Dss Logs
Hi Shaba,
Before everything i want to thank you for your help.
Ok, I've run the Dss as told an here are the logs:
Deckard's System Scanner v20071014.68
Run by Helder Dias on 2008-06-15 23:38:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-06-15 22:38:53 UTC - RP1 - Ponto de verificação do sistema
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Helder Dias.exe) -----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40:21, on 15-06-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Ficheiros comuns\Acronis\Schedule2\schedul2.exe
C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programas\Symantec AntiVirus\DefWatch.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programas\Symantec AntiVirus\Rtvscan.exe
C:\Programas\Windows Defender\MSASCui.exe
C:\Programas\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe
C:\Programas\Java\jre1.6.0_06\bin\jusched.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Ray Adams\ATI Tray Tools\atitray.exe
C:\Documents and Settings\Helder Dias\Ambiente de trabalho\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Helder Dias.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.clix.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programas\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\\vptray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVEDESK] "C:\Programas\AveDesk\AveDesk.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Programas\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Definições locais\Temp" (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Definições locais\Temp" (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ATI Tray Tools.lnk = C:\Programas\Ray Adams\ATI Tray Tools\atitray.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1196441605638
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0D986BA-1CA8-44ED-8C69-536635C23B47}: NameServer = 195.23.129.126,194.79.69.222
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programas\Ficheiros comuns\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programas\Symantec AntiVirus\DefWatch.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programas\Ficheiros comuns\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programas\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programas\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Programas\Ficheiros comuns\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 8919 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080513-144038-594 O2 - BHO: (no name) - {A0EAE3D0-8B40-4CDA-A2B9-2CFE6E41712D} - C:\WINDOWS\system32\qoMdCTJc.dll (file missing)
backup-20080513-144038-597 O2 - BHO: (no name) - {FC4A36C9-D7DC-4E7D-82AF-68A62BC04356} - C:\WINDOWS\system32\cbXQhGAT.dll (file missing)
backup-20080513-144038-806 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
backup-20080513-144038-879 O2 - BHO: (no name) - {AE6F8D85-21E5-47EF-AA9B-C434E188DEB9} - C:\WINDOWS\system32\efcdEVpp.dll (file missing)
backup-20080513-144038-992 O4 - HKCU\..\Policies\Explorer\Run: [NTSecurity] NTSecurity.exe
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 viasraid - c:\windows\system32\drivers\viasraid.sys <Not Verified; VIA Technologies inc,.ltd; Raid controller 6420 driver>
R1 atitray - c:\programas\ray adams\ati tray tools\atitray.sys
R2 LBeepKE - c:\windows\system32\drivers\lbeepke.sys <Not Verified; Logitech Inc.; Logitech SetPoint>
R2 U3sHlpDr - c:\windows\system32\drivers\u3shlpdr.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing)
S3 catchme - c:\combofix\catchme.sys (file missing)
S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys
S3 giveio - c:\windows\system32\giveio.sys
S3 LHidUsbK (SetPoint USB Receiver device driver) - c:\windows\system32\drivers\lhidusbk.sys <Not Verified; Logitech Inc.; Logitech SetPoint>
S3 RushTopDevice - c:\programas\msi\core center\rushtop.sys <Not Verified; MICRO-STAR INT'L CO., LTD.; MSI CoreCenter>
S3 SunkFilt (Alcor Micro Corp Reader) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt>
S3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 EPSON_PM_RPCV4_01 (EPSON V3 Service4(01)) - c:\documents and settings\all users\application data\epson\epw!3 ssrp\e_s30rp1.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Status Monitor 3>
