 --

Malwarebytes' Anti-Malware

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010/07/16 9:32:10
mbam-log-2010-07-16 (09-32-10).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Objetos escaneados: 327384
Tempo decorrido: 1 hora(s), 12 minuto(s), 59 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 0

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)

Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
(Não foram detectados ítens maliciosos)


-- ETAPA 2 --
arkRed">LOG.TXT

arkRed">Logfile of random's system information tool 1.08 (written by random/random)
Run by Renner at 2010-07-16 09:49:23
Microsoft Windows 7 Ultimate
System drive C: has 12 GB (12%) free of 100 GB
Total RAM: 4085 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:49:31, on 2010/07/16
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Renner\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Renner\Desktop\RSIT.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\trend micro\Renner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conex? do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O4 - HKLM\..\Run: [Razer Orochi Driver] C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Renner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Atualizador de licenças ESET.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/ja/uno1/GAME_UNO1.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASP.NET ?????? (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNService3 - Unknown owner - C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: CyberLink Media Server Monitor Service - Unknown owner - C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSMonitorService.exe
O23 - Service: CyberLink Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSServer.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files (x86)\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13487 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-597601681-1067647140-971500848-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-597601681-1067647140-971500848-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Auxiliar de Conexão do Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2F122DA-055F-4df7-8F24-7354DBDBA85B}]
FAIESSOHelper Class - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2010-04-04 222536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Razer Orochi Driver"=C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe [2009-10-22 2548056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2009-05-04 241789]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"FAStartup"= []
"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-06-24 140520]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"FATrayAlert"=C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [2010-04-04 95560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-13 1475072]
"Google Update"=C:\Users\Renner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 136176]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Atualizador de licenças ESET.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Renner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\FastAccess]
C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2010-04-04 144712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
FAPassSync

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-07-16 09:49:23 ----D---- C:\rsit
2010-07-15 22:46:57 ----D---- C:\Users\Renner\AppData\Roaming\Malwarebytes
2010-07-15 22:46:49 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
2010-07-15 22:46:47 ----D---- C:\ProgramData\Malwarebytes
2010-07-15 22:46:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-07-14 18:00:53 ----D---- C:\Program Files (x86)\Trend Micro
2010-07-12 12:46:40 ----D---- C:\AMD
2010-07-10 18:44:00 ----D---- C:\Program Files (x86)\AP Tuner
2010-07-10 10:59:25 ----D---- C:\Program Files (x86)\Cursos Render
2010-07-10 10:47:04 ----D---- C:\ProgramData\FLEXnet
2010-07-10 10:38:19 ----D---- C:\Users\Renner\AppData\Roaming\Autodesk
2010-07-10 10:38:19 ----D---- C:\ProgramData\Autodesk
2010-07-10 10:36:42 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared
2010-07-10 10:36:42 ----D---- C:\Program Files (x86)\Autodesk
2010-07-06 13:40:05 ----D---- C:\ProgramData\vsosdk
2010-07-06 12:48:06 ----A---- C:\Users\Renner\AppData\Roaming\pcouffin.sys
2010-07-06 12:48:06 ----A---- C:\Users\Renner\AppData\Roaming\inst.exe
2010-07-06 12:48:05 ----D---- C:\Users\Renner\AppData\Roaming\Vso
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\wvc1dmod.dll
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\sipr3260.dll
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\drv43260.dll
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\drv33260.dll
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\drv23260.dll
2010-07-06 12:47:42 ----A---- C:\Windows\SysWOW64\cook3260.dll
2010-07-06 12:47:39 ----D---- C:\Program Files (x86)\VSO
2010-06-30 07:56:09 ----D---- C:\Program Files (x86)\DESAFIO SEBRAE 2010
2010-06-24 23:00:55 ----D---- C:\ProgramData\NOS
2010-06-23 14:17:08 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-06-23 14:17:08 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-06-23 14:17:08 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-06-23 14:17:08 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-06-23 14:17:08 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-06-23 12:17:24 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-06-23 12:17:15 ----A---- C:\Windows\SysWOW64\ntdll.dll
2010-06-18 21:53:40 ----D---- C:\Program Files (x86)\Application Updater
2010-06-18 21:52:37 ----D---- C:\Program Files (x86)\PDFCreator
2010-06-18 21:52:37 ----A---- C:\Windows\SysWOW64\MSMPIDE.DLL

