[Arquivado] Problemas no computador

PedroN · Janeiro 17, 2010

Repita os procedimentos do post #3

_The_Punk_Rocker_ · Janeiro 19, 2010

Ok aqui vai:

OTL.txt:

OTL logfile created on: 2010-01-19 22:52:11 - Run 2

OTL by OldTimer - Version 3.1.23.0 Folder = C:\Users\Diogo Moreira\Desktop

Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16681)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 225,97 Gb Total Space | 34,99 Gb Free Space | 15,48% Space Free | Partition Type: NTFS

Drive D: | 6,91 Gb Total Space | 1,26 Gb Free Space | 18,25% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: HEMDATORN

Current User Name: Diogo Moreira

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Users\Diogo Moreira\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

PRC - C:\Program\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

PRC - C:\Program\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

PRC - C:\Program\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

PRC - C:\Program\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

PRC - C:\Program\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

PRC - C:\Program\Google\Update\GoogleUpdate.exe (Google Inc.)

PRC - C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

PRC - C:\Program\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)

PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

PRC - C:\Program\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()

PRC - C:\Program\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

PRC - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)

PRC - C:\Program\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)

PRC - C:\Program\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Program\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

PRC - C:\Program\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)

PRC - c:\Program\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)

PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

PRC - C:\Program\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

PRC - C:\hp\KBD\kbd.exe (Hewlett-Packard Company)

========== Modules (SafeList) ==========

MOD - C:\Users\Diogo Moreira\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (NMIndexingService) -- File not found

SRV - (LiveUpdate Notice Ex) -- File not found

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

SRV - (gupdate1c95234997d78cf) Google Update Service (gupdate1c95234997d78cf) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)

SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)

SRV - (Apache2.2) -- C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe (Apache Software Foundation)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (LiveUpdate) -- C:\Program\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)

SRV - (Automatisk LiveUpdate-schemaläggare) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)

SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (StarWindServiceAE) -- C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)

SRV - (WinDefend) -- C:\Program\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (RoxMediaDB9) -- c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)

SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

SRV - (stllssvr) -- c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)

SRV - (LightScribeService) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)

DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)

DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)

DRV - (Mkd2kfNt) -- C:\Windows\System32\drivers\Mkd2kfNT.sys (AhnLab, Inc.)

DRV - (Mkd2Nadr) -- C:\Windows\System32\drivers\Mkd2Nadr.sys (AhnLab, Inc.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (V0260VID) -- C:\Windows\System32\drivers\V0260Vid.sys (Creative Technology Ltd.)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)

DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia)

DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia)

DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)

DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)

DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)

DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)

DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)

DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)

DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)

DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)

DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)

DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)

DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)

DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)

DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)

DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)

DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)

DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)

DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)

DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)

DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)

DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)

DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)

DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)

DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)

DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)

DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)

DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)

DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)

DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)

DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)

DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)

DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)

DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)

DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)

DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)

DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))

DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))

DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)

DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-316284770-1064195047-592160855-1000\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program\Family Toolbar\tbhelper.dll ()

IE - HKU\S-1-5-21-316284770-1064195047-592160855-1000\S-1-5-21-316284770-1064195047-592160855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-316284770-1064195047-592160855-1000\S-1-5-21-316284770-1064195047-592160855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.myheritage.com/"

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.5

FF - prefs.js..keyword.URL: "http://search.myheritage.com/?orig=ds&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-06 03:31:51 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-06 03:31:51 | 00,000,000 | ---D | M]

[2008-08-26 19:11:47 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\mozilla\Extensions

[2010-01-19 21:25:34 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\mozilla\Firefox\Profiles\jh2fjusv.default\extensions

[2009-04-30 20:48:37 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Diogo Moreira\AppData\Roaming\mozilla\Firefox\Profiles\jh2fjusv.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}

[2009-11-15 02:32:43 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\mozilla\Firefox\Profiles\jh2fjusv.default\extensions\firebug@software.joehewitt.com

[2010-01-16 22:29:40 | 00,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions

[2009-04-29 21:15:15 | 00,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions\talkback@mozilla.org

[2009-05-20 00:49:50 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

[2009-08-17 06:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program\Mozilla Firefox\plugins\npijjiFFPlugin1.dll

[2009-11-21 07:47:51 | 00,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml

[2009-08-18 04:39:36 | 00,003,801 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\MyHeritage.xml

[2009-11-21 07:47:51 | 00,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml

[2009-11-21 07:47:51 | 00,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml

[2009-11-21 07:47:51 | 00,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml

[2009-11-21 07:47:51 | 00,000,647 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program\Family Toolbar\tbcore3.dll ()

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program\Family Toolbar\tbcore3.dll ()

O3 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program\Family Toolbar\tbcore3.dll ()

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast!] C:\Program\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [DPService] C:\Program Files\HP\DVDPlay\DPService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [Family Tree Builder Update] C:\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HP Software Update] C:\Program\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpqSRMon] C:\Program\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)

O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)

O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)

O4 - HKU\S-1-5-21-316284770-1064195047-592160855-1000..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)

O4 - HKU\S-1-5-21-316284770-1064195047-592160855-1000..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)

O4 - HKU\S-1-5-21-316284770-1064195047-592160855-1000..\Run: [FreeCall] C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe (FreeCall)

O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)

O4 - Startup: C:\Users\João Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\xfire.exe File not found

O4 - Startup: C:\Users\Tiago Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Helper.lnk = C:\Program\Last.fm\LastFMHelper.exe (Last.fm)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 128

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 128

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 128

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 128

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-316284770-1064195047-592160855-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Diogo Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206480373480 (WUWebControl Class)

O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} http://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)

O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab (UnoCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)

O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} http://cdn1.acclaimdownloads.com/solidstateion.cab (CSolidBrowserObj Object)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007-05-26 17:05:01 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010-01-13 23:11:43 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010-01-13 23:11:43 | 00,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-01-16 22:28:59 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010-01-16 22:28:59 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010-01-16 22:28:59 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010-01-15 21:07:01 | 00,000,000 | ---D | C] -- C:\ToolBar SD

[2010-01-15 20:11:40 | 00,000,000 | ---D | C] -- C:\toolB

[2010-01-15 08:29:55 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010-01-15 08:29:47 | 00,000,000 | ---D | C] -- C:\Users\Diogo Moreira\AppData\Local\temp

[2010-01-14 21:15:26 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010-01-14 21:15:26 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010-01-14 21:15:26 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010-01-14 21:15:26 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010-01-14 21:14:55 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010-01-14 21:12:18 | 00,000,000 | ---D | C] -- C:\ComboFix

[2010-01-14 21:10:17 | 00,000,000 | ---D | C] -- C:\Qoobox

[2010-01-13 23:11:43 | 00,000,000 | R--D | C] -- C:\autorun.inf

[2010-01-13 22:56:23 | 00,000,000 | ---D | C] -- C:\UsbFix

[2010-01-12 23:04:52 | 00,000,000 | ---D | C] -- C:\_OTL

[2010-01-10 07:26:52 | 00,543,744 | ---- | C] (OldTimer Tools) -- C:\Users\Diogo Moreira\Desktop\OTL.exe

[2010-01-08 04:49:56 | 00,000,000 | ---D | C] -- C:\Users\Diogo Moreira\AppData\Roaming\Malwarebytes

[2010-01-08 04:49:49 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010-01-08 04:49:46 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010-01-08 04:49:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010-01-08 04:49:45 | 00,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2009-12-31 13:13:59 | 00,000,000 | ---D | C] -- C:\Program\Trend Micro

[2009-12-28 22:49:37 | 00,000,000 | ---D | C] -- C:\Program\Marcos Velasco Security

[2009-12-23 05:16:38 | 00,000,000 | ---D | C] -- C:\Users\Diogo Moreira\Desktop\ffgg

[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-01-19 22:56:01 | 04,980,736 | -HS- | M] () -- C:\Users\Diogo Moreira\ntuser.dat