S3 ServiceLayer - "c:\programas\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S3 StarWindServiceAE (StarWind AE Service) - c:\programas\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia N73
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia N73
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-06-15 23:38:02 322 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-06-15 23:35:16 494 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2008-06-15 08:10:00 322 --a------ C:\WINDOWS\Tasks\emulext.job
2008-06-11 03:44:56 276 --a------ C:\WINDOWS\Tasks\µTorrent.job
2008-06-09 20:45:54 336 --a------ C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
-- Files created between 2008-05-15 and 2008-06-15 -----------------------------
2008-06-15 23:31:30 0 dr-h----- C:\Documents and Settings\Helder Dias\Recent
2008-06-15 01:10:13 0 d--hs---- C:\WINDOWS\ftpcache
2008-06-07 05:12:04 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\InstallShield
2008-06-03 13:56:34 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-06-03 13:56:31 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified;
www.helixcommunity.org; Helix YV12 YUV Codec>
2008-06-03 13:56:31 144384 --a------ C:\WINDOWS\system32\Iacenc.dll <Not Verified; Intel Corporation; Indeo® audio software>
2008-06-03 13:56:31 39936 --a------ C:\WINDOWS\system32\huffyuv.dll <Not Verified; Disappearing Inc.; Huffyuv>
2008-06-03 13:56:30 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-03 13:56:30 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-03 13:56:30 2121235 --a------ C:\WINDOWS\system32\x264vfw.dll
2008-06-03 13:56:30 630784 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2008-06-03 13:56:30 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-06-03 13:56:29 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-06-03 13:56:29 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-06-03 13:56:28 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-06-03 13:56:27 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-03 13:56:25 0 d-------- C:\Programas\K-Lite Codec Pack
2008-06-03 13:56:25 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Real
2008-06-03 13:56:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-05-28 02:51:27 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Mesa Dynamics, LLC
2008-05-28 02:46:42 0 d-------- C:\Programas\VisualTaskTips
2008-05-27 22:47:44 0 d-------- C:\Programas\Alky for Applications
2008-05-27 22:38:12 162816 --a------ C:\WINDOWS\system32\fmod.dll <Not Verified; Firelight Technologies Pty, Ltd; FMOD>
2008-05-27 22:37:31 102400 --a------ C:\WINDOWS\system32\tsccvid.dll <Not Verified; TechSmith Corporation; TechSmith Screen Capture Codec>
-- Find3M Report ---------------------------------------------------------------
2008-06-15 23:37:06 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\uTorrent
2008-06-15 23:36:39 0 d-------- C:\Programas\Symantec AntiVirus
2008-06-15 22:05:17 0 d-------- C:\Programas\emule0.48a-Xtreme6.1
2008-06-15 03:13:16 0 d--h----- C:\Programas\InstallShield Installation Information
2008-06-14 22:28:59 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Vso
2008-06-14 22:28:55 0 d-------- C:\Programas\DVDFab 5
2008-06-14 16:24:54 0 d-------- C:\Programas\eMule
2008-06-13 01:27:01 0 d-------- C:\Programas\SpywareBlaster
2008-06-13 00:54:09 0 d-------- C:\Programas\Malwarebytes' Anti-Malware
2008-06-03 13:34:02 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\URSoft
2008-06-03 13:34:00 0 d-------- C:\Programas\Your Uninstaller 2008
2008-06-03 13:29:56 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Thinstall
2008-05-30 14:44:28 0 d-------- C:\Programas\TuneUp Utilities 2008
2008-05-27 22:41:31 0 d-------- C:\Programas\UltraISO
2008-05-27 22:41:28 0 d-------- C:\Programas\Ficheiros comuns\EZB Systems
2008-05-27 22:37:02 0 d-------- C:\Programas\eXtreme Movie Manager
2008-05-21 10:53:32 0 d-------- C:\Programas\Microsoft Silverlight
2008-05-14 13:17:45 492802 --a------ C:\WINDOWS\system32\perfh016.dat
2008-05-14 13:17:45 83934 --a------ C:\WINDOWS\system32\perfc016.dat