======List of files/folders modified in the last 1 months======

2010-07-16 09:49:31 ----D---- C:\Windows\Prefetch
2010-07-16 09:49:29 ----D---- C:\Windows\Temp
2010-07-16 08:15:05 ----SHD---- C:\Windows\Installer
2010-07-16 07:28:28 ----D---- C:\Windows\System32
2010-07-16 07:28:27 ----D---- C:\Windows\inf
2010-07-16 07:25:09 ----SHD---- C:\System Volume Information
2010-07-15 22:46:49 ----D---- C:\Windows\SysWOW64\drivers
2010-07-15 22:46:47 ----RD---- C:\Program Files (x86)
2010-07-15 22:46:47 ----HD---- C:\ProgramData
2010-07-15 16:00:42 ----D---- C:\Windows
2010-07-15 15:26:50 ----D---- C:\Users\Renner\AppData\Roaming\Media Player Classic
2010-07-15 14:57:11 ----D---- C:\Program Files (x86)\JDownloader
2010-07-15 11:47:10 ----D---- C:\Users\Renner\AppData\Roaming\Azureus
2010-07-15 11:46:51 ----D---- C:\Windows\debug
2010-07-15 11:16:21 ----D---- C:\Users\Renner\AppData\Roaming\MiniLyrics
2010-07-14 14:35:48 ----D---- C:\Program Files (x86)\Wakan
2010-07-14 09:31:20 ----D---- C:\Windows\winsxs
2010-07-14 09:07:00 ----D---- C:\ProgramData\Microsoft Help
2010-07-13 16:04:07 ----D---- C:\Program Files (x86)\Google
2010-07-13 16:03:14 ----D---- C:\Windows\Tasks
2010-07-13 09:57:37 ----D---- C:\Lyrics
2010-07-12 23:56:36 ----D---- C:\Program Files (x86)\Steam
2010-07-12 23:56:01 ----D---- C:\Program Files (x86)\CCleaner
2010-07-12 23:53:28 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-07-12 12:47:07 ----D---- C:\Windows\SysWOW64
2010-07-12 12:47:06 ----D---- C:\Program Files (x86)\ATI Technologies
2010-07-10 10:42:30 ----RSD---- C:\Windows\assembly
2010-07-10 10:42:30 ----D---- C:\Windows\Microsoft.NET
2010-07-10 10:42:03 ----D---- C:\Windows\Downloaded Program Files
2010-07-10 10:41:32 ----D---- C:\Windows\Help
2010-07-10 10:39:50 ----RSD---- C:\Windows\Fonts
2010-07-10 10:38:19 ----RD---- C:\Program Files
2010-07-10 10:36:42 ----D---- C:\Program Files (x86)\Common Files
2010-07-06 23:22:13 ----D---- C:\Users\Renner\AppData\Roaming\Skype
2010-07-06 16:00:04 ----D---- C:\Users\Renner\AppData\Roaming\skypePM
2010-06-29 18:51:28 ----D---- C:\Program Files (x86)\Minilyrics
2010-06-28 14:33:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-06-23 22:35:34 ----D---- C:\Users\Renner\AppData\Roaming\Creative_FX
2010-06-23 14:21:21 ----D---- C:\Windows\AppPatch
2010-06-23 14:20:08 ----D---- C:\Windows\SysWOW64\ja-JP
2010-06-23 14:18:26 ----D---- C:\Windows\SysWOW64\en-US
2010-06-23 14:18:25 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-06-23 14:17:02 ----D---- C:\Windows\ehome
2010-06-17 12:21:55 ----D---- C:\Program Files (x86)\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys []
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2010/04/21 23:45:47]; \??\C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2009-05-11 146928]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R2 ntk3;ntk3; \??\C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\ntk3_64.sys [2009-06-22 82416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
R3 BCM43XX;Dell ????? WLAN ??? ????; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Bluetooth ???? (????? ??? ??????); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwaudio;Bluetooth ????? ????; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys []
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys []
R3 FACAP;facap, FastAccess Video Capture; C:\Windows\system32\DRIVERS\facap.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
R3 RFCOMM;Bluetooth ???? (RFCOMM ????? TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vpcbus;Virtual PC ??? ?? ????; C:\Windows\system32\DRIVERS\vpchbus.sys []
R3 vpcusb;USB ??????? ????; C:\Windows\system32\DRIVERS\vpcusb.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 CLHNService3;CLHNService3; C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\CLHNService.exe [2009-06-22 87336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 CyberLink Media Server Monitor Service;CyberLink Media Server Monitor Service; C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSMonitorService.exe [2009-06-22 50472]
R2 CyberLink Media Server Service;CyberLink Media Server Service; C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSServer.exe [2009-06-22 292224]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-09-11 735960]
R2 FAService;FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-04-04 2409800]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-28 66872]
R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files (x86)\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [2010-01-21 244736]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
R3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 136176]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]
S3 aspnet_state;ASP.NET ??????; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-04-21 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-04-21 79360]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 23296]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-10 1030600]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-04-21 79360]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-06-18 395048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------