[2010-01-19 22:55:00 | 00,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C317DACC-71D5-431E-8CDD-7C664B22605B}.job

[2010-01-19 22:25:11 | 00,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010-01-19 21:59:41 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-01-19 21:59:41 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-01-19 20:59:47 | 00,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010-01-19 20:59:41 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-01-19 20:59:31 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-01-19 20:59:27 | 30,854,92224 | -HS- | M] () -- C:\hiberfil.sys

[2010-01-19 07:01:05 | 02,448,023 | -H-- | M] () -- C:\Users\Diogo Moreira\AppData\Local\IconCache.db

[2010-01-18 00:44:56 | 00,861,184 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\Två sjukdomar.ppt

[2010-01-18 00:20:48 | 00,030,299 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\cirrhosis2.jpg

[2010-01-18 00:00:21 | 00,023,273 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\hep_c_epi.jpg

[2010-01-17 23:23:43 | 00,022,438 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\hepatitis-b-prevalence.gif

[2010-01-17 23:15:30 | 00,024,369 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\hepatitis-a-prevalence.gif

[2010-01-17 21:41:32 | 00,035,840 | ---- | M] () -- C:\Users\Diogo Moreira\Jästlabb.doc

[2010-01-17 19:27:49 | 00,400,281 | ---- | M] () -- C:\Users\Diogo Moreira\Två sjukdomar.pptx

[2010-01-17 19:11:01 | 00,299,241 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\Cocci 100x.jpg

[2010-01-16 22:28:22 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010-01-16 22:28:22 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010-01-16 22:28:22 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010-01-16 22:28:21 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll

[2010-01-15 08:16:42 | 00,000,276 | ---- | M] () -- C:\Windows\system.ini

[2010-01-14 20:51:09 | 03,824,993 | R--- | M] () -- C:\Users\Diogo Moreira\Desktop\ComboFix.exe

[2010-01-14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2010-01-13 22:55:28 | 01,669,106 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\UsbFix.exe

[2010-01-10 20:21:46 | 00,020,503 | ---- | M] () -- C:\Users\Diogo Moreira\zsnesw.cfg

[2010-01-10 20:21:46 | 00,008,192 | ---- | M] () -- C:\Users\Diogo Moreira\smas_eng.srm

[2010-01-10 20:21:46 | 00,003,806 | ---- | M] () -- C:\Users\Diogo Moreira\zinput.cfg

[2010-01-10 20:21:38 | 00,282,459 | ---- | M] () -- C:\Users\Diogo Moreira\smas_eng.zst

[2010-01-10 19:31:51 | 00,002,480 | ---- | M] () -- C:\Users\Diogo Moreira\zmovie.cfg

[2010-01-10 07:26:58 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Users\Diogo Moreira\Desktop\OTL.exe

[2010-01-07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010-01-07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010-01-02 03:04:46 | 00,014,120 | ---- | M] () -- C:\Users\Diogo Moreira\Documents\1976prerecord16.jpg

[2009-12-31 13:14:00 | 00,001,876 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\HijackThis.lnk

[2009-12-30 08:02:49 | 01,785,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2009-12-29 18:58:16 | 00,126,112 | ---- | M] () -- C:\Users\Diogo Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

[2009-12-29 14:32:57 | 00,126,112 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT

[2009-12-27 15:00:36 | 00,116,621 | ---- | M] () -- C:\Users\Diogo Moreira\Desktop\sfffff.jpg

[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-01-18 20:34:54 | 30,854,92224 | -HS- | C] () -- C:\hiberfil.sys

[2010-01-18 00:44:52 | 00,861,184 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\Två sjukdomar.ppt

[2010-01-18 00:20:39 | 00,030,299 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\cirrhosis2.jpg

[2010-01-18 00:00:14 | 00,023,273 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\hep_c_epi.jpg

[2010-01-17 23:23:36 | 00,022,438 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\hepatitis-b-prevalence.gif

[2010-01-17 23:15:23 | 00,024,369 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\hepatitis-a-prevalence.gif

[2010-01-17 21:41:25 | 00,035,840 | ---- | C] () -- C:\Users\Diogo Moreira\Jästlabb.doc

[2010-01-17 19:27:46 | 00,400,281 | ---- | C] () -- C:\Users\Diogo Moreira\Två sjukdomar.pptx

[2010-01-17 19:10:48 | 00,299,241 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\Cocci 100x.jpg

[2010-01-14 21:15:26 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe

[2010-01-14 21:15:26 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010-01-14 21:15:26 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010-01-14 21:15:26 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010-01-14 21:15:26 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010-01-14 20:50:48 | 03,824,993 | R--- | C] () -- C:\Users\Diogo Moreira\Desktop\ComboFix.exe

[2010-01-13 22:55:19 | 01,669,106 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\UsbFix.exe

[2010-01-02 03:04:40 | 00,014,120 | ---- | C] () -- C:\Users\Diogo Moreira\Documents\1976prerecord16.jpg

[2010-01-02 00:24:01 | 01,318,157 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\Fermentos de Padeiro.pdf

[2010-01-01 23:28:07 | 00,665,289 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\Novo Livro de Receitas.pdf

[2009-12-31 13:14:00 | 00,001,876 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\HijackThis.lnk

[2009-12-27 15:00:31 | 00,116,621 | ---- | C] () -- C:\Users\Diogo Moreira\Desktop\sfffff.jpg

[2009-08-18 04:44:06 | 00,000,306 | ---- | C] () -- C:\Windows\MyHeritage.INI

[2009-08-18 04:39:08 | 00,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll

[2009-08-03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2008-11-16 22:16:34 | 00,000,133 | -H-- | C] () -- C:\Users\Diogo Moreira\AppData\Roaming\lakerda1967.sys

[2008-11-16 22:16:02 | 00,010,584 | ---- | C] () -- C:\Users\Diogo Moreira\AppData\Roaming\docXConverter (3).ini

[2008-10-12 18:18:44 | 00,000,037 | ---- | C] () -- C:\Windows\Viewer.ini

[2008-08-16 23:51:18 | 00,000,000 | ---- | C] () -- C:\Users\Diogo Moreira\AppData\Roaming\wklnhst.dat

[2008-08-11 10:08:52 | 00,000,998 | ---- | C] () -- C:\Windows\Mhpb.ini

[2008-06-11 17:04:53 | 00,000,033 | ---- | C] () -- C:\Windows\GunzLauncher.INI

[2008-01-22 22:51:40 | 02,035,712 | ---- | C] () -- C:\Windows\System32\libmysql.dll

[2008-01-05 22:46:36 | 00,008,717 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate

[2007-12-14 17:04:24 | 00,000,046 | ---- | C] () -- C:\Windows\QTW.INI

[2007-09-09 21:52:30 | 00,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2007-09-09 15:02:15 | 00,019,040 | ---- | C] () -- C:\Windows\System32\VRX1.DLL

[2007-09-09 15:02:14 | 00,027,136 | ---- | C] () -- C:\Windows\System32\VERMONT1.DLL

[2007-09-09 15:02:13 | 00,107,520 | ---- | C] () -- C:\Windows\System32\SIMFARM.DLL

[2007-09-09 13:33:25 | 00,002,019 | ---- | C] () -- C:\Windows\disney.ini

[2007-09-04 18:49:16 | 00,026,112 | ---- | C] () -- C:\Users\Diogo Moreira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007-08-23 17:13:00 | 00,000,025 | ---- | C] () -- C:\Windows\VSWizard.ini

[2007-05-26 16:49:22 | 00,000,673 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2007-05-26 16:25:51 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll

[2007-05-26 16:25:51 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll

[2007-03-29 22:00:40 | 00,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll

[2007-03-06 09:47:24 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini

[2007-01-12 06:07:48 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll

[2007-01-12 06:07:48 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll

[2006-11-02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2007-12-08 01:10:15 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Audacity