2008-05-14 13:03:59 0 d-------- C:\Programas\Messenger
2008-05-14 13:03:42 0 d-------- C:\Programas\Movie Maker
2008-05-13 16:05:15 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Malwarebytes
2008-05-12 12:29:34 34 --a------ C:\Documents and Settings\Helder Dias\Application Data\pcouffin.log
2008-05-12 12:26:38 47360 --a------ C:\Documents and Settings\Helder Dias\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-05-12 12:26:38 1144 --a------ C:\Documents and Settings\Helder Dias\Application Data\pcouffin.inf
2008-05-12 12:26:38 7887 --a------ C:\Documents and Settings\Helder Dias\Application Data\pcouffin.cat
2008-05-09 12:42:07 0 d-------- C:\Programas\Aicon121
2008-05-06 15:42:09 0 d-------- C:\Programas\ATI Technologies
2008-05-06 15:38:33 0 d-------- C:\Programas\DIFX
2008-05-06 15:33:15 0 d-------- C:\Programas\Paint.NET
2008-05-06 12:43:50 0 d-------- C:\Programas\Ficheiros comuns\Symantec Shared
2008-05-06 12:43:16 0 d-------- C:\Programas\Symantec
2008-05-03 16:35:14 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\Acronis
2008-05-03 15:22:25 0 d-------- C:\Programas\Ficheiros comuns\Acronis
2008-05-03 15:22:13 0 d-------- C:\Programas\Ficheiros comuns
2008-05-03 15:22:13 0 d-------- C:\Programas\Acronis
2008-05-01 16:40:08 3541 --a------ C:\WINDOWS\mozver.dat
2008-05-01 16:06:27 0 d-------- C:\Documents and Settings\Helder Dias\Application Data\vlc
2008-05-01 15:01:48 0 d-------- C:\Programas\DAEMON Tools Lite
2008-05-01 14:59:07 0 d-------- C:\Programas\Winamp
2008-05-01 14:48:52 0 d-------- C:\Programas\Java
2008-03-28 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Programas\Windows Defender\MSASCui.exe" [03-11-2006 19:20]
"!AVG Anti-Spyware"="C:\Programas\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe" [13-02-2008 12:36]
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_06\bin\jusched.exe" [25-03-2008 04:28]
"ccApp"="C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe" [29-05-2007 16:33]
"vptray"="C:\PROGRA~1\SYMANT~1\\vptray.exe" [07-10-2007 20:48]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14-04-2008 17:09]
"AVEDESK"="C:\Programas\AveDesk\AveDesk.exe" [26-10-2005 00:44]
"DAEMON Tools Lite"="C:\Programas\DAEMON Tools Lite\daemon.exe" [01-04-2008 10:39]
"uTorrent"="C:\Programas\uTorrent\uTorrent.exe" [30-01-2008 13:34]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FICHEI~1\MICROS~1\DW\dwtrig20.exe" -t
C:\Documents and Settings\Helder Dias\Menu Iniciar\Programas\Arranque\
ATI Tray Tools.lnk - C:\Programas\Ray Adams\ATI Tray Tools\atitray.exe [22-05-2007 10:04:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"=11 (0xb)
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsNetHood"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\programas\ficheiros comuns\logitech\bluetooth\LBTWlgn.dll 09-01-2008 13:30 72208 c:\Programas\Ficheiros comuns\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MsnMsgr"="C:\Programas\Windows Live\Messenger\MsnMsgr.Exe" /background
"PC Suite Tray"="C:\Programas\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
"SpybotSD TeaTimer"=C:\Programas\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sunkist2k"=C:\Programas\Multimedia Card Reader\shwicon2k.exe
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"Acronis Scheduler2 Service"="C:\Programas\Ficheiros comuns\Acronis\Schedule2\schedhlp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4566c3e8-e793-11dc-8c58-000c7691af0b}]
AutoRun\command- G:\setup\rsrc\Autorun.exe
dinstall\command- G:\Directx\dxsetup.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
8729 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-06-15 23:42:20 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: Portuguese
CPU 0: AMD Athlon(tm) 64 Processor 3400+
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 2047.48 MiB / 1392.08 MiB
Pagefile Memory (total/avail): 3427.59 MiB / 2918.72 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1913.03 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 34.18 GiB total, 12.32 GiB free.
D: is Fixed (NTFS) - 19.53 GiB total, 12.52 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (UDF)
H: is Fixed (NTFS) - 58.59 GiB total, 54.07 GiB free.