arkRed">INFO.TXT

======Uninstall list======

-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0416
-->"C:\Program Files (x86)\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1BF3E3EE-407D-430E-A22F-8C67AEFC0851}\setup.exe"
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x416 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x416
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x416 /remove
Activision(R)-->MsiExec.exe /X{589A63D3-89E1-4D9B-8DBC-6039BB27289E}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x416 /remove
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
AP Tuner 3.08-->"C:\Program Files (x86)\AP Tuner\AP Tuner 3.08\uninstall.exe"
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Profiles-->MsiExec.exe /X{B702F355-FE10-D065-C6DD-3706595EB1CD}
Assistente de Conexão do Windows Live-->MsiExec.exe /I{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
Atualização do produto Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {717C9095-8AAE-41CB-B046-BD6E8399F4F3}
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {5016CB22-B9A7-44FB-AA72-AF28B27B15EA}
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}
Atualização do produto Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {7297E3A9-FCD4-4E0E-A306-7A90359E50E3}
Autodesk Design Review 2010-->C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR
Blur(TM)-->"C:\Program Files (x86)\InstallShield Installation Information\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Catalyst Control Center - Branding-->MsiExec.exe /I{54EE63E3-9960-41B6-9644-BB0167C6DD42}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
ConvertXtoDVD 4.0.12.327-->"C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe"
Corel Graphics - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellUninst.exe -ProductCode {51DD370C-6690-424E-9674-5F14468B323F} -arp
Corel Graphics - Windows Shell Extension-->MsiExec.exe /X{51DD370C-6690-424E-9674-5F14468B323F}
CorelDRAW Graphics Suite X5 - IPM-->MsiExec.exe /I{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}
CorelDRAW Graphics Suite X5 - WT-->MsiExec.exe /I{9244E956-5939-4B88-930C-0699D4AB2B95}
CorelDRAW(R) Graphics Suite X5-->c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Setup\SetupARP.exe /arp
Counter-Strike: Condition Zero-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/80
Counter-Strike-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10
Cursos Render-->"C:\Program Files (x86)\Cursos Render\unins000.exe"
Dell Dock-->"C:\ProgramData\{D1A086AC-7428-443A-B1E0-480C8C283CF4}\delldock.exe" REMOVE=TRUE MODIFY=FALSE
Dell Webcam Central-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x416 /remove
Desafio Sebrae 2010-->MsiExec.exe /I{2D390AC0-2AC5-4DDB-89A9-7D069C0C2A75}
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
eMule-->"C:\Program Files (x86)\eMule\Uninstall.exe"
ESET Antivirus License Finder (MiNODLogin)-->"C:\Program Files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe"
Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Google Earth Plug-in-->MsiExec.exe /X{75AE638F-750A-11DF-96D5-005056806466}
Google Talk Plugin-->MsiExec.exe /I{BFB7485D-A200-33CA-A2E1-E1600CA76484}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9
HydraVision-->MsiExec.exe /X{7D04ACCF-9325-2829-116F-49C507C5CAEE}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio-->C:\ARQUIV~1\IRPF2010\UNWISE.EXE C:\ARQUIV~1\IRPF2010\INSTALL.LOG
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
JDownloader-->C:\Program Files (x86)\JDownloader\uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KeyHoleTV-->"C:\Program Files (x86)\KeyHoleTV\uninstall.exe"
K-Lite Mega Codec Pack 6.0.4-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Live! Cam Avatar Creator-->C:\Program Files (x86)\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0816 -removeonly /remove