[2009-09-09 20:13:17 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Dev-Cpp

[2008-09-14 02:35:40 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\DNA

[2009-11-10 01:58:06 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\FileZilla

[2008-09-06 00:47:46 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\FreeCall

[2009-08-26 00:18:47 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\GetRightToGo

[2008-09-24 16:44:06 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\LimeWire

[2009-07-20 23:25:44 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\MilkShape 3D 1.x.x

[2009-08-18 04:46:47 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\MyHeritage

[2007-08-24 13:12:59 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Nokia

[2007-08-24 13:13:31 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Nokia Multimedia Player

[2009-02-14 18:16:56 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Notepad++

[2008-12-23 19:54:54 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Opera

[2007-08-24 13:09:22 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\PC Suite

[2009-08-18 04:38:49 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\The Complete Genealogy Reporter - FTB

[2009-08-27 14:06:13 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\Unity

[2009-12-20 21:00:49 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\uTorrent

[2008-08-07 02:24:09 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\WinBatch

[2008-08-07 15:20:28 | 00,000,000 | ---D | M] -- C:\Users\Diogo Moreira\AppData\Roaming\XericDesign

[2009-08-04 17:45:55 | 00,000,000 | ---D | M] -- C:\Users\Gäst\AppData\Roaming\Opera

[2009-07-30 21:58:40 | 00,000,000 | ---D | M] -- C:\Users\Gäst\AppData\Roaming\PC Suite

[2009-09-13 12:21:04 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\Dev-Cpp

[2008-09-04 18:18:49 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\DNA

[2009-12-11 19:32:25 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\HiYo

[2009-06-19 20:11:31 | 00,000,000 | -H-D | M] -- C:\Users\João Moreira\AppData\Roaming\ijjigame

[2009-01-22 16:54:29 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\LimeWire

[2007-12-28 12:55:49 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\Nokia

[2009-08-09 23:29:00 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\Opera

[2007-08-24 20:04:20 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\PC Suite

[2008-08-07 21:14:27 | 00,000,000 | ---D | M] -- C:\Users\João Moreira\AppData\Roaming\XericDesign

[2008-09-04 08:13:20 | 00,000,000 | ---D | M] -- C:\Users\Maria Moreira\AppData\Roaming\DNA

[2009-11-16 20:10:19 | 00,000,000 | ---D | M] -- C:\Users\Maria Moreira\AppData\Roaming\LimeWire

[2007-10-28 17:15:31 | 00,000,000 | ---D | M] -- C:\Users\Maria Moreira\AppData\Roaming\PC Suite

[2008-06-27 19:15:01 | 00,000,000 | ---D | M] -- C:\Users\Maria Moreira\AppData\Roaming\PeerNetworking

[2008-12-08 18:06:35 | 00,000,000 | ---D | M] -- C:\Users\Maria Moreira\AppData\Roaming\SPORE Creature Creator

[2009-12-12 12:10:12 | 00,000,000 | ---D | M] -- C:\Users\Miguel Moreira\AppData\Roaming\PC Suite

[2009-08-27 18:53:56 | 00,000,000 | ---D | M] -- C:\Users\Nuno Moreira\AppData\Roaming\LimeWire

[2008-09-23 16:44:03 | 00,000,000 | ---D | M] -- C:\Users\Nuno Moreira\AppData\Roaming\Nokia

[2008-08-23 12:32:03 | 00,000,000 | ---D | M] -- C:\Users\Nuno Moreira\AppData\Roaming\PC Suite

[2009-12-23 18:28:44 | 00,000,000 | ---D | M] -- C:\Users\Nuno Moreira\AppData\Roaming\Unity

[2009-06-19 04:44:08 | 00,000,000 | ---D | M] -- C:\Users\Paulino Moreira\AppData\Roaming\LimeWire

[2007-08-25 04:29:39 | 00,000,000 | ---D | M] -- C:\Users\Paulino Moreira\AppData\Roaming\PC Suite

[2008-09-15 15:38:42 | 00,000,000 | ---D | M] -- C:\Users\Tiago Moreira\AppData\Roaming\DNA

[2009-06-20 13:49:16 | 00,000,000 | -H-D | M] -- C:\Users\Tiago Moreira\AppData\Roaming\ijjigame

[2009-08-06 14:07:08 | 00,000,000 | ---D | M] -- C:\Users\Tiago Moreira\AppData\Roaming\LimeWire

[2008-12-26 20:48:29 | 00,000,000 | ---D | M] -- C:\Users\Tiago Moreira\AppData\Roaming\Opera

[2007-08-24 19:10:31 | 00,000,000 | ---D | M] -- C:\Users\Tiago Moreira\AppData\Roaming\PC Suite

[2010-01-19 17:42:49 | 00,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010-01-19 22:55:00 | 00,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C317DACC-71D5-431E-8CDD-7C664B22605B}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Diogo Moreira\--- Pistols - Anarchy in the UK (Studio Version).mpg:TOC.WMV

@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

Extras.txt

OTL Extras logfile created on: 2010-01-19 22:52:11 - Run 2

OTL by OldTimer - Version 3.1.23.0 Folder = C:\Users\Diogo Moreira\Desktop

Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16681)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 225,97 Gb Total Space | 34,99 Gb Free Space | 15,48% Space Free | Partition Type: NTFS

Drive D: | 6,91 Gb Total Space | 1,26 Gb Free Space | 18,25% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: HEMDATORN

Current User Name: Diogo Moreira

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{115887A6-A666-450C-8B71-6B87C11B0557}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |

"{1F855F57-F4DF-4338-AD41-8311F7B756D1}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |

"{20BB9B22-039B-40B4-999F-FD0FAC594802}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2A6B5DDF-612F-4593-B1C3-D46327248CCE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{647F3252-36A3-4AED-A010-E744A9AD0D34}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{6C11B80C-7A41-4C00-853A-12B6F8DDAA40}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |

"{782C202A-EB7B-44A9-A724-29C91060DD40}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |

"{79F9CDB2-565D-43B8-9364-F6A609DB8BA1}" = lport=23875 | protocol=17 | dir=in | name=bitcomet 23875 udp |

"{87E59933-AF59-4EA7-9D3C-52F74B8D5467}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |

"{94DA2378-A56C-4488-9C12-C00190A6E08C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{96CD7EBE-A6A8-4FA9-BBAB-AA01F7458AFA}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |

"{9E691FA8-21EF-49EE-BF3B-263CB153D425}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |

"{A5D7C439-DF5C-4D70-A12E-B3F468A89DBD}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |

"{A87420C6-10EF-4644-8CC9-F8B6BE9918ED}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |

"{AB3D9BF2-D12F-4AF5-84AF-28ECADAA7593}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{AD5908E1-6714-4F54-ADB8-3775B7CBC073}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{AF62A2C0-8A33-4413-952E-F77576C05FFC}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |

"{B0175A82-90E5-4D0F-B4E2-A892575D11ED}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |

"{B1558C20-0114-4684-A350-7FD6528863A0}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |

"{B669A0DA-8715-4A8A-8446-73A740EDFCD6}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |

"{C617B06F-D3C5-4EA5-BFDB-CD4FC353E5EB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |

"{CDDA243E-DE38-4549-B690-11330128F36B}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |

"{CE48D8F7-9553-4032-991F-343C452FE412}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{D8E5B3CA-8948-4CCB-98E9-0AEC43DF1E8A}" = lport=23875 | protocol=6 | dir=in | name=bitcomet 23875 tcp |

"{F142780E-6014-49BC-AF09-9FCB008F0559}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |

"{F570CD31-1C82-42A3-A0CD-19DBBC22C202}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00877FA8-9D5C-449A-881C-B3CD015A5C99}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |

"{0616A73A-8538-4743-9683-64ABA3769865}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |

"{11AD0596-8659-42A7-8180-B949495E47B3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{1B262A85-71D6-4C58-B8A8-BB990A04AEDF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{22729031-37CF-4FDE-8F44-87519940A615}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |

"{24FCD4FF-5A50-46E8-9695-635BE87A2C1F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |

"{2561E435-7378-4512-9BD6-5C581460ADA4}" = protocol=17 | dir=in | app=c:\program files\codemasters\ebay motors grid demo\grid.exe |

"{25C77B8D-9C2C-4373-98DF-5513ABAEC9D3}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |

"{297C3ED5-589E-431F-A0CE-FBBEFDDC2440}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |

"{3D94E7A4-387C-4030-9DB4-06B33BC17987}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{400AEB66-E9F7-4E2B-8892-D680F2EAA1DB}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |

"{471816D8-7812-4344-93F8-173CCA5A9B5B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |

"{5B350E45-C685-4823-9DA2-22028BDFF90E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{68A848DA-9FE5-467C-B228-D5426CAB6D2C}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |

"{733ACD9A-A9C6-44ED-9DB4-65F556E676DA}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |

"{74B206CF-25FB-4262-8443-FA0F8C0F68C1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{74DE3BF7-86E1-4D95-B760-201930ABEA32}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |

"{83C8BEE0-D7E9-4686-9468-BD2A9ED5B2B9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{86A0E401-FC79-430C-B963-46D47A8CADF3}" = dir=in | app=c:\program files\hp\dvdplay\dpservice.exe |

"{9476AA0E-0F22-4D1E-AE96-27ED4E5FF9AD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{997D61D7-E337-495E-A516-DDCC682B1E7C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{ADD2CB0E-00F7-42F3-9649-9C6F5734F7AD}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |

"{B17A003D-D6A0-4404-85C6-F6B383844D2F}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |

"{B3564C90-99EC-4D16-91F4-A28887502DFE}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |

"{B4EF61D5-4BC0-4CBD-B1A6-6910A7F95287}" = dir=in | app=c:\program files\hp\dvdplay\dvdplay.exe |

"{B94465F0-5FC5-42C0-A91E-827042F58669}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |

"{BC72FC7C-77AC-4102-B317-A651F142A421}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |

"{C2A15EFE-21E3-4FC5-9673-F530E56AFA3F}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |

"{C9962762-0E1F-4086-886F-4F388573A90D}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |

"{DF212704-45FD-4A3F-9D1B-88B62599CA4C}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |

"{E8A22795-4BC9-4E11-BFEA-096E254484C6}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |

"{EBC6EF54-04AD-4FBC-A18D-38E8EA10E458}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{EC59250A-54E8-441A-9657-C4A13E2A9DD5}" = protocol=6 | dir=in | app=c:\program files\codemasters\ebay motors grid demo\grid.exe |

"{FE3D7512-837F-4F75-A4E2-B107C52945B7}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |

"TCP Query User{012AA07F-206E-48EE-8DB5-A248DC7FBA75}C:\program files\apache software foundation\apache2.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files\apache software foundation\apache2.2\bin\httpd.exe |

"TCP Query User{2282FDE9-2E3B-412F-89F9-49F977B36CC6}C:\ijji\english\u_gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_gunz.exe |

"TCP Query User{2BC2C832-4CD7-47E9-A123-381241409104}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"TCP Query User{31D463F5-9791-4352-B2F2-F931E3056948}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{377646B3-0670-4FA1-9548-DA2C7DF80A56}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{46199084-5A8E-43F0-9F61-FF452B1CD25E}C:\program files\activision\mat hoffman's pro bmx\bmx.exe" = protocol=6 | dir=in | app=c:\program files\activision\mat hoffman's pro bmx\bmx.exe |

"TCP Query User{5A20E7EB-713A-4230-BF01-64978DA4FE19}C:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe" = protocol=6 | dir=in | app=c:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe |

"TCP Query User{5DF37610-DB71-4250-9DE3-1AC77681DB3B}C:\program files\softnyx\rakion\bin\rakion.bin" = protocol=6 | dir=in | app=c:\program files\softnyx\rakion\bin\rakion.bin |

"TCP Query User{8795A830-A9D0-4616-BEA3-48A21378B45F}C:\program files\last.fm\lastfm.exe" = protocol=6 | dir=in | app=c:\program files\last.fm\lastfm.exe |

"TCP Query User{8CC30C91-2528-4587-BBFF-312225BD4099}C:\program files\bots\bots.dat" = protocol=6 | dir=in | app=c:\program files\bots\bots.dat |

"TCP Query User{B18B366C-ED6B-454F-9A23-A2B8CA7E2D6A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

"TCP Query User{B68A4795-56C4-4286-B52F-84018C13D2C0}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"TCP Query User{B7590A5D-335F-4562-860A-17C98715BA50}C:\users\maria moreira\appdata\local\virtualstore\program files\bots\bots.dat" = protocol=6 | dir=in | app=c:\users\maria moreira\appdata\local\virtualstore\program files\bots\bots.dat |

"TCP Query User{C31DD662-7F0E-475C-9233-2EC97C37E228}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |

"TCP Query User{DBFE6BED-9C87-4648-8172-3968DEE303FE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |

"TCP Query User{F89280D3-3F8D-41BF-B57A-742B7CD3EAD0}C:\program files\google\google sketchup 6\sketchup.exe" = protocol=6 | dir=in | app=c:\program files\google\google sketchup 6\sketchup.exe |

"UDP Query User{07E33FAC-845A-4DC5-8CA5-D3E6002626E2}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{0C83855C-FAA8-4AB9-859A-56EF8738700E}C:\program files\activision\mat hoffman's pro bmx\bmx.exe" = protocol=17 | dir=in | app=c:\program files\activision\mat hoffman's pro bmx\bmx.exe |

"UDP Query User{19DB30AC-C9D5-4058-9208-25FBC2FAE46B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{1BC670FC-00E6-4A79-A5F8-FC19A4C53C5C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

"UDP Query User{263E586F-31E1-4B53-9E0A-8BEB77F697CF}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |

"UDP Query User{2B486FFE-8AC9-4953-BB50-5337BE6FAF6E}C:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe" = protocol=17 | dir=in | app=c:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe |

"UDP Query User{30BDC1EE-F546-46A9-97CF-A0970971CD7D}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |

"UDP Query User{31AB5F89-F3E3-4949-8216-57846C5AEA69}C:\program files\apache software foundation\apache2.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files\apache software foundation\apache2.2\bin\httpd.exe |

"UDP Query User{3ECE0100-1B8F-4C11-BEE0-B01C3928B52F}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"UDP Query User{3F39EEDF-8987-4F2B-A8AE-3D6E6F98E9C6}C:\users\maria moreira\appdata\local\virtualstore\program files\bots\bots.dat" = protocol=17 | dir=in | app=c:\users\maria moreira\appdata\local\virtualstore\program files\bots\bots.dat |

"UDP Query User{4767F644-507B-493A-87B2-3C6B3835AD3E}C:\ijji\english\u_gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_gunz.exe |

"UDP Query User{57AE5FB2-628E-4522-9AA5-C2221F657D40}C:\program files\bots\bots.dat" = protocol=17 | dir=in | app=c:\program files\bots\bots.dat |

"UDP Query User{994E343F-9E3E-4F59-9E7C-CCA694FF3C42}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"UDP Query User{CEB89536-30BC-4EA2-B953-A0115ABF0545}C:\program files\google\google sketchup 6\sketchup.exe" = protocol=17 | dir=in | app=c:\program files\google\google sketchup 6\sketchup.exe |

"UDP Query User{F1699B19-165C-4A85-A857-69CF1CB7CB0F}C:\program files\last.fm\lastfm.exe" = protocol=17 | dir=in | app=c:\program files\last.fm\lastfm.exe |

"UDP Query User{FFEFBA98-8348-4A85-AC09-3835CF55E22F}C:\program files\softnyx\rakion\bin\rakion.bin" = protocol=17 | dir=in | app=c:\program files\softnyx\rakion\bin\rakion.bin |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3