I: is Fixed (NTFS) - 58.59 GiB total, 11.33 GiB free.
J: is Fixed (NTFS) - 96.16 GiB total, 18.52 GiB free.
K: is Fixed (NTFS) - 698.64 GiB total, 127.83 GiB free.
L: is Fixed (NTFS) - 199.57 GiB total, 100.36 GiB free.
M: is Fixed (NTFS) - 279.47 GiB total, 39.78 GiB free.
N: is Fixed (NTFS) - 279.47 GiB total, 28.48 GiB free.
O: is Fixed (NTFS) - 233.76 GiB total, 104.68 GiB free.
\\.\PHYSICALDRIVE1 - HDS72252 5VLSA80 SCSI Disk Device - 232.88 GiB - 4 partitions
\PARTITION0 (bootable) - Sistema de ficheiros instalável - 19.53 GiB - D:
\PARTITION1 - Sistema de ficheiros instalável - 58.59 GiB - H:
\PARTITION2 - Sistema de ficheiros instalável - 58.59 GiB - I:
\PARTITION3 - Sistema de ficheiros instalável - 96.16 GiB - J:
\\.\PHYSICALDRIVE4 - Maxtor 6V300F0 SCSI Disk Device - 279.47 GiB - 1 partition
\PARTITION0 - Sistema de ficheiros instalável - 279.47 GiB - M:
\\.\PHYSICALDRIVE0 - Maxtor 6 L250S0 SCSI Disk Device - 233.76 GiB - 1 partition
\PARTITION0 - Sistema de ficheiros instalável - 233.76 GiB - O:
\\.\PHYSICALDRIVE3 - Unidade - 279.47 GiB - 1 partition
\PARTITION0 - Sistema de ficheiros instalável - 279.47 GiB - N:
\\.\PHYSICALDRIVE2 - Maxtor 7 Y250M0 SCSI Disk Device - 233.76 GiB - 2 partitions
\PARTITION0 (bootable) - Sistema de ficheiros instalável - 34.18 GiB - C:
\PARTITION1 - Expandido com Int 13 expandido - 199.57 GiB - L:
\\.\PHYSICALDRIVE5 - SAMSUNG HD753LJ SCSI Disk Device - 698.64 GiB - 1 partition
\PARTITION0 - Sistema de ficheiros instalável - 698.64 GiB - K:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALKY=C:\Programas\Alky for Applications\Libraries\
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Helder Dias\Application Data
CommonProgramFiles=C:\Programas\Ficheiros comuns
COMPUTERNAME=HELDER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Helder Dias
LOGONSERVER=\\HELDER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Programas\PC Connectivity Solution;C:\Programas\ATI Technologies\ATI.ACE\Core-Static;C:\Programas\Alky for Applications\Libraries\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 8, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0408
ProgramFiles=C:\Programas
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HELDER~1\DEFINI~1\Temp
TMP=C:\DOCUME~1\HELDER~1\DEFINI~1\Temp
USERDOMAIN=HELDER
USERNAME=Helder Dias
USERPROFILE=C:\Documents and Settings\Helder Dias
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Helder Dias
(admin)
Administrador
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Programas\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
162x driver v1.22 --> C:\Programas\InstallShield Installation Information\{34A13B6B-512C-45E7-A3D0-7771C2D5B895}\setup.exe -runfromtemp -l0x0009 -removeonly
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0816-0000-0000000FF1CE} /uninstall {C450104C-4F9F-4924-8B97-92FB09DE9A92}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0816-0000-0000000FF1CE} /uninstall {6C04B8BC-6DC4-422F-B871-0236D11C50AB}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0816-0000-0000000FF1CE} /uninstall {A0926DF5-19BB-448D-B8AA-7B1E321F48CF}
Acronis True Image Home --> MsiExec.exe /X{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}
Actualização de segurança para Windows XP (KB913433) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Administrador PRIMAVERA v4.0 --> C:\WINDOWS\IsUn0816.exe -f"C:\Programas\PRIMAVERA Software\SGP\COMuninst.isu"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Alky for Applications (Windows XP) --> MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
AMD Processor Driver --> C:\Programas\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0816 -removeonly
Ant Movie Catalog --> "C:\Programas\Ant Movie Catalog\unins000.exe"
AntiSub Br 0.9.3 --> "C:\Programas\AntiSub Br\unins000.exe"
AnyReader 2.4 --> C:\Programas\AnyReader\uninst.exe
ATI - Software Uninstall Utility --> C:\Programas\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -clean
µTorrent --> "C:\Programas\uTorrent\uTorrent.exe" /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Programas\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AviSynth 2.5 --> "C:\Programas\AviSynth 2.5\Uninstall.exe"
