Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
conradoav

Toda vez que ligo - Treat detected \skp6[1].exe

Recommended Posts

GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2008-11-24 21:27:14

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.14 ----

SSDT spok.sys ZwCreateKey [0xBA6A80E0]

SSDT spok.sys ZwEnumerateKey [0xBA6C6CA2]

SSDT spok.sys ZwEnumerateValueKey [0xBA6C7030]

SSDT spok.sys ZwOpenKey [0xBA6A80C0]

SSDT spok.sys ZwQueryKey [0xBA6C7108]

SSDT spok.sys ZwQueryValueKey [0xBA6C6F88]

SSDT spok.sys ZwSetValueKey [0xBA6C719A]

INT 0x82 ? 89D8FBF8

INT 0x83 ? 89D8FBF8

INT 0x83 ? 89D8FBF8

INT 0x83 ? 89D8FBF8

INT 0xA4 ? 89BF9F00

INT 0xB4 ? 89BF9F00

---- Kernel code sections - GMER 1.0.14 ----

? spok.sys O sistema não pode encontrar o arquivo especificado. !

.text USBPORT.SYS!DllUnload BA0AB62C 5 Bytes JMP 89BF94E0

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\winlogon.exe[856] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10066EF0 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\WINDOWS\system32\winlogon.exe[856] kernel32.dll!FreeLibrary 7C80AA66 5 Bytes JMP 10067060 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\WINDOWS\system32\winlogon.exe[856] kernel32.dll!FreeLibraryAndExitThread 7C80CEA1 5 Bytes JMP 10066D90 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\DOCUME~1\Conrado\CONFIG~1\Temp\Rar$EX00.390\gmer.exe[3868] USER32.DLL!GetKeyState 77D2C379 5 Bytes JMP 10045F30 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\DOCUME~1\Conrado\CONFIG~1\Temp\Rar$EX00.390\gmer.exe[3868] USER32.DLL!GetAsyncKeyState 77D2D051 5 Bytes JMP 10046240 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\DOCUME~1\Conrado\CONFIG~1\Temp\Rar$EX00.390\gmer.exe[3868] USER32.DLL!GetKeyboardState 77D2EF35 5 Bytes JMP 100460B0 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\DOCUME~1\Conrado\CONFIG~1\Temp\Rar$EX00.390\gmer.exe[3868] USER32.DLL!FindWindowA 77D4F3C6 5 Bytes JMP 10068930 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

.text C:\DOCUME~1\Conrado\CONFIG~1\Temp\Rar$EX00.390\gmer.exe[3868] USER32.DLL!FindWindowExA 77D4F7D0 5 Bytes JMP 10068960 C:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco ABN AMRO)

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [bA6A9040] spok.sys

IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [bA6A913C] spok.sys

IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [bA6A90BE] spok.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [bA6A97FC] spok.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [bA6A96D2] spok.sys

IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [bA6B9048] spok.sys

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 89D8D1F8

Device \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbohci \Device\USBPDO-0 89C30500

Device \Driver\dmio \Device\DmControl\DmIoDaemon 89D901F8

Device \Driver\dmio \Device\DmControl\DmConfig 89D901F8

Device \Driver\dmio \Device\DmControl\DmPnP 89D901F8

Device \Driver\dmio \Device\DmControl\DmInfo 89D901F8

Device \Driver\usbehci \Device\USBPDO-1 89B8E500

Device \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 89D911F8

Device \Driver\Cdrom \Device\CdRom0 89BF21F8

Device \Driver\atapi \Device\Ide\IdePort0 89D8F1F8

Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 89D8F1F8

Device \Driver\atapi \Device\Ide\IdePort1 89D8F1F8

Device \Driver\atapi \Device\Ide\IdePort2 89D8F1F8

Device \Driver\atapi \Device\Ide\IdePort3 89D8F1F8

Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 89D8F1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{B2CE4121-555F-45C5-9AA7-5DFFED40C340} 88F6E1F8

Device \Driver\NetBT \Device\NetBt_Wins_Export 88F6E1F8

Device \Driver\NetBT \Device\NetbiosSmb 88F6E1F8

Device \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbohci \Device\USBFDO-0 89C30500

Device \Driver\usbehci \Device\USBFDO-1 89B8E500

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 88F531F8

Device \Driver\Tcpip \Device\IPMULTICAST avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \FileSystem\MRxSmb \Device\LanmanRedirector 88F531F8

Device \Driver\Ftdisk \Device\FtControl 89D911F8

Device \FileSystem\Cdfs \Cdfs 88F4F1F8

---- Services - GMER 1.0.14 ----

Service C:\ARQUIV~1\GbPlugin\GbpSv.exe (*** hidden *** ) [AUTO] GbpSv <-- ROOTKIT !!!

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Type 16

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Start 2

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ErrorControl 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ImagePath C:\ARQUIV~1\GbPlugin\GbpSv.exe

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@DisplayName Gbp Service

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Group GbPlugin Group

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@ObjectName LocalSystem

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv@Description Service for G-Buster Browser Defense

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD8 0x96 0xBB 0x0F ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0xFF 0xE6 0x01 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xAD 0xA6 0x24 0xED ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA4 0xA2 0x9A 0x36 ...