"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = The Sims 2 Studentliv

"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{08A247F5-E34F-4D17-8731-0906DF56947E}" = Windows Live Sync

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE

"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data

"{111E336D-30BF-4CD4-8D69-4541732AFB27}" = Peter Jackson's King Kong - The Official Game of the Movie

"{11964613-805F-432D-A12B-169554B793E7}" = Nokia Connectivity Cable Driver

"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive

"{12E75B98-8463-4C1F-8DDA-F6CF31566A55}" = Google SketchUp Pro 6

"{14FB2C18-CFC1-4DF4-A9CF-BAD3CCB5AAFD}" = Windows Live Toolbar

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{1A8BAA46-1179-4743-B00E-51B794A018B0}" = Windows Live Writer

"{1BC4026B-1957-4514-9058-2B542557F143}" = Opera 9.63

"{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer

"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = DVD Play

"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Djurliv

"{4C964B9E-F8B0-4E60-8D1D-392CD77FA6F9}" = RagnarokOnline-Valkyrie

"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{54A90A9E-E537-11DE-811A-005056806466}" = Google Earth Plug-in

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5A70922D-9365-43CC-ADA9-CB84E4A54E4E}" = Windows Live Essentials

"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy

"{623446F8-D2D4-4942-9CA2-9D71ED8B24E9}" = Football Generation

"{65F6D25C-2B2B-4673-A81D-E7D7D72B29E4}" = Windows Live Family Safety

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0

"{6B30FB1E-9F4A-49BA-9D74-174F1ECEB59D}" = Windows Live inloggningsassistenten

"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Arbetsliv

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support

"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio

"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}" = Apache HTTP Server 2.2.8

"{8626171E-41C9-47D2-A24A-FF6231E4F688}" = eBay Motors GRID Demo

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8AA037A8-E104-493A-A962-8D58535A0198}" = MySQL Server 5.0

"{8BA42EAE-19AD-4bf2-88C0-0232B1FBFDE2}" = Microsoft Works

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{9085041D-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings

"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime

"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter and the Goblet of Fire™

"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6

"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution

"{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}" = The Sims Makin' Magic

"{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback

"{A1288842-D600-453F-B61F-6C2AA3D6A528}" = Ragnarok Online

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A347C572-F7B4-43A3-BD51-FFC99184F70D}" = Jurassic Park Operation Genesis

"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter and the Prisoner of Azkaban

"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite

"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1053-7B44-A81200000003}" = Adobe Reader 8.1.2 - Svenska

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers

"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Livet i lägenhet

"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3

"{C12D609B-EB71-411B-82C3-9BE6D40435D7}" = Google SketchUp LayOut 6

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C3FE3DD5-92E1-4EC3-BD6B-822DD99E8991}" = Windows Live Photo Gallery

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{CFB8F552-804D-4A8E-00AD-F5A5671C82EF}" = Harry Potter II - Demo 1

"{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}" = VP6 Decoder

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D17D8B97-F937-432F-88BD-382727D34441}" = EuropeMapleStory

"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{DA15D535-5E1D-4076-B520-8571346D6238}" = Norton Security Scan

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Året runt

"{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E31AC44E-2171-4BDF-AB11-B73FA70B7560}" = Adobe Setup

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{E8A23C59-0C28-4ADD-A29B-E2DEC3D72D81}" = Adobe Dreamweaver CS3

"{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}" = Google SketchUp 6 Exporters

"{EC928237-A3BD-4640-ABD0-E49E758F2315}" = Windows Live Messenger

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nattliv

"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter och Halvblodsprinsen™

"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update

"{FF4F668A-E199-431A-8D93-B2FD14FE3C5C}" = Windows Live Movie Maker

"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-drivrutinspaket - Nokia Modem (02/15/2007 3.1)

"4077F884D1BB007055BDB83B621D87220A73F30F" = Windows-drivrutinspaket - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player

"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3

"Adobe_b3cfa559ce37a120d439ea67f79a7a9" = Adobe Dreamweaver CS3

"AhnLab Online Security" = AhnLab Online Security

"avast!" = avast! Antivirus

"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-drivrutinspaket - Nokia Modem (02/15/2007 3.1)

"BOTS Uninstall" = BOTS Uninstall

"CABAL Online (Europe)_is1" = CABAL Online

"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-drivrutinspaket - Nokia Modem (05/24/2007 6.84.0.1)

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52

"Creative VF0260" = Creative Live! Cam Vista IM Driver (1.10.04.00)

"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)

"EarthDesk" = EarthDesk

"ENTERPRISE" = Microsoft Office Enterprise 2007

"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.02

"Family Tree Builder" = MyHeritage Family Tree Builder

"FileZilla Client" = FileZilla Client 3.3.0

"Fraps" = Fraps (remove only)

"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.4

"FreeCall_is1" = FreeCall

"Gunz" = ijji - Gunz

"HijackThis" = HijackThis 2.0.2

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D}" = Jurassic Park Operation Genesis

"LastFM_is1" = Last.fm 1.5.4.24567

"LimeWire" = LimeWire 4.16.6

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"Maestro-K34P-5STG-T7VR4V71LIZJ" = Gustaf - LÄSNING 6-7

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mat Hoffman's Pro BMX" = Mat Hoffman's Pro BMX

"McDonald's Dragons " = McDonald's Dragons

"MediaCoder" = MediaCoder 0.6.0

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"MilkShape 3D 1.8.4" = MilkShape 3D 1.8.4

"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)

"MV RegClean 5.9_is1" = MV RegClean 5.9

"Nokia PC Suite" = Nokia PC Suite

"Notepad++" = Notepad++

"NVIDIA Drivers" = NVIDIA Drivers

"OpenAL" = OpenAL

"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator

"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools

"Pet Soccer" = Pet Soccer

"RealPlayer 6.0" = RealPlayer

"SimCity2000CDv1" = SimCity 2000® Special Edition

"SimPE_is1" = SimPE 0.72 (alpha)

"SolidStateIONIE" = Solid State ION Internet Explorer Plugin

"UnityWebPlayer" = Unity Web Player

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

"VLC media player" = VLC media player 0.9.6

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-316284770-1064195047-592160855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent DNA" = DNA

"ijji FireFox Launcher" = ijji FireFox Launcher 1.0

"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 2008-12-20 16:48:49 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\Contacts\anamoreira45@hotmail.com\contactcoll.cache failed,

000005AD.

Error - 2008-12-20 17:36:53 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\Contacts\anamoreira45@hotmail.com\contactcoll.cache failed,

000005AD.

Error - 2008-12-20 17:38:10 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\AppData\Local\Microsoft\Messenger\anamoreira45@hotmail.com\SharingMetadata\Working\database_AC8C_DAD9_8CDA_9D60\dfsr.db

failed, 000005AD.

Error - 2008-12-20 17:38:12 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\AppData\Local\Microsoft\Messenger\anamoreira45@hotmail.com\SharingMetadata\Working\database_AC8C_DAD9_8CDA_9D60\dfsr.db

failed, 000005AD.

Error - 2008-12-20 17:38:12 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\AppData\Local\Microsoft\Messenger\anamoreira45@hotmail.com\SharingMetadata\Working\database_AC8C_DAD9_8CDA_9D60\dfsr.db

failed, 000005AD.

Error - 2008-12-20 17:38:12 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\AppData\Local\Microsoft\Messenger\anamoreira45@hotmail.com\SharingMetadata\Working\database_AC8C_DAD9_8CDA_9D60\dfsr.db

failed, 000005AD.

Error - 2008-12-20 17:39:15 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Users\Diogo Moreira\AppData\Local\Microsoft\Messenger\anamoreira45@hotmail.com\SharingMetadata\anairia_20@hotmail.com\DFSR\Staging\CS{BC21811C-F29F-CAF8-DE99-53D9C8C443CB}\72\720-{F8C895C5-FCB7-40E6-8833-B86E42331710}-v272-{9023788D-A329-4CB1-BD1A-EFCC11CB943D}-v720-Downloading.frx

failed, 000005AD.