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mega Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0416-1000-0000000FF1CE} /uninstall {9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0416-0000-0000000FF1CE} /uninstall {02A880E2-B8B9-4BF5-8822-EA1374734E2E}
Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {75EBE365-7FC5-4720-A7D3-804BF550D1BC}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}
Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}
Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79}
Minilyrics(remove only)-->"C:\Program Files (x86)\Minilyrics\uninst-ml.exe"
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.6.6)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-02C6-53P2-M337-L954-UMME-0Z62-KMTK"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PowerDVD DX-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x416 -cluninstall
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Razer Orochi-->MsiExec.exe /X{306D4754-BECE-4FC7-85F3-B7FEED274AA8}
Receitanet Java 2010.02a-->C:\PROGRA~2\PROGRA~1\RECEIT~1\DesinstJ.exe
RemoteMedia-->"C:\Program Files (x86)\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
RESIDENT EVIL 5-->MsiExec.exe /X{AC08BBA0-96B9-431A-A7D0-D8598E493775}
RICOH R5U8xx Media Driver ver.3.62.02-->"C:\Program Files (x86)\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -runfromtemp -l0x0416 anything -removeonly
Samsung_MonSetup-->C:\Program Files (x86)\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ Beta 5.0-->MsiExec.exe /X{48A25E19-D9AE-4BBE-9411-6F4C5D328B39}
Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}\setup.exe" -l0x416 /remove
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
Star Wars: The Force Unleashed-->"C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2202131)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A67392E8-282B-4BEF-8020-EF3DD664DE7B}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe
Wakan 1.67-->C:\Program Files (x86)\Wakan\uninst.exe
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{32BC546A-8AA3-4239-AE92-9CF3291C35A6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F2CD4651-F948-467C-B014-71FD981B7F59}
Windows Live Mail-->MsiExec.exe /I{74AD1846-2010-4FB1-8E24-B6F2B87150C2}
Windows Live Messenger-->MsiExec.exe /X{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}
Windows Live OneCare safety scanner-->"C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======System event log======

Computer Name: RENERU
Event Code: 27
Message: Atualizações Automáticas em pausa.
Record Number: 11090
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20100505165627.421619-000
Event Type: Informações
User: NT AUTHORITY\SYSTEM

Computer Name: RENERU
Event Code: 7036
Message: O serviço Windows Modules Installer entrou no estado ???.
Record Number: 11089
Source Name: Service Control Manager
Time Written: 20100505165627.355615-000
Event Type: Informações
User:

Computer Name: RENERU
Event Code: 6006
Message: O serviço Log de eventos foi finalizado.
Record Number: 11088
Source Name: EventLog
Time Written: 20100505165628.000000-000
Event Type: Informações
User:

Computer Name: RENERU
Event Code: 7002
Message: Notificação de Logoff do Usuário para Programa de Aperfeiçoamento da Experiência do Usuário
Record Number: 11087
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100505165625.553512-000
Event Type: Informações
User: NT AUTHORITY\SYSTEM

Computer Name: RENERU
Event Code: 1074
Message: O processo C:\Windows\system32\winlogon.exe (RENERU) iniciou ????? do computador RENERU pelo usuário RENERU\Renner por este motivo: ?????????????????
Código de razão: 0x500ff
Tipo de encerramento: ?????
Comentário:
Record Number: 11086
Source Name: USER32
Time Written: 20100505165625.000000-000
Event Type: Informações
User: RENERU\Renner