Cópia de segurança das Pastas pessoais do Microsoft Outlook --> MsiExec.exe /X{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}
CDDRV_Installer --> MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Cliente de Gestão de Direitos do Windows - Retrocompatibilidade do SP2 --> MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Cliente de Gestão de Direitos do Windows com Service Pack 2 --> MsiExec.exe /X{028252D7-5DBA-4AD9-972E-6630F4B76A1D}
Command & Conquer 3 --> MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer Generals --> C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and ConquerTM Generals Zero Hour --> C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Compressor WinRAR --> C:\Programas\WinRAR\uninstall.exe
Core Center --> C:\WINDOWS\IsUninst.exe -f"C:\Programas\MSI\Core Center\Uninst.isu"
DH Driver Cleaner Professional Edition --> C:\Programas\Driver Cleaner Pro\Uninstall.exe
DivXLand Media Subtitler --> C:\WINDOWS\unvise32.exe C:\Programas\DivXLand\Media Subtitler\uninstal.log
DVD Decrypter (Remove Only) --> "C:\Programas\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Programas\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.2.5 --> "C:\Programas\DVDFab 5\unins000.exe"
DVDFab Multi Setup --> C:\Programas\DVDFab 5\Uninstall.exe
Easy Video Joiner 5.21 --> "C:\Programas\Easy Video Joiner\unins000.exe"
Easy Video Splitter 1.28 --> "C:\Programas\Easy Video Splitter\unins000.exe"
eMule --> "C:\Programas\eMule\Uninstall.exe"
EPSON TWAIN 5 --> RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\SETUP.EXE" -l0x816 UNINSTALL
eXtreme Movie Manager 6.2.3.0 - Full Install! --> "C:\Programas\eXtreme Movie Manager\unins000.exe"
Gestão Comercial PRIMAVERA v4.2 --> C:\WINDOWS\IsUn0816.exe -f"C:\Programas\PRIMAVERA Software\SGP\GCPuninst.isu"
HijackThis 2.0.2 --> "C:\Programas\Trend Micro\HijackThis\HijackThis.exe" /uninstall
IrfanView (remove only) --> C:\Programas\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Mega Codec Pack 3.9.0 --> "C:\Programas\K-Lite Codec Pack\unins000.exe"
KhalInstallWrapper --> MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Programas\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech SetPoint --> C:\Programas\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0816 -removeonly
Malwarebytes' Anti-Malware --> "C:\Programas\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live --> "C:\Programas\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-0015-0816-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-0016-0816-0000-0000000FF1CE}
Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-00BA-0816-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-0044-0816-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-00A1-0816-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-001A-0816-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-0018-0816-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-001F-0816-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-002C-0816-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-0019-0816-0000-0000000FF1CE}
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-006E-0816-0000-0000000FF1CE}
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 --> MsiExec.exe /X{90120000-001B-0816-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Modelo 3 v1.8 --> C:\Programas\Declarações Electrónicas\Modelo3\uninstall.exe
MozBackup 1.4.7 --> "C:\Programas\MozBackup\unins000.exe"
Mozilla Firefox (2.0.0.14) --> C:\Programas\Mozilla Firefox\uninstall\helper.exe
Mp3tag v2.38 --> C:\Programas\Mp3tag\Mp3tagUninstall.EXE
MSI Live Update 3 --> C:\WINDOWS\IsUninst.exe -f"C:\Programas\MSI\Live Update 3\Uninst.isu"
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multimedia Card Reader --> C:\Programas\Ficheiros comuns\InstallShield\Driver\8\Intel 32\IDriver.exe /M{07B02BD4-E799-4945-B240-166CA9A9BE2D} /l1033
Nero 8 --> MsiExec.exe /X{D6D5CB84-0E6E-4E69-B300-C690B6912070}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver --> MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Nokia_PC_Suite_rel_6_86_9_0_por.exe