Error - 2009-04-08 02:05:20 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = Internal error has occurred in module basEncodeFileToSubmit failed!

, function 00000002.

Error - 2009-04-08 03:58:43 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Setup.exe failed, 00000015.

Error - 2009-06-24 15:02:22 | Computer Name = Hemdatorn | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\Program Files\Symantec\LiveUpdate\UNRAR.DLL failed, 00000005.

[ Application Events ]

Error - 2010-01-19 07:57:35 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 07:59:28 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 08:54:59 | Computer Name = Hemdatorn | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet LastFMHelper.exe, version 1.4.2.59470,

tidsstämpel 0x4783a375, felet uppstod i modulen Moose1.dll!?helperControlPort@LastFmSettin,

version 6.0.6000.16386, tidsstämpel 0x4549bdc9, undantagskod 0xc0000139, felförskjutning

0x00008fc7, process-ID 0xcfc, programmets starttid 0x01ca990691e2f503.

Error - 2010-01-19 08:55:43 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 08:57:16 | Computer Name = Hemdatorn | Source = WerSvc | ID = 5007

Description =

Error - 2010-01-19 10:58:45 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 16:00:00 | Computer Name = Hemdatorn | Source = WerSvc | ID = 5007

Description =

Error - 2010-01-19 16:00:00 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 16:00:01 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 2010-01-19 16:06:02 | Computer Name = Hemdatorn | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

[ OSession Events ]

Error - 2008-12-02 17:41:37 | Computer Name = Hemdatorn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 35

seconds with 0 seconds of active time. This session ended with a crash.

Error - 2009-06-29 08:44:38 | Computer Name = Hemdatorn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8

seconds with 0 seconds of active time. This session ended with a crash.

Error - 2009-06-29 08:45:01 | Computer Name = Hemdatorn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 0

seconds with 0 seconds of active time. This session ended with a crash.

Error - 2009-06-29 08:45:18 | Computer Name = Hemdatorn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 24

seconds with 0 seconds of active time. This session ended with a crash.

Error - 2009-10-22 02:44:26 | Computer Name = Hemdatorn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23

seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 2010-01-19 08:03:25 | Computer Name = Hemdatorn | Source = DCOM | ID = 10010

Description =

Error - 2010-01-19 08:13:16 | Computer Name = Hemdatorn | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2010-01-19 15:59:06 | Computer Name = Hemdatorn | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS har inte någon IRQ för enheten i PCI-fack 9, funktion

0. Kontakta återförsäljaren för teknisk support.

Error - 2010-01-19 15:59:06 | Computer Name = Hemdatorn | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS har inte någon IRQ för enheten i PCI-fack 11, funktion

0. Kontakta återförsäljaren för teknisk support.

Error - 2010-01-19 15:59:07 | Computer Name = Hemdatorn | Source = Application Popup | ID = 875

Description = Drivrutinen sfvfs02.sys har blockerats för inläsning

Error - 2010-01-19 16:01:08 | Computer Name = Hemdatorn | Source = Service Control Manager | ID = 7000

Description =

Error - 2010-01-19 16:01:08 | Computer Name = Hemdatorn | Source = Service Control Manager | ID = 7000

Description =

Error - 2010-01-19 16:01:08 | Computer Name = Hemdatorn | Source = Service Control Manager | ID = 7026

Description =

Error - 2010-01-19 16:05:31 | Computer Name = Hemdatorn | Source = DCOM | ID = 10010

Description =

Error - 2010-01-19 16:15:52 | Computer Name = Hemdatorn | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

< End of report >

Malwarebytes:

Malwarebytes' Anti-Malware 1.44

Versão do banco de dados: 3594

Windows 6.0.6000

Internet Explorer 7.0.6000.16681

2010-01-19 07:00:53

mbam-log-2010-01-19 (07-00-53).txt

Tipo de Verificação: Completa (C:\|D:\|)

Objetos verificados: 603419

Tempo decorrido: 10 hour(s), 17 minute(s), 58 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registo infectadas: 0

Valores do Registo infectados: 0

Ítens do Registo infectados: 0

Pastas infectadas: 0

Ficheiros infectados: 0

Processos da Memória infectados:

(Nenhum item malicioso foi detectado)

Módulos de Memória Infectados:

(Nenhum item malicioso foi detectado)

Chaves do Registo infectadas:

(Nenhum item malicioso foi detectado)

Valores do Registo infectados:

(Nenhum item malicioso foi detectado)

Ítens do Registo infectados:

(Nenhum item malicioso foi detectado)

Pastas infectadas:

(Nenhum item malicioso foi detectado)

Ficheiros infectados:

(Nenhum item malicioso foi detectado)

PedroN · Janeiro 20, 2010

Ok, o log está limpo.

Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /uninstall --> Clique OK.

Algum problema?

_The_Punk_Rocker_ · Janeiro 21, 2010

Sim... :( As animações continuam a encravar e os programas que de repente deixaram de funcionar não abrem á mesma... :S

PedroN · Janeiro 21, 2010

Faça o download do Kaspersky Virus Removal Tool.

Salve-o na pasta de Arquivos de programas.

Instale o programa seguindo todos os seus passos.

Não faça ainda scan!

Reinicie o PC em Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança).

Se não for possível executar o computador em Modo Seguro, faça o escaneamento no Modo Normal.

Na tela principal do programa marque todas as caixas disponíveis, como mostra a imagem abaixo:

• Clique no botão Scan.

• Seja paciente, o Scan pode demorar.

• Se ele encontrar alguma infecção, confirme a solicitação de desinfectar os arquivos infectados (Disinfect). Caso não seja possível desinfectá-los, escolha a opção de removê-los (Delete).

• Após completar tudo, clique na aba Events, desmarque a caixa de seleção Show All Events e depois clique em Reports... e clique em Save to file. Poste o log na sua próxima resposta.

_The_Punk_Rocker_ · Janeiro 23, 2010

Estranho... Fiz o scan, desinfectei os arquivos e fartei-me de procurar pela aba events, mas não encontrei. E quando vou a reports e procuro por "Save to file", também não encontro isso. O meu kaspersky virus removal tool é a versão 2010!

PedroN · Janeiro 24, 2010

Faça o download do ComboFix de um destes locais:

Link 1.

Link 2.

Link 3.

Importante!

Você não deve usar Combofix a menos que você tenha sido instruído a fazê-lo por um análista de segurança.

Destina-se pelo seu criador para ser utilizado sob orientação e supervisão de um especialista, e não para uso privado.

Utilizando esta ferramenta incorreto poderia levar a desastrosa problemas com o seu sistema operacional.

Certifique-se de que você salvou ComboFix.exe para o seu desktop.

• Desabilite o seu Antivírus e AntiSpyware , geralmente através de um clique direito sobre o ícone da bandeja do sistema. Eles podem interferir na execução da ferramenta.

• Dê um duplo clique no ComboFix.exe & siga as instruções.

• Como parte de seu processo, ComboFix irá verificar se o Microsoft Windows Recovery Console está instalado. Como as infecções de malware são hoje, é fortemente recomendado que esteja pré-instalado em sua máquina antes de fazer qualquer remoção de malware. Ela permitirá que você arrancar em especial uma recuperação / reparação modo a permitir-nos-á mais fácil ajudá-lo a seu computador deve ter um problema após uma tentativa de remoção de malware.

• Siga as instruções para permitir ComboFix para baixar e instalar o Microsoft Windows Recovery Console e, quando for solicitado, concordar com o End-User License Agreement para instalar o Microsoft Windows Recovery Console.

-- Atenção: Se a consola de recuperação do Microsoft Windows já estiver instalado, ComboFix irá continuar a sua remoção malware procedimentos.

Uma vez que o Microsoft Windows Recovery Console é instalado usando o ComboFix, você deverá ver a seguinte mensagem:

Clique em Sim, para continuar a varredura de malware.

Quando terminar, ela deve produzir um log para você. Poste o relatorio do combofix que estar em C: \ ComboFix.txt junto com um log do hijackthis.

_The_Punk_Rocker_ · Janeiro 25, 2010

Agora o ComboFix fica sempre na "Tentativa de criar um novo ponto de restauração"! O que devo fazer? :S

PedroN · Janeiro 26, 2010

Proceguir com o processo amigo, sem problemas.

_The_Punk_Rocker_ · Janeiro 27, 2010

Aqui vão os logs :) :

ComboFix:

ComboFix 10-01-26.02 - Diogo Moreira 2010-01-27 0:48.2.1 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.351.1053.18.2942.1978 [GMT 1:00]

Executando de: c:\users\Diogo Moreira\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\DIOGOM~1\AppData\Local\Temp\BITA805.tmp

c:\windows\Fonts\MyriadPro-Regular.otf

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-12-27 to 2010-01-27 ))))))))))))))))))))))))))))

.

2010-01-27 18:03 . 2010-01-27 18:11 -------- d-----w- c:\users\Diogo Moreira\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Paulino Moreira\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Nuno Moreira\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Miguel Moreira\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Maria Moreira\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\users\Tiago Moreira\AppData\Local\temp

2010-01-25 19:02 . 2010-01-25 19:02 -------- d--h--r- c:\users\Miguel Moreira\AppData\Roaming\SecuROM

2010-01-25 17:31 . 2010-01-25 17:31 -------- d--h--r- c:\users\Nuno Moreira\AppData\Roaming\SecuROM

2010-01-23 19:34 . 2010-01-26 19:50 680 ----a-w- c:\users\Diogo Moreira\AppData\Local\d3d9caps.dat

2010-01-22 19:54 . 2010-01-23 13:13 -------- d-----w- c:\programdata\Kaspersky Lab

2010-01-22 19:52 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\73506512.sys

2010-01-22 19:52 . 2009-10-09 21:31 311312 ----a-w- c:\windows\system32\drivers\7350651.sys

2010-01-22 19:52 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\73506511.sys

2010-01-22 18:35 . 2010-01-22 18:35 -------- d-----w- c:\users\Maria Moreira\AppData\Local\Opera

2010-01-16 14:15 . 2010-01-19 12:55 680 ----a-w- c:\users\Tiago Moreira\AppData\Local\d3d9caps.dat

2010-01-16 11:12 . 2010-01-21 10:06 -------- d-----w- c:\users\Miguel Moreira\AppData\Local\VirtualStore

2010-01-16 07:30 . 2010-01-25 17:43 -------- d-----w- c:\users\Nuno Moreira\AppData\Local\VirtualStore

2010-01-15 20:07 . 2010-01-15 20:10 -------- d-----w- C:\ToolBar SD

2010-01-15 19:11 . 2010-01-15 20:03 -------- d-----w- C:\toolB

2010-01-13 21:56 . 2010-01-13 22:58 -------- d-----w- C:\UsbFix

2010-01-12 22:04 . 2010-01-12 22:04 -------- d-----w- C:\_OTL

2010-01-08 03:49 . 2010-01-08 03:49 -------- d-----w- c:\users\Diogo Moreira\AppData\Roaming\Malwarebytes

2010-01-08 03:49 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-08 03:49 . 2010-01-08 03:49 -------- d-----w- c:\programdata\Malwarebytes

2010-01-08 03:49 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-08 03:49 . 2010-01-09 16:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-31 12:13 . 2009-12-31 12:13 -------- d-----w- c:\program files\Trend Micro

2009-12-28 21:49 . 2009-12-28 21:49 -------- d-----w- c:\program files\Marcos Velasco Security

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-25 17:06 . 2008-09-09 16:34 -------- d-----w- c:\program files\Electronic Arts

2010-01-25 05:04 . 2008-08-30 04:38 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-24 10:33 . 2008-04-26 15:20 -------- d-----w- c:\users\Maria Moreira\AppData\Roaming\LimeWire

2010-01-22 17:15 . 2007-09-02 05:59 -------- d-----w- c:\users\Paulino Moreira\AppData\Roaming\LimeWire

2010-01-18 02:06 . 2008-10-26 02:27 -------- d-----w- c:\programdata\Microsoft Help

2010-01-16 21:28 . 2009-05-10 14:48 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-01-16 21:28 . 2007-08-23 17:25 -------- d-----w- c:\program files\Java

2010-01-16 13:46 . 2007-08-23 23:25 -------- d-----w- c:\programdata\Messenger Plus!

2010-01-16 13:35 . 2007-08-23 18:03 -------- d-----w- c:\program files\Messenger Plus! Live

2010-01-16 08:43 . 2007-08-23 16:38 126112 ----a-w- c:\users\Tiago Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2010-01-15 10:56 . 2008-05-23 15:21 -------- d-----w- c:\program files\Football Generation

2010-01-14 10:12 . 2009-10-04 00:21 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-01-01 08:16 . 2007-10-28 16:16 126112 ----a-w- c:\users\Maria Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-30 05:24 . 2007-08-23 16:19 126112 ----a-w- c:\users\Paulino Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-29 17:58 . 2007-08-23 15:15 126112 ----a-w- c:\users\Diogo Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-29 17:05 . 2008-08-23 11:33 126112 ----a-w- c:\users\Nuno Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-29 15:27 . 2009-12-12 11:10 126112 ----a-w- c:\users\Miguel Moreira\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-29 13:32 . 2009-07-11 06:57 126112 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-12-24 06:07 . 2007-05-26 15:44 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-24 05:20 . 2009-08-24 21:50 -------- d-----w- c:\program files\Guild Wars

2009-12-24 05:19 . 2007-09-07 16:16 -------- d-----w- c:\program files\BitComet

2009-12-23 17:28 . 2009-12-23 17:28 -------- d-----w- c:\users\Nuno Moreira\AppData\Roaming\Unity

2009-12-20 20:00 . 2008-01-26 00:34 -------- d-----w- c:\users\Diogo Moreira\AppData\Roaming\uTorrent

2009-12-20 04:27 . 2009-12-20 04:27 -------- d-----w- c:\program files\Gravity

2009-12-12 11:10 . 2009-12-12 11:10 -------- d-----w- c:\users\Miguel Moreira\AppData\Roaming\PC Suite

2009-12-12 11:01 . 2007-08-23 14:55 8224 ----a-w- c:\windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-10 19:19 . 2008-11-07 00:17 -------- d-----w- c:\program files\FirstClass

2009-12-06 23:51 . 2009-12-06 23:48 69 ----a-w- c:\users\Diogo Moreira\jagex_runescape_preferences2.dat

2009-12-06 23:48 . 2008-11-15 02:22 39 ----a-w- c:\users\Diogo Moreira\jagex_runescape_preferences.dat

2009-11-24 23:54 . 2007-11-19 19:32 1280480 ----a-w- c:\windows\system32\aswBoot.exe

2009-11-24 23:50 . 2008-04-01 18:17 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-11-24 23:50 . 2008-04-01 18:17 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-11-24 23:49 . 2007-11-19 19:32 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2009-11-24 23:49 . 2007-11-19 19:32 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-11-24 23:48 . 2007-11-19 19:32 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-11-24 23:47 . 2007-11-19 19:32 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-11-22 16:12 . 2007-05-27 00:59 90558 ----a-w- c:\windows\system32\perfc01D.dat

2009-11-22 16:12 . 2007-05-27 00:59 479168 ----a-w- c:\windows\system32\perfh01D.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]

[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]

2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840]

"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]

"FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2008-09-01 9109296]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2009-02-19 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-05-26 1006264]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]

"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]

"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]

"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]

"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-05-26 185896]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"DPService"="c:\program files\HP\DVDPlay\DPService.exe" [2007-12-18 90112]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"Family Tree Builder Update"="c:\myheritage\Bin\FTBCheckUpdates.exe" [2009-01-14 113680]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-16 149280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\users\Tiago Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Last.fm Helper.lnk - c:\program files\Last.fm\LastFMHelper.exe [2007-8-24 106496]

c:\users\Diogo Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

setup_9.0.0.722_22.01.2010_20-06.lnk - c:\arquivos de programas\Virus Removal Tool\setup_9.0.0.722_22.01.2010_20-06\startup.exe [2010-1-22 72208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Monitor Apache Servers.lnk - c:\program files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2008-1-18 41041]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"FilterAdministratorToken"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

R0 73506512;73506512 Boot Guard Driver;c:\windows\System32\drivers\73506512.sys [2010-01-22 37392]

R1 73506511;73506511;c:\windows\System32\drivers\73506511.sys [2010-01-22 128016]

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-04-01 114768]

R1 setup_9.0.0.722_22.01.2010_20-06drv;setup_9.0.0.722_22.01.2010_20-06drv;c:\windows\System32\drivers\7350651.sys [2010-01-22 311312]

R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-04-01 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2007-11-19 53328]

S2 gupdate1c95234997d78cf;Google Update Service (gupdate1c95234997d78cf);c:\program files\Google\Update\GoogleUpdate.exe [2008-11-29 133104]

S3 Apache2.2;Apache2.2;c:\program files\Apache Software Foundation\Apache2.2\bin\httpd.exe [2008-01-18 24635]

S3 cpuz132;cpuz132;c:\windows\System32\drivers\cpuz132_x32.sys [2009-07-21 12672]

S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [2009-11-06 54632]

S3 fsssvc;Tjänsten Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 Mkd2kfNt;Mkd2kfNt;c:\windows\System32\drivers\Mkd2kfNT.sys [2009-05-03 131072]

S3 Mkd2Nadr;Mkd2Nadr;c:\windows\System32\drivers\Mkd2Nadr.sys [2009-05-03 79104]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 V0260VID;Live! Cam Vista IM;c:\windows\System32\drivers\V0260Vid.sys [2008-10-04 154560]

S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [2007-09-09 685816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2008-11-29 15:22]

2010-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2008-11-29 15:22]

2007-10-22 c:\windows\Tasks\HPCeeScheduleForDiogo Moreira.job

- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-05-26 09:56]

2010-01-27 c:\windows\Tasks\User_Feed_Synchronization-{C317DACC-71D5-431E-8CDD-7C664B22605B}.job

- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]

.

------- Scan Suplementar -------

.

mWindow Title =

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Diogo Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk

FF - ProfilePath - c:\users\Diogo Moreira\AppData\Roaming\Mozilla\Firefox\Profiles\jh2fjusv.default\

FF - prefs.js: browser.startup.homepage - hxxp://search.myheritage.com/

FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=

FF - plugin: c:\program files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll

FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-01-27 19:09

Windows 6.0.6000 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]

"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(220)

c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll

c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_swe.nlr

c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr

.

------------------------ Outros Processos em Execução ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\windows\system32\rundll32.exe

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\windows\system32\conime.exe

c:\windows\servicing\TrustedInstaller.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-01-27 19:35:42 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-01-27 18:33

ComboFix2.txt 2010-01-15 07:29

Pré-execução: 26 261 151 744 byte ledigt

Pós execução: 27 052 834 816 byte ledigt

- - End Of File - - EE8BB18F7309E5DFFA606CEB90A6C2FF

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:52:47, on 2010-01-27

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16681)

Boot mode: Safe mode

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DPService] "C:\Program Files\HP\DVDPlay\DPService.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - Startup: setup_9.0.0.722_22.01.2010_20-06.lnk = C:\Arquivos de programas\Virus Removal Tool\setup_9.0.0.722_22.01.2010_20-06\startup.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Diogo Moreira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206480373480

O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab

O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c95234997d78cf) (gupdate1c95234997d78cf) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 11202 bytes

PedroN · Janeiro 28, 2010

Quais os problemas que ainda ocorre com o seu micro?

_The_Punk_Rocker_ · Janeiro 28, 2010

As animações continuam a encravar, alguns programas ainda não funcionam... mais ou menos o mesmo. Além do mais que quando se faz um escaneamento aquilo demora muito tempo, mas muito mesmo... Ontem o pc esteve qye estar ligado a noite toda e a maior parte do dia lol. :S

PedroN · Janeiro 30, 2010

Olá, procure outro moderador da área para assumir este caso, pois ficarei ausente nesses dias. Pois estou estudando para concursos e sobrecarregado com a minha faculdade.

Abraços e desculpe qualquer coisa.

_The_Punk_Rocker_ · Janeiro 30, 2010

Está bem, boa sorte com os seus estudos PedroN! Obrigadíssima pela ajuda até agora! :)

Power Max · Janeiro 31, 2010

:) Olá _The_Punk_Rocker_! Estarei assumindo o caso enquanto o amigo Pedro N estiver fazendo os estudos para os concursos.

__________________________________

--------------------\\ Cracks & Keygens ..

C:\Users\DIOGOM~1\AppData\Roaming\Microsoft\Windows\Recent\SimCity 4 Deluxe + Crack.lnk

C:\Users\DIOGOM~1\AppData\Roaming\Microsoft\Windows\Recent\SimCity_4_Deluxe_w__Crack___Serial.3835360.TPB [mininova].lnk

C:\Users\DIOGOM~1\Documents\Downloads\Harry Potter - Order of Pheonix\Crack

C:\Users\DIOGOM~1\Documents\Downloads\Harry Potter - Order of Pheonix\Crack\hatred.exe

C:\Users\DIOGOM~1\Documents\Downloads\Harry Potter - Order of Pheonix\Crack\hp.exe

C:\Users\DIOGOM~1\Documents\Downloads\Harry Potter - Order of Pheonix\Crack\keygen.exe

C:\Users\DIOGOM~1\Documents\Downloads\Harry Potter - Order of Pheonix\Crack\xinput1_3.dll

C:\Users\DIOGOM~1\Downloads\SimCity 4 Deluxe + Crack.zip

C:\Users\DIOGOM~1\Downloads\SimCity_4_Deluxe_w__Crack___Serial.3835360.TPB [mininova].torrent

:!: É muito importante desinstalar todos os programas crackeados ou pirateados que existam em seu PC, pois a enorme maioria destes programas vem com virus e/ou malwares embutidos neles, além de poderem conter vulnerabilidades que facilitam a invasão de seu computador.

________________________________

:seta: Baixe e execute o programa no endereço abaixo para desativar o Bonjour (que é um item desnecessário e que costuma deixar seu PC mais lento):

http://download.gizmo5.com/jasmine/TurnOffBonjour.exe

_________________________________

:seta: Siga também as dicas destes tutoriais:

Tutorial do Norman Malware Cleaner

Tutorial do Spyware Doctor Starter Edition

________________________________

:seta: Na sua próxima resposta poste este log do Spyware Doctor juntamente com o log do Norman Malware Cleaner e um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

Ficamos no aguardo.

_The_Punk_Rocker_ · Fevereiro 2, 2010

Bem, eu estou no momento a fazer um escaneamento completo com o spyware doctor, mas já está há quase um dia a escanear e está em 23%! :S Não dá para fazer pausa e continuar depois?

Power Max · Fevereiro 2, 2010

Bem, eu estou no momento a fazer um escaneamento completo com o spyware doctor, mas já está há quase um dia a escanear e está em 23%! :S Não dá para fazer pausa e continuar depois?

Esta demora tão grande não é normal, você tentou executar ele no Modo Seguro? Caso não tenha tentado, tente e veja se no Modo Seguro ele escaneia mais rapidamente.

Se mesmo assim demorar, deixe ele de lado e siga só as outras dicas que te passei.

_The_Punk_Rocker_ · Fevereiro 3, 2010

Bem aqui vai então:

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:56:39, on 2010-02-03