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Falha no compartilhamento de memória , tipo 0
Nome do Evento: PnPDriverNotFound
Resposta: ????
Id do arquivo CAB: 0

Assinatura do problema:
P1: x64
P2: ACPI\ITE8708
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Arquivos anexados:
C:\Windows\Temp\DMIE52F.tmp.log.xml

Estes arquivos podem estar disponíveis em:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_4788e5217f2c32256a5765184387eda373e6428b_cab_0698e5eb

Símbolo da análise:
Verificando novamente solução: 0
Id de relatório: 723652cc-4cf0-11df-a929-c4bb6ed7fd9f
Status do relatório: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100421024904.000000-000
Event Type: Informações
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100421024903.000000-000
Event Type: Informações
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100421024900.000000-000
Event Type: Informações
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Serviço de Perfil de Usuário iniciado com êxito.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100421024856.577686-000
Event Type: Informações
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: O subsistema EventSystem está suprimindo entradas de log de eventos duplicadas para uma duração de 86400 segundos. O tempo limite de supressão pode ser controlado por um valor REG_DWORD denominado SuppressDuplicateDuration sob esta chave do Registro: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100421024856.000000-000
Event Type: Informações
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Foi alterado um grupo local com a segurança ativada.

Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: 37L4247E29-32$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7

Grupo:
Identificação de segurança: S-1-5-32-551
Nome do grupo: Backup Operators
Domínio do grupo: Builtin

Atributos alterados:
Nome de conta Sam: -
Histórico sid: -

Informações adicionais:
Privilégios: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100421024836.422450-000
Event Type: Sucesso da Auditoria
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Foi criado um grupo local com a segurança ativada.

Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: 37L4247E29-32$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7

Novo grupo:
Identificação de segurança: S-1-5-32-551
Nome do grupo: Backup Operators
Domínio do grupo: Builtin

Atributos:
Nome de conta Sam: Backup Operators
Histórico sid: -

Informações adicionais:
Privilégios: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100421024836.422450-000
Event Type: Sucesso da Auditoria
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Criada tabela de diretivas de auditoria por usuário.

Número de elementos: 0
Identificação da diretiva: 0x595cb
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100421024836.032450-000
Event Type: Sucesso da Auditoria
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: O logon de uma conta foi efetuado com sucesso.

Requerente:
Identificação de segurança: S-1-0-0
Nome da conta: -
Domínio da conta: -
Identificação de logon: 0x0

Tipo de logon: 0

Novo logon:
Identificação de segurança: S-1-5-18
Nome da conta: SYSTEM
Domínio da conta: NT AUTHORITY
Identificação de logon: 0x3e7
GUID de logon: {00000000-0000-0000-0000-000000000000}

Informações do processo:
Identificação do processo: 0x4
Nome do processo:

Informações da rede:
Nome da estação de trabalho: -
Endereço da rede de origem: -
Porta de origem: -

Informações detalhadas da autenticação:
Processo de logon: -
Pacote de autenticação: -
Serviços transitados: -
Nome do pacote (somente NTLM): -
Comprimento da chave: 0

Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado.

Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe.

O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede).

Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado.

Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos.

Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon.
-O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC.
- Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon.
- Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM.
- Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100421024834.316447-000
Event Type: Sucesso da Auditoria
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows está iniciando.

Este evento é registrado quando o LSASS.EXE inicia e o subsistema de auditoria é inicializado.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100421024834.269647-000
Event Type: Sucesso da Auditoria
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Dell\Dell Wireless WLAN Card;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=1e05
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#4 Por igoreso
16/07/2010 - 22:22
  • Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivírus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
  • Duplo clique no ícone que está no desktop.
  • 5664f6f4e91b4e3114e2f0b96a3927fc
  • Leia e aceite as condições, digitando 1 e enter.
  • Computadores com Windows XP deverão instalar o Console de Recuperação:
  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
    recovery-console-prompt.jpg
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.
    recovery-console-installed.jpg
  • O ComboFix será executado, por favor seja paciente e aguarde.
  • Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.
  • Poderá surgir o aviso que é necessário reiniciar o computador.
  • NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.
  • Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua resposta.