Nokia PC Suite --> MsiExec.exe /I{0FC76B71-2534-4354-B255-3468578E3F47}
Nokia Software Updater --> MsiExec.exe /X{3741689E-584D-40C9-B011-373A0371846D}
Pacote de controladores do Windows - INITIO Corp. (inic162x) SCSIAdapter (02/21/2006 5.07.06.0221) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\inic162x_73BA3E065BCE32464E8031CD3B7470058DD60434\inic162x.inf
Pacote de controladores do Windows - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Pacote de controladores do Windows - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Pacote de controladores do Windows - Nokia Modem (03/05/2008 3.7) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Pacote de controladores do Windows - Nokia Modem (03/13/2008 6.86.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Pacote de controladores do Windows - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Pacote de controladores do Windows - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Pacote de controladores do Windows - Nokia Modem (08/08/2007 3.3) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_32E2E448B53EE5B28E074D88802D0BAF984038DA\pccs_bluetooth.inf
Pacote de controladores do Windows - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Pacote de controladores do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Paint.NET v3.31 --> MsiExec.exe /X{51AFB69C-1C54-4C77-A888-2860F8CD3E7D}
PC Connectivity Solution --> MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
Photo Toolkit 1.7 --> "C:\Programas\Photo Toolkit\unins000.exe"
Ray Adams ATI Tray Tools --> "C:\Programas\Ray Adams\ATI Tray Tools\uninstall.exe"
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x816 -removeonly
Registry Mechanic 7.0 --> "C:\Programas\Registry Mechanic\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Software para Impressoras EPSON --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Spybot - Search & Destroy --> "C:\Programas\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.1 --> "C:\Programas\SpywareBlaster\unins000.exe"
SSC Service Utility v4.30 --> "C:\Programas\SSC Service Utility\unins000.exe"
Symantec AntiVirus --> MsiExec.exe /I{2085C617-589C-40F8-BE40-EDBC9E2CA2EB}
The FilmMachine 1.5.4 --> "C:\Programas\The FilmMachine\unins000.exe"
Time Adjuster STANDARD 3.1 --> "C:\Programas\TimeAdjuster\Uninstall.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TVAnts 1.0 --> C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
UltraISO Premium V9.2 --> "C:\Programas\UltraISO\unins000.exe"
Unlocker 1.8.7 --> C:\Programas\Unlocker\uninst.exe
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}
v3.9.8.5128 --> "C:\Programas\GetData\Recover My Files\unins000.exe"
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA Platform Device Manager --> C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VideoLAN VLC media player 0.8.6h --> C:\Programas\VideoLAN\VLC\uninstall.exe
Visual Task Tips 3.2 --> C:\Programas\VisualTaskTips\uninst.exe
Winamp --> "C:\Programas\Winamp\UninstWA.exe"
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Live installer --> MsiExec.exe /X{0C69F74B-DA6A-4C56-8017-988B7D63993A}
Windows Live Mail --> MsiExec.exe /I{E00AE9B9-518F-42FB-987C-C4791AB42CBC}
Windows Live Messenger --> MsiExec.exe /X{B98023FD-EC2A-404B-BFC3-49E7ECE4490E}
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Presentation Foundation Language Pack (PTG) --> MsiExec.exe /X{51F01230-4561-433C-AFDA-0F158F4BDC8D}
Windows Workflow Foundation PT Language Pack --> MsiExec.exe /I{D3999FDC-943A-4E0F-9B26-DE5EA2E1F8E2}
XML Paper Specification Shared Components Pack 1.0 -->
Your Uninstaller! 2008 Version 6.0 --> "C:\Programas\Your Uninstaller 2008\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type4681 / Warning
Event Submitted/Written: 06/15/2008 11:31:37 PM
Event ID/Source: 1524 / Userenv
Event Description:
Não é possível ao Windows descarregar o ficheiro de registo de classes - ainda está a ser utilizado por outras aplicações ou serviços. O ficheiro será descarregado quando já não estiver a ser utilizado.
Event Record #/Type4677 / Warning
Event Submitted/Written: 06/15/2008 10:57:41 PM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 1 files inside J:\Música\Mp3\- Para Organizar\Ashanti-Concrete_Rose-2004-RNS-HOIM.rar due to extraction errors encountered by the Decomposer Engines.
Event Record #/Type4676 / Warning
Event Submitted/Written: 06/15/2008 10:57:37 PM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 1 files inside J:\Música\Mp3\- Para Organizar\50_Cent-Disco_Inferno-VLS-2004-CMS-HOIM.rar due to extraction errors encountered by the Decomposer Engines.
Event Record #/Type4675 / Warning
Event Submitted/Written: 06/15/2008 10:57:35 PM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 2 files inside J:\Música\Mp3\- Para Organizar\ Loose - Nelly Furtado [ Full Album].zip due to extraction errors encountered by the Decomposer Engines.
Event Record #/Type4674 / Warning
Event Submitted/Written: 06/15/2008 10:42:34 PM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 42 files inside H:\Downloads\Software\Total Video Converter New Ultimate 2008 v3 11 Winall.rar due to extraction errors encountered by the Decomposer Engines.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type5404 / Warning
Event Submitted/Written: 06/15/2008 11:40:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HELDER27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HELDER27 can't undo changes that you allow.
For more information please see the following:
%HELDER275
Scan ID: {FE000C99-D467-44C2-BD23-85ABEAF73C9A}
User: HELDER\Helder Dias
Name: %HELDER271
ID: %HELDER272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %HELDER276
Alert Type: %HELDER278
Detection Type: 1.1.1593.02
Event Record #/Type5403 / Warning
Event Submitted/Written: 06/15/2008 11:40:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HELDER27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HELDER27 can't undo changes that you allow.
For more information please see the following:
%HELDER275
Scan ID: {EFD78E90-1388-4BB0-9DC6-463B431E93BA}
User: HELDER\Helder Dias
Name: %HELDER271
ID: %HELDER272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %HELDER276
Alert Type: %HELDER278
Detection Type: 1.1.1593.02
Event Record #/Type5402 / Warning
Event Submitted/Written: 06/15/2008 11:40:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HELDER27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HELDER27 can't undo changes that you allow.
For more information please see the following:
%HELDER275
Scan ID: {0DA392BF-19E9-44DD-AA81-CB08A2982F4C}
User: HELDER\Helder Dias
Name: %HELDER271
ID: %HELDER272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %HELDER276
Alert Type: %HELDER278
Detection Type: 1.1.1593.02
Event Record #/Type5401 / Warning
Event Submitted/Written: 06/15/2008 11:40:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HELDER27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HELDER27 can't undo changes that you allow.
For more information please see the following:
%HELDER275
Scan ID: {07276981-1C79-4703-8372-CB1640060CD9}
User: HELDER\Helder Dias
Name: %HELDER271
ID: %HELDER272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %HELDER276
Alert Type: %HELDER278
Detection Type: 1.1.1593.02
Event Record #/Type5400 / Warning
Event Submitted/Written: 06/15/2008 11:40:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HELDER27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HELDER27 can't undo changes that you allow.
For more information please see the following:
%HELDER275
Scan ID: {F1AB6D0B-3D46-4BDB-84F3-48F5043E9F15}
User: HELDER\Helder Dias
Name: %HELDER271
ID: %HELDER272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %HELDER276
Alert Type: %HELDER278
Detection Type: 1.1.1593.02
-- End of Deckard's System Scanner: finished at 2008-06-15 23:42:20 ------------
Once more thank you