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@Type 16

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@Start 2

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@ErrorControl 1

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@ImagePath C:\ARQUIV~1\GbPlugin\GbpSv.exe

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@DisplayName Gbp Service

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@Group GbPlugin Group

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@ObjectName LocalSystem

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv@Description Service for G-Buster Browser Defense

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv\Security

Reg HKLM\SYSTEM\ControlSet002\Services\GbpSv\Security@Security 0x01 0x00 0x14 0x80 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD8 0x96 0xBB 0x0F ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0xFF 0xE6 0x01 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xAD 0xA6 0x24 0xED ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA4 0xA2 0x9A 0x36 ...

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs avgrsstx.dll

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@LoadAppInit_DLLs 1

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@load skp66.exe

---- Files - GMER 1.0.14 ----

File C:\Documents and Settings\Conrado\Dados de aplicativos\Microsoft\Office\Recente\Atividades LAHURP.LNK 473 bytes

File C:\Documents and Settings\Conrado\Dados de aplicativos\Microsoft\Office\Recente\Certificado organização (2).LNK 661 bytes

---- EOF - GMER 1.0.14 ----

info.txt logfile of random's system information tool 1.04 2008-11-24 21:27:33

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Active Desktop Calendar 7.55-->"C:\Arquivos de programas\XemiComputers\Active Desktop Calendar\unins000.exe"

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Arquivos de programas\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Arquivos de programas\Adobe\Photoshop 7.0\Uninst.dll"

Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}

Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe

Assistente de Conexão do Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}

AVG Free 8.0-->C:\Arquivos de programas\AVG\AVG8\setup.exe /UNINSTALL

CCleaner (remove only)-->"C:\Arquivos de programas\CCleaner\uninst.exe"

Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}

Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}

DVD Shrink 3.2-->"C:\Arquivos de programas\DVD Shrink\unins000.exe"

eMule-->"C:\Arquivos de programas\eMule\Uninstall.exe"

Google Toolbar for Internet Explorer-->"C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarManager_11CB06797F2F038A.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe"

iPod for Windows 2006-01-10-->C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033

iSilo-->C:\Arquivos de programas\iSilo\iSilo\ISWSetup.exe /u

iTunes-->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1033

Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}

Malwarebytes' Anti-Malware-->"C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}

Microsoft Flight Simulator 2004 A Century of Flight-->"C:\Arquivos de programas\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove

Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}

Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Motorola SM56 Data Fax Modem-->rundll32.exe sm56co.dll,SM56UnInstaller

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

Multimedia / Internet Keyboard Driver VerR8.15-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{A0BD89C0-D39D-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x816

Nero 6 Ultra Edition-->C:\Arquivos de programas\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI

Pacote de Driver do Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->C:\ARQUIV~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6BB39F1EC944FFEC350102E938AD2A41741CF48F\amdk8.inf

PFJ Fokker F28 v1-->"C:\Arquivos de programas\Microsoft Games\Flight Simulator 9\Aircraft\PFJ Fokker F28-library\unins000.exe"

Picasa 2-->"C:\Arquivos de programas\Picasa2\Uninstall.exe"

PowerDVD-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

QuickTime-->C:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033

Realtek High Definition Audio Driver-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x416 -removeonly

REALTEK RTL8187 Wireless LAN Driver -->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{6C8BA76A-CDB9-46A7-B580-8F982FA4364E}\Setup.exe" -l0x416 REMOVE

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

SquawkBox 3-->C:\Arquivos de programas\SquawkBox3\sbuninstall.exe SquawkBox 3

Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Arquivos de programas\InstallShield Installation Information\{B9C22F96-61F6-4ADA-808A-4A1AE835E75F}\setup.exe -runfromtemp -l0x0416

VideoCAM Messenger-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{862546CA-19C6-4D42-A6EB-352820682FA3}\Setup.exe" -l0x416

Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"

Windows Live Beta (todos os programas)-->C:\Arquivos de programas\Windows Live\Installer\wlarp.exe

Windows Live Beta (todos os programas)-->MsiExec.exe /I{4FE37B71-AB78-4F4A-8327-A8401E5BD12A}

Windows Live Call-->MsiExec.exe /I{F99EE599-A088-4037-831E-587E9BB35826}

Windows Live Messenger-->MsiExec.exe /X{2B3D758E-DEE0-4868-B2F6-9CE435A13400}

Windows Media Format Runtime-->"C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"

Windows Media Player 10-->"C:\Arquivos de programas\Windows Media Player\Setup_wm.exe" /Uninstall

======Security center information======

AV: AVG Anti-Virus Free

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Arquivos de programas\QuickTime\QTSystem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 76 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=4c02

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=C:\Arquivos de programas\Java\jre1.6.0_06\lib\ext\QTJava.zip

"QTJAVA"=C:\Arquivos de programas\Java\jre1.6.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×