  • OBS.1: Caso apareça uma mensagem avisando que ESTE NÃO É UM APLICATIVO WIN 32 VÁLIDO ou caso os virus ou malwares bloqueiem a execução do Combofix, baixe o ComboFix novamente, mas salve-o em seu Desktop como xcxc12.cmd . Neste caso, nomeie-o como xcxc12.cmd durante o salvamento e não após salvá-lo!
    966f91d4d079725082eff99375667660

  • Em último caso, se não for possível executar o Combofix no Modo Normal do Windows, tente utilizar o ComboFix em MODO SEGURO (reiniciando o computador e pressionando a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização e escolha a opção Modo Seguro na tela que se apresenta) e repita o procedimento;

  • OBS.2: Caso haja um clique sobre a janela do ComboFix em execução, ela irá MAXIMIZAR, sobrepondo-se sobre as demais. Para minimizá-la novamente basta utilizar a combinação ALT + TAB.
  • Se por algum motivo você precisar parar ou sair do ComboFix, tecle "N".
  • Se perder a conexão com a internet, reinicie o computador. Caso o problema persista, abra Conexões de Rede no Painel de Controle, clique com o botão direito do mouse sobre a sua conexão com a internet e em "Reparar";

Leia esse tutorial o cole o log na resposta:
http://sites.google.com/site/desinfetar/combofix
observe.pngNão respondo duvidas por MP, e-mail e msn! Use o fórum!

igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#6 Por igoreso
17/07/2010 - 09:02
renner_santos disse:


Falta de atenção essa ferramenta não é compatível!
Faça o seguinte:
Fazer download aqui avz4.zip
# Descompacte-lo em sua área de trabalho para uma pasta denominada avz4
# Duplo clique em AVZ.exe para executá-lo.
# Execute uma atualização clicando no botão de atualização automática sobre o direito da janela de log:avz-update-button.png
Clique em Start para começar a atualização
Nota: Se você receber uma mensagem de erro, escolheu uma fonte diferente, clique em iniciar novamente
# Inicie AVZ.
# Escolha no menu "File" = > "Standard scripts" e marque a caixa de seleção "Advanced System Analysis with malware removal mode enabled".
avz-standardscripts-asa-removal.png
# Clique em "Execute selected scripts”.
# Verificação do sistema e escaneamento, cura e sistema automática será executada.
# Um arquivo de log (avz_sysinfo.htm) será criado e salvo na pasta de LOG no diretório AVZ virusinfo_syscure.zip.
# É necessário reinicializar o computador, porque AVZ possa perturbar algumas operações de programa (como antiviruses e firewall) durante a varredura de sistema.
# Todos os aplicativos funcionarão corretamente após a reinicialização do sistema.
avz-standardscripts-asa.png
Reinicie o AVZ
# Inicie AVZ.
# Escolha no menu "File" = > "Standard scripts" e marque a caixa de seleção "Advanced System Analysis".
# Estalesobre "Execute selected scripts".
# Uma verificação do sistema será realizada automaticamente, e o arquivo de log criado (avz_sysinfo.htm) serão salvas na pasta de LOG no diretório AVZ virusinfo_syscheck.zip.
Anexar seu próximo poste virusinfo_syscure.zip e virusinfo_syscheck.zip
observe.pngNão respondo duvidas por MP, e-mail e msn! Use o fórum!

igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#9 Por igoreso
04/08/2010 - 22:36
renner_santos disse:


Vou analisar, mas calma as vezes não tempo!me_espantei.pngPor isso espere!
-- ETAPA x --
Faça download do Kaspersky Removal Tool e salve em seu desktop.
Instale o programa normalmente, seguindo todas as instruções.
Uma pasta chamada Virus Removal Tool será criada no desktop.
Na tela do programa clique nas opções:
  • Meu computador
  • Hidden Startup objects
  • Disk boot sectors
  • System Memory

Clique no botão Start Scan.
Seja paciente, á análise é demorada!
Conforme for analisando provavelmente abrirá algumas janelas pequenas ao lado do relógio, não clique em nada.
Também há uma possibilidade de abrir uma janela maior contendo as seguintes opções:
  • Desinfection (se possível)
  • Delete
  • Skip

Quando aparecer, marque primeiro a opção abaixo Apply to all objects e depois clique numa das opções acima.
Após completar tudo, clique no botão Reports, na janela que abrir nas opções acima deixe:
  • Autoscan
  • Group by result
  • All Events

Expanda Autoscan clicando no sinal ao lado de +
Expanda Result: Detected.
Clique com o botão direito do mouse e escolha Select all, e depois escolha Copy.
Atenção, ao fazer isso parece que o PC travou, mas não, aguarde uns minutos para liberar a memória.
Abra o Bloco de Notas e cole (ctrl + v) ou Iniciar>Executar>digite Notpad
Dê um nome para o arquivo e salve numa pasta de sua preferência.
Feche o resultado clicando no botão Exit.
Ao fazer isso será questionado se quer desinstalar a ferramenta, clique em Sim.
Reinicie o computador quando for pedido.
Poste o conteúdo desse arquivo em sua próxima resposta.
OBS1: Note que as janelas durante o análise elas possuem cores diferentes dependendo do risco.
Portanto:
  • verde: baixo risco
  • amarelo: médio risco
  • vermelho: alto risco

Antes de tomar qualquer medida verifique com cuidado o caminho/nome do arquivo para ver é de seu conhecimento, caso seja clique em Skip.
OBS2: Se no resultado final da análise apenas tiver Result: OK, não será preciso gerar um relatório, apenas informe deste.

-- ETAPA x --
Faça o download do OTL e salve em seu Desktop:
http://oldtimer.geekstogo.com/OTL.exe

Lembre-se que estiver executando Windows Vista ou 7 é necessário dar privilégio de administrador a ferramenta para isso:
Clique com o direito do mouse sobre o arquivo e depois clique em
17c004ff757474cda22635c154079dfa

Deixe a tela principal configurada conforme figura abaixo:
http://i43.tinypic.com/npp3qe.jpg
Selecione estas linhas na codebox, clique com o direito sobre a seleção, e escolha a opção copiar:
netsvcs
msconfig
drivers32/all
safebootminimal
safebootnetwork
CREATERESTOREPOINT
%SYSTEMDRIVE%\*.* /90
%systemroot%\*. /mp /s
%SystemDrive%\$recycle.bin\*.* /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\Tasks\*.job /90
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\*.exe
%systemroot%\system32\config\*.dll
%systemroot%\system32\config\*.exe
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\Internet Explorer\*.* /90
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Update\*.*
%PROGRAMFILES%\*.*
%Temp%\*.exe
%Temp%\*.dll
%UserProfile%\*.dll
%UserProfile%\*.sys
%UserProfile%\*.exe
%windir%\Fonts\*.dll
%windir%\Fonts\*.sys
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%windir%\Fonts\*.exe
%AppData%\*.exe
%AppData%\*.dll
%AppData%\*.sys
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2 /rs

Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar
db99308039640660fd5aef9162284a00
Clique no botão Verificar
Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.
O exame demora um pouco, tenha paciência.

Quando terminar será gerado dois logs: OTL.txt e Extras.txt.
Poste os dois logs em sua próxima resposta, não exclua o OTL.

Caso fique muito grande compacte esses arquivos para zip e anexe ao poste. Para isso clique em Modo Avançado na barra de respostas, depois vá até a aba Anexar Arquivos, clique me Gerenciar Anexos, na janela aberta clique me procurar selecione o arquivo do log do e clique em Upload e feche a janela.
observe.pngNão respondo duvidas por MP, e-mail e msn! Use o fórum!

© 1999-2025 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal