muhrninho 0 Denunciar post Postado Abril 5, 2010 Hoje o pc começou com uns freezes um pouco estranhos e vindos do nada, será vírus? De seguida vai o log do hijackthis: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:42:50, on 05-04-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programas\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Programas\COMODO\Firewall\cfp.exe C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\DAEMON Tools Lite\daemon.exe C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programas\Stardock\ObjectDock\ObjectDock.exe C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programas\Alwil Software\Avast4\setup\avast.setup C:\WINDOWS\system32\spoolsv.exe C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\ati2sgag.exe C:\Programas\Google\Update\GoogleUpdate.exe C:\Programas\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Google\Update\GoogleUpdate.exe C:\Programas\Java\jre6\bin\jqs.exe C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Programas\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgrounds.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [startCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programas\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Programas\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site .cab?1221737038748 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programas\COMODO\Firewall\cmdagent.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia - C:\Programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TomTomHOMEService - TomTom - C:\Programas\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe (file missing) -- End of file - 9836 bytes Desde já um obrigado Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Abril 6, 2010 Boa Noite! muhrninho <@> Baixe: < > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Segundo a imagem,mude a opção em "Output" para "Minimal Output". <@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users". <@> Marque as caixas: <!> [] LOP check e [] Purity check <@> Clique em: < > --> Aguarde! <@> Poste: <1> OTL.txt <-- <2> Extra.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
muhrninho 0 Denunciar post Postado Abril 6, 2010 Bom dia, OTL.txt : OTL logfile created on: 06-04-2010 11:34:22 - Run 1OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\mi_\Ambiente de trabalho Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas Drive C: | 127,99 Gb Total Space | 7,82 Gb Free Space | 6,11% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JOMI Current User Name: mi_ Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe (OldTimer Tools) PRC - C:\Programas\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programas\COMODO\Firewall\cfp.exe (COMODO) PRC - C:\Programas\COMODO\Firewall\cmdagent.exe (COMODO) PRC - C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programas\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) PRC - C:\Programas\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Programas\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Programas\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programas\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Programas\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Programas\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Program Files\ASUS\Six Engine\SixEngine.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programas\Stardock\ObjectDock\ObjectDock.exe (Stardock) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\guard32.dll (COMODO) MOD - C:\Programas\Stardock\ObjectDock\DockShellHook.dll () ========== Win32 Services (SafeList) ========== SRV - (WLSetupSvc) -- File not found SRV - (cmdAgent) -- C:\Programas\COMODO\Firewall\cmdagent.exe (COMODO) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (TomTomHOMEService) -- C:\Programas\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (ServiceLayer) -- C:\Programas\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (odserv) -- C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (avast! Web Scanner) -- C:\Programas\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Programas\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Programas\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (aswUpdSv) -- C:\Programas\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (ose) -- C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (IDriverT) -- C:\Programas\Ficheiros comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO) DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdguard.sys (COMODO) DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (mv61xx) -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (L1e) -- C:\WINDOWS\system32\drivers\l1e51x86.sys (Atheros Communications, Inc.) DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys () DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.newgrounds.com/ IE - HKU\S-1-5-21-842925246-492894223-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Ant.com" FF - prefs.js..browser.startup.homepage: "http://www.newgrounds.com/" FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.7.4 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:0.4.3 FF - prefs.js..extensions.enabledItems: {99a0337c-6303-4879-b72e-500fd9aaca8c}:1.0.8 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programas\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-02-25 19:50:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programas\Mozilla Firefox\components [2010-04-05 20:06:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programas\Mozilla Firefox\plugins [2010-04-05 20:06:52 | 000,000,000 | ---D | M] [2009-02-06 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Extensions [2009-02-06 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Extensions\home2@tomtom.com [2010-04-05 19:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions [2009-09-02 18:56:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-10 20:44:52 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2010-03-15 21:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{624bab10-c637-11dd-ad8b-0800200c9a66} [2010-03-20 17:34:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-29 15:52:46 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010-03-15 21:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\camifox@altmusictv.com [2009-11-04 18:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\netvideohunter@netvideohunter.com [2010-04-05 19:06:59 | 000,000,000 | ---D | M] -- C:\Programas\Mozilla Firefox\extensions [2009-02-04 20:28:50 | 000,000,000 | ---D | M] (TextAloud Firefox Plugin) -- C:\Programas\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c} [2006-09-26 14:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2010-04-01 18:34:22 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010-04-01 18:34:22 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml [2010-04-01 18:34:22 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml [2010-04-01 18:34:22 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml [2010-04-01 18:34:22 | 000,000,648 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2009-11-28 16:16:16 | 000,000,072 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 rad.msn.com O1 - Hosts: 127.0.0.1 rad.live.com O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-842925246-492894223-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Programas\COMODO\Firewall\cfp.exe (COMODO) O4 - HKLM..\Run: [six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe () O4 - HKLM..\Run: [startCCC] C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [DAEMON Tools Lite] C:\Programas\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [PC Suite Tray] C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\mi_\Menu Iniciar\Programas\Arranque\Stardock ObjectDock.lnk = C:\Programas\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221737038748 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.228.128.156 213.228.128.6 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programas\Ficheiros comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-842925246-492894223-839522115-1004 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (A minha home page actual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\mi_\Definições locais\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\mi_\Definições locais\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-18 11:54:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{88a3fa1f-a9e8-11dd-8c6e-eb232112bcad}\Shell - "" = AutoRun O33 - MountPoints2\{88a3fa1f-a9e8-11dd-8c6e-eb232112bcad}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{d3f35a6c-753a-11de-8d8a-002215641605}\Shell - "" = AutoRun O33 - MountPoints2\{d3f35a6c-753a-11de-8d8a-002215641605}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{ff7c7184-f45a-11dd-8ce5-c82c3a261d66}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sasnative32) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-04-06 11:33:01 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe [2010-04-05 16:50:21 | 000,000,000 | ---D | C] -- C:\Programas\ATI [2010-04-03 13:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Application Data\SEGA [2010-04-01 16:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\Lightrock Entertainment [2010-03-26 18:34:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\Fonts [2010-03-26 17:25:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-03-25 18:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\The Imaginarium of Doctor Parnassus [2010-03-24 12:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\Defendor [2010-03-24 11:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\The Pacific [2010-03-22 22:00:04 | 000,000,000 | ---D | C] -- C:\Programas\Declarações Electrónicas [2010-03-18 22:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Os meus documentos\4A Games [2010-03-18 16:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Temp [2010-03-18 14:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Definições locais\Application Data\4A Games [2010-03-18 14:17:11 | 000,000,000 | ---D | C] -- C:\Programas\NVIDIA Corporation [2010-03-18 14:15:15 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010-03-18 14:15:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010-03-18 14:15:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010-03-18 14:15:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010-03-18 13:16:43 | 000,000,000 | ---D | C] -- C:\Programas\THQ [2010-03-17 12:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\Shutter Island [2010-02-25 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Definições locais\Application Data\Microsoft [2010-02-25 19:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PC Suite [2009-12-27 14:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Google [2009-12-27 14:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Definições locais\Application Data\Google [2009-09-10 00:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Microsoft [2009-07-20 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Apple [2008-10-22 10:52:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\mi_\Application Data\pcouffin.sys [2008-09-18 18:30:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008-09-18 11:54:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-04-06 11:33:35 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe [2010-04-06 11:31:21 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-04-06 11:31:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-04-06 11:31:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-06 11:31:09 | 000,469,600 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2010-04-06 11:16:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-04-05 20:52:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-04-05 20:06:57 | 019,136,512 | ---- | M] () -- C:\Documents and Settings\mi_\ntuser.dat [2010-04-05 20:03:58 | 000,088,946 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\bookmarks-2010-04-05.json [2010-04-05 19:13:39 | 000,487,244 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2010-04-05 19:13:39 | 000,435,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-04-05 19:13:39 | 000,083,348 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2010-04-05 19:13:39 | 000,068,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-04-05 19:06:06 | 002,578,902 | -H-- | M] () -- C:\Documents and Settings\mi_\Definições locais\Application Data\IconCache.db [2010-04-05 16:31:34 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2010-04-05 15:41:44 | 000,021,536 | ---- | M] () -- C:\Documents and Settings\mi_\Application Data\settings.dat [2010-04-03 14:07:49 | 000,002,627 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Farming Extreme Manager.lnk [2010-04-03 12:27:13 | 001,086,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-04-02 21:37:26 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\mi_\ntuser.ini [2010-04-01 22:32:11 | 000,237,056 | ---- | M] () -- C:\Documents and Settings\mi_\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-01 20:02:05 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\mi_\Application Data\vso_ts_preview.xml [2010-04-01 16:27:50 | 005,078,299 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Certificado de Aptidão Profissional.png [2010-04-01 16:26:19 | 000,087,623 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\-CV-MiguelDuarte.pdf [2010-03-30 18:25:06 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-03-30 17:38:34 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Steam.lnk [2010-03-30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-24 22:45:27 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\mi_\Os meus documentos\GE.doc [2010-03-23 12:56:15 | 000,502,183 | ---- | M] () -- C:\Documents and Settings\mi_\Application Data\farm.bmp [2010-03-22 12:41:06 | 000,151,068 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\mapa convento A8 e A1.pdf [2010-03-22 11:35:54 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\mapa convento A8.doc [2010-03-22 11:33:05 | 000,272,125 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\croqui_Qta_Convento.pdf [2010-03-18 14:02:06 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Metro 2033.lnk [2010-03-11 23:48:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-03-10 22:50:59 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\mi_\Ambiente de trabalho\utorrent.exe [2010-03-08 11:53:57 | 000,583,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-07 16:03:03 | 000,210,808 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-04-05 20:03:57 | 000,088,946 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\bookmarks-2010-04-05.json [2010-04-05 16:50:40 | 000,033,616 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010-04-03 15:40:34 | 019,136,512 | ---- | C] () -- C:\Documents and Settings\mi_\ntuser.dat [2010-04-01 16:27:14 | 005,078,299 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Certificado de Aptidão Profissional.png [2010-04-01 16:26:19 | 000,087,623 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\-CV-MiguelDuarte.pdf [2010-03-22 12:41:03 | 000,151,068 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\mapa convento A8 e A1.pdf [2010-03-22 11:35:53 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\mapa convento A8.doc [2010-03-22 11:32:59 | 000,272,125 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\croqui_Qta_Convento.pdf [2010-03-18 14:02:06 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Metro 2033.lnk [2010-02-20 20:22:29 | 000,022,079 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\mi.dat [2010-02-16 19:05:04 | 000,502,183 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\farm.bmp [2010-02-16 16:17:48 | 000,021,536 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\settings.dat [2009-12-05 03:01:51 | 000,710,248 | ---- | C] () -- C:\Documents and Settings\LocalService\Definições locais\Application Data\FontCache3.0.0.0.dat [2009-08-01 10:07:19 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-08-01 10:07:19 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-06-05 19:31:09 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-05 19:31:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-06-05 19:31:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-05 19:31:08 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-05 19:31:08 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-05 19:31:07 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-05 19:31:06 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-05-29 17:57:35 | 000,137,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-05-21 00:35:33 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini [2009-04-26 13:34:38 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\mi_\debug.txt [2009-04-26 13:34:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mi_\existcheck [2009-04-25 23:08:26 | 000,000,094 | -H-- | C] () -- C:\WINDOWS\System32\spv1_WCssg.ini [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-03-11 18:25:26 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\TheHunterSettings.cfg [2009-02-23 13:35:13 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\inst.exe [2009-02-11 14:41:45 | 000,107,832 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\PnkBstrB.exe [2009-01-24 16:23:19 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2009-01-24 16:23:19 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2009-01-05 21:31:48 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.ldb [2008-12-31 13:45:51 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-12-11 00:52:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-09 21:03:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mi_\Ÿ9Ÿ9 [2008-11-10 12:19:31 | 000,000,204 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\default.rss [2008-10-27 10:14:30 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-10-27 01:52:00 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI [2008-10-22 10:53:38 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\vso_ts_preview.xml [2008-10-22 10:52:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\pcouffin.cat [2008-10-22 10:52:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\pcouffin.inf [2008-10-09 00:08:24 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2008-09-18 21:44:28 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\PnkBstrK.sys [2008-09-18 15:04:12 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\mi_\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-09-18 14:33:55 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll [2008-09-18 13:29:19 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008-09-18 13:29:19 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008-09-18 13:29:17 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008-09-18 13:29:17 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008-09-18 13:02:36 | 000,036,081 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008-09-18 13:02:01 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-09-18 13:01:52 | 000,035,690 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-09-18 13:01:52 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-09-18 11:57:10 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\mi_\ntuser.dat.LOG [2008-09-18 11:57:10 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\mi_\ntuser.ini [2006-11-06 23:49:36 | 000,000,302 | ---- | C] () -- C:\WINDOWS\primopdf.ini ========== LOP Check ========== [2009-04-05 23:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2009-08-29 15:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Divinity 2 [2010-02-25 19:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2008-10-27 01:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier [2009-10-20 22:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HighAndes [2009-07-18 11:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software [2010-02-25 19:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations [2008-10-27 01:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Megaupload [2010-01-25 23:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2008-12-15 23:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo [2009-03-20 11:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2009-03-20 10:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS [2009-04-03 11:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2008-11-11 19:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010-02-25 19:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2009-04-26 13:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2009-06-08 22:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games [2009-01-24 16:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel [2009-04-28 00:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2009-11-01 20:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2009-05-11 17:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Systweak [2009-09-13 21:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009-04-27 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TikGames [2009-02-06 15:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2008-09-18 21:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft [2008-11-01 19:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2009-07-11 11:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009-02-22 16:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010-02-25 19:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PC Suite [2008-12-28 14:34:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\mi_\Application Data\.# [2009-01-16 13:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Audacity [2009-07-11 12:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\BraCa_Soft [2008-11-09 18:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Carnival Software [2009-08-25 01:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\CasaPortale.de [2009-03-06 10:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Civitas3 [2009-04-05 11:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\DAEMON Tools [2009-01-28 00:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Datalayer [2009-05-21 01:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\DMCache [2009-04-02 22:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\EmailNotifier [2009-04-23 00:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\funkitron [2009-10-24 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Got Game Entertainment [2009-10-20 22:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\HighAndes [2009-05-22 22:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\IDM [2009-07-18 11:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Individual Software [2009-08-28 10:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\IObit [2009-04-26 13:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\iWin [2008-10-27 01:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Megaupload [2009-10-15 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Mount&Blade [2009-08-15 14:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Mp3 Editor for Free [2009-08-09 16:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\NationRed [2009-04-03 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Nitro PDF [2010-02-25 19:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Nokia [2009-01-05 23:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\PC Suite [2009-04-26 13:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\PlayFirst [2010-04-03 13:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\SEGA [2009-11-01 18:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Sports Interactive [2009-01-14 12:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Styler [2009-09-16 12:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Super-Cow [2009-05-11 17:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Systweak [2009-02-12 22:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\temp [2009-02-21 16:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\The Creative Assembly [2009-04-30 19:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Thinstall [2009-04-27 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\TikGames [2009-02-06 15:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\TomTom [2009-12-02 17:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Tropico 3 [2010-04-01 22:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\uTorrent [2009-05-01 23:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Valusoft [2009-01-21 12:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\VitySoft [2010-04-01 20:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Vso [2010-01-23 15:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\ZombieDriver ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF @Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9 @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93C494CA @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:23BEBB72 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45CAB638 @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2721624 < End of report > Extra.txt : OTL Extras logfile created on: 06-04-2010 11:34:22 - Run 1OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\mi_\Ambiente de trabalho Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas Drive C: | 127,99 Gb Total Space | 7,82 Gb Free Space | 6,11% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JOMI Current User Name: mi_ Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programas\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Programas\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8080:TCP" = 8080:TCP:*:Enabled:PORT1 "8081:TCP" = 8081:TCP:*:Enabled:PORT2 "1013:TCP" = 1013:TCP:*:Enabled:BS "4799:TCP" = 4799:TCP:*:Enabled:FD "1288:TCP" = 1288:TCP:*:Enabled:FD "3232:TCP" = 3232:TCP:*:Enabled:FD "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "wmsncs.exe" = wmsncs.exe:*:Enabled:SYSTEM "C:\Programas\MSN Messenger\livecall.exe" = C:\Programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Programas\Windows Live\Messenger\wlcsdk.exe" = C:\Programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "wmsncs.exe" = wmsncs.exe:*:Enabled:SYSTEM "C:\Programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Programas\HP\Digital Imaging\bin\hposid01.exe" = C:\Programas\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Programas\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programas\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Programas\SPSSInc\SPSS16\spss.com" = C:\Programas\SPSSInc\SPSS16\spss.com:*:Disabled:SPSS 16.0 (1033:com) -- File not found "C:\Programas\SPSSInc\SPSS16\spss.exe" = C:\Programas\SPSSInc\SPSS16\spss.exe:*:Disabled:SPSS 16.0 (1033:exe) -- File not found "C:\Programas\Windows Live\Messenger\wlcsdk.exe" = C:\Programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Programas\uTorrent\uTorrent.exe" = C:\Programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Documents and Settings\mi_\Ambiente de trabalho\utorrent.exe" = C:\Documents and Settings\mi_\Ambiente de trabalho\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Programas\Lphant\eLePhantClient.exe" = C:\Programas\Lphant\eLePhantClient.exe:*:Enabled:Lphant -- File not found "C:\Programas\Sports Interactive\Football Manager 2010\fm.exe" = C:\Programas\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive) "C:\Programas\Sports Interactive\Football Manager 2009\fm.exe" = C:\Programas\Sports Interactive\Football Manager 2009\fm.exe:*:Disabled:Football Manager 2009 -- File not found "C:\Programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Programas\Steam\Steam.exe" = C:\Programas\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Programas\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Programas\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{0800E395-4DD7-3A93-BB96-08596C0D725F}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTG "{0AB4C03C-D10F-422E-B060-75387F61599A}" = Nitro PDF Professional "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0 "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1f1771f2-a1f6-4886-8ac7-113727098fe2}" = Nero 9 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth "{2FD9998F-B3F3-10D6-A31E-8E021337EC0B}" = CCC Help English "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113 Gigabit/Fast Ethernet Driver "{32BBD344-47DB-7027-7E1D-13DB78415784}" = ccc-core-preinstall "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C97BF-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{3A417047-2E30-4D05-8977-F706D40BFF39}" = Windows Live installer "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater "{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}" = Farming Extreme Manager "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5A098C87-FA43-E81C-B206-4E0ADF7287B5}" = ccc-utility "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74B15DD2-921E-48E5-9ADC-DC6C0C69C263}" = Assistente de Início de Sessão do Windows Live "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.1.55b "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{7B1DBCBE-DF17-3B58-844C-F572F70EF5C4}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptg "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{88528F28-E04A-3A93-B3C0-14651148FE82}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTG "{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0010-0816-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Portugal)) 12 "{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007 "{90120000-0015-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 "{90120000-0016-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 "{90120000-0018-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 "{90120000-0019-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 "{90120000-001A-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007 "{90120000-001B-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007 "{90120000-001F-0816-0000-0000000FF1CE}_ENTERPRISE_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0816-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 "{90120000-0044-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 "{90120000-006E-0816-0000-0000000FF1CE}_ENTERPRISE_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 "{90120000-00A1-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0816-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 "{90120000-00BA-0816-0000-0000000FF1CE}_ENTERPRISE_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 "{B0889CBC-F889-A895-4EE9-8E0260C7D63F}" = Catalyst Control Center HydraVision Full "{B10A4ACC-118A-8E9D-2CF3-A19BBC73B9C2}" = Catalyst Control Center Graphics Full Existing "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B31CBE94-F497-9273-5766-DD4E11AA2D55}" = Catalyst Control Center Graphics Full New "{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BA60C8FC-6712-5116-231C-6C5E05060866}" = Catalyst Control Center Graphics Light "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CB654885-263B-E696-5690-3B341C22EC17}" = Catalyst Control Center Core Implementation "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D691D368-9799-42F3-BA75-816212B502A2}" = FormatFactory "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E0520079-4024-8B23-738F-EC0792AA3502}" = ccc-core-static "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FB62FD97-DAA9-BEE9-1A31-3A47E33F4E24}" = Catalyst Control Center Graphics Previews Common "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pacote de controladores do Windows - Nokia Modem (10/05/2009 4.2) "1D5638EAC7C1E288BBDDD6095426C61300EB2473" = Pacote de controladores do Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "504244733D18C8F63FF584AEB290E3904E791693" = Pacote de controladores do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pacote de controladores do Windows - Nokia Modem (06/01/2009 7.01.0.4) "AAA Logo 2009 Business_is1" = AAA Logo 2009 Business Edition 3.0 "Able2Extract Professional v6.0" = Able2Extract Professional v6.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Utilitário de desinstalação de software "ATI Display Driver" = ATI Display Driver "avast!" = avast! Antivirus "Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2 "CCleaner" = CCleaner "COMODO Firewall Pro" = COMODO Firewall Pro "Dragonica(EN)" = Dragonica(EN) "ENTERPRISE" = Microsoft Office Enterprise 2007 "Football Manager 2010" = Football Manager 2010 "Free Studio_is1" = Free Studio version 4.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "i Screen Recorder_is1" = i Screen Recorder 7.0.1.450 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.5 (Full) "Labtec Media Keyboard V5.1" = Labtec Media Keyboard V5.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Metro 2033_is1" = Metro 2033 "Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - ptg" = Microsoft .NET Framework 3.5 Language Pack SP1 - PTG "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia PC Suite" = Nokia PC Suite "ObjectDock" = ObjectDock "OpenAL" = OpenAL "PosteRazor_is1" = PosteRazor "PrimoPDF3.1" = PrimoPDF "RealPlayer 12.0" = RealPlayer "Shop for HP Supplies" = Shop for HP Supplies "Steam App 215" = Source SDK Base "Steam App 240" = Counter-Strike: Source "Steam App 550" = Left 4 Dead 2 "Steam App 564" = Left 4 Dead 2 Add-on Support "TomTom HOME" = TomTom HOME 2.7.3.1894 "Unlocker" = Unlocker 1.8.7 "UsbFix" = UsbFix "uTorrent" = µTorrent "Vector Magic" = Vector Magic "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = Arquivo do WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 03-11-2009 12:40:16 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://rs644tl.rapidshare.com/files/300413356/5850504/FM2010.rar failed, 00000084. Error - 05-11-2009 9:22:20 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://clients1.google.pt/complete/search?hl=pt-PT&q=como%20fazer%20gi&cp=13 failed, 0000A413. Error - 05-11-2009 14:40:09 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://clients1.google.pt/complete/search?hl=pt-PT&ds=i&q=sleeping%20shar&cp=13 failed, 0000A413. Error - 06-11-2009 9:30:05 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://www.youtube.com/get_video_info?&video_id=am5yfrcn98E&el=embedded&ps=default&eurl= failed, 0000A413. Error - 09-11-2009 16:17:25 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://clients1.google.pt/complete/search?hl=pt-PT&ds=i&q=dzeko&cp=5 failed, 0000A413. Error - 11-11-2009 12:50:49 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://www.youtube.com/get_video_info?&video_id=JW4CVdkRpS4&el=embedded&ps=default&eurl=http%3A%2F%2Fwww%2Ecmportugal%2Ecom%2Findex%2Ephp%3Fshowtopic%3D121410&hd=1 failed, 0000A413. Error - 18-11-2009 20:36:22 | Computer Name = JOMI | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://gfx6.hotmail.com/mail/15.1.3028.1103/pfm.js failed, 0000A413. [ Application Events ] Error - 05-04-2010 14:58:32 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 05-04-2010 15:13:22 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 05-04-2010 15:18:09 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 05-04-2010 15:25:46 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 05-04-2010 15:42:07 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 06-04-2010 6:03:28 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 06-04-2010 6:17:31 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 06-04-2010 6:22:35 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 06-04-2010 6:26:33 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. Error - 06-04-2010 6:31:56 | Computer Name = JOMI | Source = PerfNet | ID = 2004 Description = Não foi possível abrir o serviço de servidor. Os dados de desempenho de servidor não serão devolvidos. O código de erro devolvido encontra-se nos dados DWORD 0. [ OSession Events ] Error - 02-12-2008 18:16:25 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error - 21-06-2009 10:59:32 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error - 21-06-2009 11:16:51 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error - 28-08-2009 14:50:42 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 28-08-2009 14:50:50 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 26-10-2009 13:42:56 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1852 seconds with 660 seconds of active time. This session ended with a crash. Error - 07-02-2010 11:27:54 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 236 seconds with 60 seconds of active time. This session ended with a crash. Error - 10-02-2010 13:00:50 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2678 seconds with 1680 seconds of active time. This session ended with a crash. Error - 10-02-2010 13:04:40 | Computer Name = JOMI | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 224 seconds with 180 seconds of active time. This session ended with a crash. [ System Events ] Error - 05-04-2010 14:55:25 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 05-04-2010 14:55:55 | Computer Name = JOMI | Source = Service Control Manager | ID = 7034 Description = O serviço TomTomHOMEService terminou inesperadamente. Isto aconteceu 1 vez(es). Error - 05-04-2010 15:00:07 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 05-04-2010 15:19:49 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 05-04-2010 15:27:18 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 05-04-2010 15:43:41 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 06-04-2010 6:05:02 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 06-04-2010 6:19:00 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 06-04-2010 6:28:07 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. Error - 06-04-2010 6:33:29 | Computer Name = JOMI | Source = Service Control Manager | ID = 7022 Description = O serviço HP CUE DeviceDiscovery Service desligou-se ao iniciar. < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Abril 6, 2010 Boa Noite! muhrninho <@> Execute o OTL.exe. <@> Copie estas informações que estão no Quote,para o campo clipboard da ferramenta. ( Custom Scans/Fixes ) :filesC:\Documents and Settings\mi_\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini :otl O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11) O33 - MountPoints2\{88a3fa1f-a9e8-11dd-8c6e-eb232112bcad}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{d3f35a6c-753a-11de-8d8a-002215641605}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{ff7c7184-f45a-11dd-8ce5-c82c3a261d66}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sasnative32) - File not found [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF @Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9 @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93C494CA @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:23BEBB72 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45CAB638 @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2721624 :reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programas\MSN Messenger\livecall.exe"=- "C:\Nexon\Combat Arms\CombatArms.exe"=- "C:\Nexon\Combat Arms\Engine.exe"=- "C:\Nexon\Combat Arms EU\CombatArms.exe"=- "C:\Nexon\Combat Arms EU\Engine.exe"=- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programas\SPSSInc\SPSS16\spss.com"=- "C:\Programas\Sports Interactive\Football Manager 2009\fm.exe"=- :Commands [resethosts] [purity] [emptytemp] [Reboot] <@> Clique no botão Run Fix --> Aguarde a conclusão! <@> Terminando,vá até a pasta: C:\_OTL\MovedFiles\*.log <-- Poste! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
muhrninho 0 Denunciar post Postado Abril 6, 2010 Boa noite, OTL log: All processes killed========== FILES ========== C:\Documents and Settings\mi_\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88a3fa1f-a9e8-11dd-8c6e-eb232112bcad}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88a3fa1f-a9e8-11dd-8c6e-eb232112bcad}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3f35a6c-753a-11de-8d8a-002215641605}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3f35a6c-753a-11de-8d8a-002215641605}\ not found. File E:\LaunchU3.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff7c7184-f45a-11dd-8ce5-c82c3a261d66}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff7c7184-f45a-11dd-8ce5-c82c3a261d66}\ not found. File E:\InstallTomTomHOME.exe not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:sasnative32 deleted successfully. C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully. C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully. C:\WINDOWS\msdownld.tmp folder deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET7.tmp deleted successfully. C:\WINDOWS\System32\PerfStringBackup.TMP deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:93C494CA deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:23BEBB72 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:45CAB638 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:F2721624 deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Programas\MSN Messenger\livecall.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\Engine.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms EU\CombatArms.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms EU\Engine.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Programas\SPSSInc\SPSS16\spss.com deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Programas\Sports Interactive\Football Manager 2009\fm.exe deleted successfully. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: Administrador ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 2947330 bytes User: mi_ ->Temp folder emptied: 612670958 bytes ->Temporary Internet Files folder emptied: 75235734 bytes ->Java cache emptied: 12632 bytes ->FireFox cache emptied: 84130642 bytes ->Flash cache emptied: 144970 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1158897 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3069594 bytes RecycleBin emptied: 3714825470 bytes Total Files Cleaned = 4.286,00 mb OTL by OldTimer - Version 3.2.1.0 log created on 04062010_225320 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found! C:\WINDOWS\temp\Perflib_Perfdata_604.dat moved successfully. Registry entries deleted on Reboot... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Abril 6, 2010 Boa Noite! muhrninho <@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 ) <@> Salve-a em Arquivos de programas! <@> Desabilite seu antivírus! <@> Instale e execute a ferramenta,com um duplo-clique em: < > <@> Nas opções da língua,escolha "PT-BR" --> Enter. <@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter. < > <@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... ) <@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok. < > <@> O computador irá reiniciar. <-- Aguarde! <@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta. <@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante! <@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter. <@> Poste o relatório,que estará em: C:\UsbFix.txt 0000000000000000000000 0000000000000000000000 <@> Execute o OTL Quick Scan,onde teremos um rápido escaneamento da ferramenta. <@> Duplo-clique em: < > <@> Clique em "Scan All Users" --> --> Aguarde! <@> Copie e poste o relatório. ( OTL log ) Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
muhrninho 0 Denunciar post Postado Abril 7, 2010 Boa tarde, USBfix log: ############################## | UsbFix V6.100 | User : mi_ () # JOMI Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8 Start at: 12:14:30 | 07-04-2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Processador Intel Pentium III Xeon Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : avast! antivirus 4.8.1229 [VPS 091130-1] 4.8.1229 [ Enabled | (!) Outdated ] FW : COMODO Firewall[ Enabled ]3.9 A:\ -> Unidade de disquetes de 3 1/2 polegadas C:\ -> Disco fixo local # 127,99 Go (25,35 Go free) # NTFS D:\ -> Disco de CD-ROM E:\ -> Disco de CD-ROM F:\ -> Disco de CD-ROM G:\ -> Disco amovível # 1,89 Go (1,41 Go free) [PEN_USB2GB] # FAT32 H:\ -> Disco amovível # 999,72 Mo (936,62 Mo free) [PEN USB 1GB] # FAT ################## | Ficheiros # pastas infeciosos | Supprimido ! C:\Recycler\S-1-5-21-842925246-492894223-839522115-1004 Supprimido ! G:\22yj2fy1.exe Supprimido ! G:\a2h2.com ################## | Registro | Supprimido ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" Supprimido ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch" ################## | Mountpoints2 | ################## | Listing | [18-09-2008 11:54|--a------|0] C:\AUTOEXEC.BAT [01-12-2008 11:56|-rahs----|281] C:\BOOT.BKK [27-10-2009 13:15|-r-hs----|293] C:\boot.ini [20-11-2001 13:00|-rahs----|4952] C:\Bootfont.bin [04-08-2004 00:00|--a------|261856] C:\cmldr [18-09-2008 11:54|--a------|0] C:\CONFIG.SYS [27-08-2009 13:05|--a------|175] C:\DevList.txt [07-11-2007 09:00|--a------|17734] C:\eula.1028.txt [07-11-2007 09:00|--a------|17734] C:\eula.1031.txt [07-11-2007 09:00|--a------|10134] C:\eula.1033.txt [07-11-2007 09:00|--a------|17734] C:\eula.1036.txt [07-11-2007 09:00|--a------|17734] C:\eula.1040.txt [07-11-2007 09:00|--a------|118] C:\eula.1041.txt [07-11-2007 09:00|--a------|17734] C:\eula.1042.txt [07-11-2007 09:00|--a------|17734] C:\eula.2052.txt [07-11-2007 09:00|--a------|17734] C:\eula.3082.txt [07-11-2007 09:00|--a------|1110] C:\globdata.ini [07-11-2007 09:00|--a------|843] C:\install.ini [07-11-2007 09:03|--a------|76304] C:\install.res.1028.dll [07-11-2007 09:03|--a------|96272] C:\install.res.1031.dll [07-11-2007 09:03|--a------|91152] C:\install.res.1033.dll [07-11-2007 09:03|--a------|97296] C:\install.res.1036.dll [07-11-2007 09:03|--a------|95248] C:\install.res.1040.dll [07-11-2007 09:03|--a------|81424] C:\install.res.1041.dll [07-11-2007 09:03|--a------|79888] C:\install.res.1042.dll [07-11-2007 09:03|--a------|75792] C:\install.res.2052.dll [07-11-2007 09:03|--a------|96272] C:\install.res.3082.dll [18-09-2008 11:54|-rahs----|0] C:\IO.SYS [05-04-2010 20:33|--a------|117] C:\mbam-error.txt [18-09-2008 11:54|-rahs----|0] C:\MSDOS.SYS [18-09-2008 12:47|-rahs----|47564] C:\NTDETECT.COM [19-09-2008 00:25|-rahs----|251120] C:\ntldr [?|?|?] C:\pagefile.sys [18-05-2009 17:21|--a------|245] C:\prefs.xml [07-04-2010 12:17|--a------|3167] C:\UsbFix.txt [07-11-2007 09:00|--a------|5686] C:\vcredist.bmp [07-11-2007 09:09|--a------|1442522] C:\VC_RED.cab [07-11-2007 09:12|--a------|232960] C:\VC_RED.MSI [23-12-2009 17:43|--a------|79417404] G:\Prenda de Natal para os Amigos 2009.wmv [18-07-2009 10:03|--ah-----|31307658] H:\My Star World.zip [13-10-2008 19:52|--ah-----|243204] H:\unlocker1.8.7.exe [10-03-2007 10:24|--a------|34590128] H:\Nero-6.6.1.4_no_yt.exe ################## | Vaccinação | # C:\autorun.inf -> Autorun.inf criado por UsbFix (El Desaparecido). # H:\autorun.inf -> Autorun.inf criado por UsbFix (El Desaparecido). ################## | Upload | Favor enviar o arquivo : C:\UsbFix_Upload_Me_JOMI.zip : http://chiquitine.changelog.fr/Sample/Upload.php Obrigado pela sua contribuição . ################## | ! Fim do relatório # UsbFix V6.100 ! | OTL log: OTL logfile created on: 07-04-2010 12:19:48 - Run 1OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\mi_\Ambiente de trabalho Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas Drive C: | 127,99 Gb Total Space | 25,37 Gb Free Space | 19,82% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 1,89 Gb Total Space | 1,41 Gb Free Space | 74,83% Space Free | Partition Type: FAT32 Drive H: | 999,72 Mb Total Space | 936,61 Mb Free Space | 93,69% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: JOMI Current User Name: mi_ Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010-04-06 22:52:53 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe PRC - [2010-04-03 12:24:15 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programas\Mozilla Firefox\firefox.exe PRC - [2010-02-15 12:24:05 | 000,723,632 | ---- | M] (COMODO) -- C:\Programas\COMODO\Firewall\cmdagent.exe PRC - [2008-09-24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) -- C:\Programas\Alwil Software\Avast4\ashWebSv.exe PRC - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) -- C:\Programas\Alwil Software\Avast4\ashServ.exe PRC - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) -- C:\Programas\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) -- C:\Programas\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-04-14 17:09:47 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-04-06 22:52:53 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe MOD - [2010-02-15 12:24:18 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (WLSetupSvc) SRV - [2010-02-15 12:24:05 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Programas\COMODO\Firewall\cmdagent.exe -- (cmdAgent) SRV - [2009-12-16 18:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programas\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-09-24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Programas\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Programas\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Programas\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Programas\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programas\Ficheiros comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-492894223-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Ant.com" FF - prefs.js..browser.startup.homepage: "http://www.newgrounds.com/" FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.7.4 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:0.4.3 FF - prefs.js..extensions.enabledItems: {99a0337c-6303-4879-b72e-500fd9aaca8c}:1.0.8 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programas\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-02-25 19:50:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Programas\Mozilla Firefox\components [2010-04-06 21:02:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Programas\Mozilla Firefox\plugins [2010-04-07 12:12:47 | 000,000,000 | ---D | M] [2009-02-06 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Extensions [2009-02-06 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Extensions\home2@tomtom.com [2010-04-07 12:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions [2009-09-02 18:56:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-10 20:44:52 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2010-03-15 21:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{624bab10-c637-11dd-ad8b-0800200c9a66} [2010-03-20 17:34:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-29 15:52:46 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010-03-15 21:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\camifox@altmusictv.com [2009-11-04 18:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\mozilla\Firefox\Profiles\suyxigjp.default\extensions\netvideohunter@netvideohunter.com [2010-04-07 11:23:35 | 000,000,000 | ---D | M] -- C:\Programas\Mozilla Firefox\extensions [2009-02-04 20:28:50 | 000,000,000 | ---D | M] (TextAloud Firefox Plugin) -- C:\Programas\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c} [2006-09-26 14:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll O1 HOSTS File: ([2010-04-06 22:54:11 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-842925246-492894223-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Programas\COMODO\Firewall\cfp.exe (COMODO) O4 - HKLM..\Run: [six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe () O4 - HKLM..\Run: [startCCC] C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [DAEMON Tools Lite] C:\Programas\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [PC Suite Tray] C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-21-842925246-492894223-839522115-1004..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\mi_\Menu Iniciar\Programas\Arranque\Stardock ObjectDock.lnk = C:\Programas\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O7 - HKU\S-1-5-21-842925246-492894223-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.228.128.156 213.228.128.6 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programas\Ficheiros comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-842925246-492894223-839522115-1004 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (A minha home page actual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\mi_\Definições locais\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\mi_\Definições locais\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-18 11:54:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-07 12:17:29 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-11 19:48:50 | 000,000,000 | RH-D | M] - G:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010-04-07 12:17:32 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 14 Days ========== [2010-04-07 12:17:29 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-04-07 12:09:41 | 000,000,000 | ---D | C] -- C:\UsbFix [2010-04-06 22:53:20 | 000,000,000 | ---D | C] -- C:\_OTL [2010-04-06 22:52:48 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe [2010-04-06 21:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010-04-06 21:01:02 | 000,000,000 | ---D | C] -- C:\Programas\ATI [2010-04-06 21:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2010-04-06 20:53:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI(2) [2010-04-06 20:38:55 | 000,000,000 | ---D | C] -- C:\Programas\ATI(2) [2010-04-03 13:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Application Data\SEGA [2010-04-01 16:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\Lightrock Entertainment [2010-03-26 18:34:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mi_\Ambiente de trabalho\Fonts [2010-03-18 16:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Temp [2010-02-25 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Definições locais\Application Data\Microsoft [2010-02-25 19:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PC Suite [2009-12-27 14:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Google [2009-12-27 14:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Definições locais\Application Data\Google [2009-09-10 00:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Microsoft [2009-07-20 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Definições locais\Application Data\Apple [2008-10-22 10:52:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\mi_\Application Data\pcouffin.sys [2008-09-18 18:30:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008-09-18 11:54:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft ========== Files - Modified Within 14 Days ========== [2010-04-07 12:17:35 | 000,198,360 | ---- | M] () -- C:\UsbFix_Upload_Me_JOMI.zip [2010-04-07 12:12:45 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-04-07 12:12:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-04-07 12:12:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-07 12:11:18 | 019,001,344 | ---- | M] () -- C:\Documents and Settings\mi_\ntuser.dat [2010-04-07 12:11:18 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\mi_\ntuser.ini [2010-04-07 12:11:12 | 002,574,718 | -H-- | M] () -- C:\Documents and Settings\mi_\Definições locais\Application Data\IconCache.db [2010-04-07 12:09:00 | 106,502,912 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Big_tits_latina_on_bed_-_Latina_sex_video_-_Tube8com.flv [2010-04-07 11:57:02 | 000,021,536 | ---- | M] () -- C:\Documents and Settings\mi_\Application Data\settings.dat [2010-04-07 11:52:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-04-07 11:41:43 | 000,002,627 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Farming Extreme Manager.lnk [2010-04-06 22:54:11 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010-04-06 22:53:45 | 000,487,978 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2010-04-06 22:53:45 | 000,436,284 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-04-06 22:53:45 | 000,083,684 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2010-04-06 22:53:45 | 000,068,796 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-04-06 22:52:53 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mi_\Ambiente de trabalho\OTL.exe [2010-04-06 20:25:44 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2010-04-06 19:38:03 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\mi_\Application Data\vso_ts_preview.xml [2010-04-06 14:48:40 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-04-06 11:16:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-04-05 20:03:58 | 000,088,946 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\bookmarks-2010-04-05.json [2010-04-05 15:21:01 | 001,086,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-04-03 15:45:41 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Steam.lnk [2010-04-01 16:27:50 | 005,078,299 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Certificado de Aptidão Profissional.png [2010-04-01 16:26:19 | 000,087,623 | ---- | M] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\-CV-MiguelDuarte.pdf [2010-03-30 18:25:06 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-03-24 22:45:27 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\mi_\Os meus documentos\GE.doc ========== Files Created - No Company Name ========== [2010-04-07 12:17:34 | 000,198,360 | ---- | C] () -- C:\UsbFix_Upload_Me_JOMI.zip [2010-04-07 11:24:06 | 106,502,912 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Big_tits_latina_on_bed_-_Latina_sex_video_-_Tube8com.flv [2010-04-06 20:39:09 | 000,033,616 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010-04-05 20:03:57 | 000,088,946 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\bookmarks-2010-04-05.json [2010-04-05 19:05:58 | 019,001,344 | ---- | C] () -- C:\Documents and Settings\mi_\ntuser.dat [2010-04-01 16:27:14 | 005,078,299 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\Certificado de Aptidão Profissional.png [2010-04-01 16:26:19 | 000,087,623 | ---- | C] () -- C:\Documents and Settings\mi_\Ambiente de trabalho\-CV-MiguelDuarte.pdf [2010-02-20 20:22:29 | 000,022,079 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\mi.dat [2010-02-16 19:05:04 | 000,502,183 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\farm.bmp [2010-02-16 16:17:48 | 000,021,536 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\settings.dat [2009-12-05 03:01:51 | 000,710,248 | ---- | C] () -- C:\Documents and Settings\LocalService\Definições locais\Application Data\FontCache3.0.0.0.dat [2009-08-01 10:07:19 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-08-01 10:07:19 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-06-05 19:31:09 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-05 19:31:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-06-05 19:31:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-05 19:31:08 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-05 19:31:08 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-05 19:31:07 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-05 19:31:06 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-05-29 17:57:35 | 000,137,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-05-21 00:35:33 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini [2009-04-26 13:34:38 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\mi_\debug.txt [2009-04-26 13:34:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mi_\existcheck [2009-04-25 23:08:26 | 000,000,094 | -H-- | C] () -- C:\WINDOWS\System32\spv1_WCssg.ini [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-03-11 18:25:26 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\TheHunterSettings.cfg [2009-02-23 13:35:13 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\inst.exe [2009-02-11 14:41:45 | 000,107,832 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\PnkBstrB.exe [2009-01-24 16:23:19 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2009-01-24 16:23:19 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2009-01-05 21:31:48 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.ldb [2008-12-31 13:45:51 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-12-11 00:52:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-09 21:03:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mi_\Ÿ9Ÿ9 [2008-11-10 12:19:31 | 000,000,204 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\default.rss [2008-10-27 10:14:30 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-10-27 01:52:00 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI [2008-10-22 10:53:38 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\vso_ts_preview.xml [2008-10-22 10:52:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\pcouffin.cat [2008-10-22 10:52:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\pcouffin.inf [2008-10-09 00:08:24 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2008-09-18 21:44:28 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\mi_\Application Data\PnkBstrK.sys [2008-09-18 14:33:55 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll [2008-09-18 13:29:19 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008-09-18 13:29:19 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008-09-18 13:29:17 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008-09-18 13:29:17 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008-09-18 13:02:36 | 000,036,081 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008-09-18 13:02:01 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-09-18 13:01:52 | 000,035,690 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-09-18 13:01:52 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-09-18 11:57:10 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\mi_\ntuser.dat.LOG [2008-09-18 11:57:10 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\mi_\ntuser.ini [2006-11-06 23:49:36 | 000,000,302 | ---- | C] () -- C:\WINDOWS\primopdf.ini ========== LOP Check ========== [2009-04-05 23:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2009-08-29 15:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Divinity 2 [2010-02-25 19:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2008-10-27 01:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier [2009-10-20 22:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HighAndes [2009-07-18 11:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software [2010-02-25 19:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations [2008-10-27 01:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Megaupload [2010-01-25 23:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2008-12-15 23:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo [2009-03-20 11:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2009-03-20 10:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS [2009-04-03 11:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2008-11-11 19:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010-02-25 19:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2009-04-26 13:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2009-06-08 22:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games [2009-01-24 16:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel [2009-04-28 00:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2009-11-01 20:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2009-05-11 17:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Systweak [2009-09-13 21:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009-04-27 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TikGames [2009-02-06 15:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2008-09-18 21:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft [2008-11-01 19:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2009-07-11 11:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009-02-22 16:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2010-02-25 19:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PC Suite [2008-12-28 14:34:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\mi_\Application Data\.# [2009-01-16 13:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Audacity [2009-07-11 12:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\BraCa_Soft [2008-11-09 18:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Carnival Software [2009-08-25 01:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\CasaPortale.de [2009-03-06 10:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Civitas3 [2009-04-05 11:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\DAEMON Tools [2009-01-28 00:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Datalayer [2009-05-21 01:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\DMCache [2009-04-02 22:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\EmailNotifier [2009-04-23 00:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\funkitron [2009-10-24 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Got Game Entertainment [2009-10-20 22:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\HighAndes [2009-05-22 22:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\IDM [2009-07-18 11:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Individual Software [2009-08-28 10:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\IObit [2009-04-26 13:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\iWin [2008-10-27 01:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Megaupload [2009-10-15 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Mount&Blade [2009-08-15 14:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Mp3 Editor for Free [2009-08-09 16:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\NationRed [2009-04-03 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Nitro PDF [2010-02-25 19:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Nokia [2009-01-05 23:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\PC Suite [2009-04-26 13:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\PlayFirst [2010-04-03 13:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\SEGA [2009-11-01 18:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Sports Interactive [2009-01-14 12:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Styler [2009-09-16 12:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Super-Cow [2009-05-11 17:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Systweak [2009-02-12 22:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\temp [2009-02-21 16:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\The Creative Assembly [2009-04-30 19:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Thinstall [2009-04-27 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\TikGames [2009-02-06 15:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\TomTom [2009-12-02 17:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Tropico 3 [2010-04-06 21:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\uTorrent [2009-05-01 23:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Valusoft [2009-01-21 12:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\VitySoft [2010-04-06 19:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\Vso [2010-01-23 15:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mi_\Application Data\ZombieDriver ========== Purity Check ========== < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Abril 8, 2010 Boa Noite! muhrninho ################## | Upload | Favor enviar o arquivo : C:\UsbFix_Upload_Me_JOMI.zip : http://chiquitine.ch...mple/Upload.php Obrigado pela sua contribuição. <!> Contribua com os desenvolvedores da ferramenta UsbFix,enviando o arquivo em destaque. 00000000000000000000000 00000000000000000000000 <@> Faça escaneamento,online,em: '>http://www.eset.com/onlinescan/index.php"] <@> Ps: Utilize o navegador Internet Explorer. <@> Clique em: < > <@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar. <@> Marque a caixa: "YES, I accept the Terms of Use" --> Start. <@> Aceite a instalação do ActiveX --> Dê início ao scan. <@> Concluindo,poste o relatório: C:\Program Files\EsetOnlineScanner\log.txt 00000000000000000000000 00000000000000000000000 <@> Seu Java está desatualizado! <@> Faça download da última versão do Java Runtime Environment (JRE) 6u18. <@> Localize: "Java Runtime Environment (JRE) 6 Update 18" <@> Clique no botão Download. <@> Marque a opção que diz: "Accept License Agreement" <@> A página será atualizada! <@> Clique no link,para download do Windows Offline Installation --> Salve-o no desktop! <!> Ps: Para uma instalação mais rápida ( OnLine ),execute o arquivo jre-6u18-windows-i586-iftw. <!> Aguarde a conclusão! <@> Feche o IE ou Firefox + Programas que estejam sendo executados. <@> Vá em Iniciar --> Painel de Controle. <@> Em Adicionar ou Remover Programas;remova todas as antigas versões do Java. <@> Exemplos de antigas versões: < > Java 2 Runtime Environment, SE v1.4.2 < > J2SE Runtime Environment 5.0 < > J2SE Runtime Environment 6.0 Update 13 <@> Selecione qualquer item com nome: Java Runtime Environment (JRE ou J2SE) <@> Clique no botão Remover ou Alterar/Remover. <@> Repita quantas vezes for necessária,para remover cada versão do Java. <@> Concluindo,reinicie o computador! <@> Instale a nova versão,com um duplo clique em jre-6u18-windows-i586-p.exe <-- Versão OffLine! 00000000000000000000000 00000000000000000000000 <@> Abra o OTL.exe --> Clique em --> Aguarde! <@> Na solicitação,clique OK --> Reinicie o computador! <@> Concluindo,informe a situação do computador. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
muhrninho 0 Denunciar post Postado Abril 8, 2010 Boa tarde ESET Online Scanner Log: ESETSmartInstaller@High as CAB hook log:OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=e027ddd209d46d449d6c1ff79c41ce0d # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-04-08 10:50:11 # local_time=2010-04-08 11:50:11 (+0000, Hora de Verão de GMT) # country="Portugal" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 19344745 19344745 0 0 # compatibility_mode=769 16775125 100 98 277 207011774 0 0 # compatibility_mode=3073 16777213 80 100 4406074 42727398 0 0 # compatibility_mode=8192 67108863 100 0 88 88 0 0 # scanned=1145 # found=1 # cleaned=0 # scan_time=393 C:\UsbFix_Upload_Me_JOMI.zip multiple threats 00000000000000000000000000000000 I esets_scanner_update returned -1 esets_gle=53251 # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=e027ddd209d46d449d6c1ff79c41ce0d # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-04-08 10:54:59 # local_time=2010-04-08 11:54:59 (+0000, Hora de Verão de GMT) # country="Portugal" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 19345183 19345183 0 0 # compatibility_mode=769 16775125 100 98 218 207012212 0 0 # compatibility_mode=3073 16777213 80 100 4406512 42727836 0 0 # compatibility_mode=8192 67108863 100 0 526 526 0 0 # scanned=1128 # found=1 # cleaned=0 # scan_time=243 C:\UsbFix_Upload_Me_JOMI.zip multiple threats 00000000000000000000000000000000 I esets_scanner_update returned -1 esets_gle=53251 esets_scanner_update returned -1 esets_gle=53251 # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=e027ddd209d46d449d6c1ff79c41ce0d # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-04-08 03:16:57 # local_time=2010-04-08 04:16:57 (+0000, Hora de Verão de GMT) # country="Portugal" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 19350274 19350274 0 0 # compatibility_mode=769 16775125 100 98 41 207017303 2864 0 # compatibility_mode=3073 16777213 80 100 4411603 42732927 0 0 # compatibility_mode=8192 67108863 100 0 5617 5617 0 0 # scanned=156143 # found=14 # cleaned=0 # scan_time=10870 C:\UsbFix_Upload_Me_JOMI.zip multiple threats 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Ambiente de trabalho\PenClean.exe probably a variant of Win32/Spy.Agent trojan 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Ambiente de trabalho\Diversos\FreeStudio.exe Win32/Adware.ADON application 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Ambiente de trabalho\Diversos\mtxl_setup.rar probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Ambiente de trabalho\Diversos\Nero 9.0.9.4b__WWW.PIRATATUGA.NET\Nero-9.0.9.4b.exe Win32/Toolbar.AskSBar application 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Ambiente de trabalho\Diversos\Nitro.PDF.Professional.v5.3.3.6byCrazyMovie.www.theevolution.org\keygen.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I C:\Documents and Settings\mi_\Os meus documentos\Setups\unlocker1.8.7.exe a variant of Win32/Adware.ADON application 00000000000000000000000000000000 I C:\RECYCLER\S-1-5-21-842925246-492894223-839522115-1004\Dc34.com\Fraps 2.9.8 Build 7777 Setup.exe a variant of Win32/Injector.PV trojan 00000000000000000000000000000000 I C:\System Volume Information\_restore{AFDAA30C-77B2-45C5-9F36-DCA364F02BD4}\RP474\A0075849.exe probably a variant of Win32/Delf trojan 00000000000000000000000000000000 I C:\System Volume Information\_restore{AFDAA30C-77B2-45C5-9F36-DCA364F02BD4}\RP475\A0075897.exe probably a variant of Win32/Delf trojan 00000000000000000000000000000000 I C:\System Volume Information\_restore{AFDAA30C-77B2-45C5-9F36-DCA364F02BD4}\RP547\A0125359.exe a variant of Win32/Adware.ADON application 00000000000000000000000000000000 I C:\UsbFix\Quarantine\G\22yj2fy1.exe.UsbFix Win32/PSW.OnLineGames.NNU trojan 00000000000000000000000000000000 I C:\UsbFix\Quarantine\G\a2h2.com.UsbFix Win32/PSW.OnLineGames.NMY trojan 00000000000000000000000000000000 I C:\WINDOWS\Installer\f38f44.msi a variant of Win32/Adware.ADON application 00000000000000000000000000000000 I Desde que o controlador de Java foi actualizado a qualidade da imagem melhorou mas os freezes continuam, no entanto, os mesmos ocorrem com mais frequência quando estou a visualizar vídeos quer directamente do HD ou do Youtube (por exemplo). Nunca ocorreram enquanto jogava. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Abril 9, 2010 Boa Noite! muhrninho <@> Baixe: < > ( ...by sUBs ) <!> Link-2 --> < ForoSpyware > <!> Link-3 --> < GeeksToGo > <@> Salve-o no desktop! <@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! ) <@> Feche todas as janelas e execute a ferramenta! <@> Ps: A execução,por comando,também é possível: <@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall <@> Clique em Ok. <@> Na janela: "Contrato de garantia de software" --> Clique em Sim! <@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo! <@> Terminando,clique Sim ou Yes. --> Aguarde! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download. <!> Salve-a no desktop,renomeada como: Kombo.exe <!> Ps: Nomeie durante o salvamento,e não após salvá-la! <!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link! <!> Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação: <!> Ps: Anote essas detecções,e dê o OK. <!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde! <!> Ps: Evite executar,voluntariamente,esta ferramenta! <!> Ps: Para evitar problemas,siga todas as recomendações propostas. <!> Ps: ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <@> Abrir-se-á a janela Auto Scan. --> Aguarde! <@> Para finalizar remoções,o ComboFix poderá reiniciar o computador. <@> Se houver necessidade,digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão! <@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante! <@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter! <@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
muhrninho 0 Denunciar post Postado Abril 9, 2010 Bom dia, HiJackThis Log: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:35:08, on 09-04-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programas\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Alwil Software\Avast4\aswUpdSv.exe C:\Programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Java\jre6\bin\jqs.exe C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Alwil Software\Avast4\ashMaiSv.exe C:\Programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Programas\Stardock\ObjectDock\ObjectDock.exe C:\Programas\Mozilla Firefox\firefox.exe C:\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [startCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programas\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Programas\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programas\COMODO\Firewall\cmdagent.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia - C:\Programas\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe (file missing) -- End of file - 7421 bytes ComboFix Log: ComboFix 10-04-08.02 - mi_ 09-04-2010 10:25:14.5.2 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.351.2070.18.2047.1437 [GMT 1:00] Executando de: c:\documents and settings\mi_\Ambiente de trabalho\kombo.exe AV: avast! antivirus 4.8.1368 [VPS 100409-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\mi_\Application Data\.# c:\documents and settings\mi_\Application Data\.#\MBX@DBC@3837C8.### c:\documents and settings\mi_\Application Data\.#\MBX@DBC@3837D8.### c:\documents and settings\mi_\Application Data\inst.exe . (((((((((((((((( Arquivos/Ficheiros criados de 2010-03-09 to 2010-04-09 )))))))))))))))))))))))))))) . 2010-04-08 16:43 . 2010-04-08 16:43 79488 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\jre1.6.0_19\gtapi.dll 2010-04-08 16:10 . 2010-04-08 16:10 -------- d-----w- c:\programas\Ficheiros comuns\Java 2010-04-08 16:10 . 2010-04-08 16:10 503808 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3afe7256-n\msvcp71.dll 2010-04-08 16:10 . 2010-04-08 16:10 499712 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3afe7256-n\jmc.dll 2010-04-08 16:10 . 2010-04-08 16:10 348160 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3afe7256-n\msvcr71.dll 2010-04-08 16:09 . 2010-04-08 16:09 61440 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-53570719-n\decora-sse.dll 2010-04-08 16:09 . 2010-04-08 16:09 12800 ----a-w- c:\documents and settings\mi_\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-53570719-n\decora-d3d.dll 2010-04-08 10:42 . 2010-04-08 10:42 -------- d-----w- c:\programas\ESET 2010-04-08 10:29 . 2010-04-08 10:30 -------- dc-h--w- c:\windows\ie8 2010-04-07 20:23 . 2010-04-07 20:23 10134 ----a-r- c:\documents and settings\mi_\Application Data\Microsoft\Installer\{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}\ARPPRODUCTICON.exe 2010-04-07 20:23 . 2010-04-08 09:20 -------- d-----w- c:\programas\ATI 2010-04-07 11:17 . 2010-04-07 11:17 198360 ----a-w- C:\UsbFix_Upload_Me_JOMI.zip 2010-04-07 11:09 . 2010-04-07 11:17 -------- d-----w- C:\UsbFix 2010-04-06 20:03 . 2010-04-06 20:03 -------- d-----w- c:\windows\system32\wbem\Repository 2010-04-06 20:00 . 2010-04-06 20:00 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-04-06 19:53 . 2010-04-06 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI(2) 2010-04-05 15:50 . 2010-03-03 03:20 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-04-03 12:39 . 2010-04-03 12:39 -------- d-----w- c:\documents and settings\mi_\Application Data\SEGA 2010-03-26 16:25 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-03-25 16:06 . 2010-04-03 11:28 439816 ----a-w- c:\documents and settings\mi_\Application Data\Real\Update\setup3.10\setup.exe 2010-03-18 13:15 . 2010-02-04 10:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-03-18 13:15 . 2010-02-04 10:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-03-18 13:15 . 2010-02-04 10:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-03-18 13:15 . 2010-02-04 10:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-03-18 12:16 . 2010-03-18 12:16 -------- d-----w- c:\programas\THQ . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-08 21:12 . 2009-05-22 21:28 -------- d-----w- c:\programas\Steam 2010-04-08 18:14 . 2009-08-29 14:55 -------- d-----w- c:\programas\Ficheiros comuns\Wise Installation Wizard 2010-04-08 18:13 . 2008-09-18 13:35 -------- d-----w- c:\programas\Google 2010-04-08 16:45 . 2009-01-21 11:41 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-04-08 16:45 . 2010-02-16 15:17 21535 ----a-w- c:\documents and settings\mi_\Application Data\settings.dat 2010-04-08 16:44 . 2001-11-20 12:00 83684 ----a-w- c:\windows\system32\perfc016.dat 2010-04-08 16:44 . 2001-11-20 12:00 487978 ----a-w- c:\windows\system32\perfh016.dat 2010-04-08 16:23 . 2009-10-23 10:19 210808 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT 2010-04-08 10:13 . 2008-10-13 18:53 -------- d-----w- c:\programas\Unlocker 2010-04-07 20:25 . 2008-12-31 12:43 -------- d-----w- c:\programas\ATI Technologies 2010-04-07 20:12 . 2008-09-18 12:16 -------- d--h--w- c:\programas\InstallShield Installation Information 2010-04-07 17:25 . 2008-10-22 09:52 -------- d-----w- c:\documents and settings\mi_\Application Data\Vso 2010-04-06 20:10 . 2009-04-05 21:26 -------- d-----w- c:\documents and settings\mi_\Application Data\uTorrent 2010-04-06 20:02 . 2008-12-04 10:58 -------- d-----w- c:\programas\Malwarebytes' Anti-Malware 2010-04-06 13:48 . 2008-09-18 12:41 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-05 19:05 . 2008-09-18 13:34 -------- d-----w- c:\programas\CCleaner 2010-03-14 18:39 . 2009-05-14 20:14 -------- d-----w- c:\documents and settings\mi_\Application Data\teamspeak2 2010-03-11 22:47 . 2008-09-19 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-03-03 04:21 . 2004-08-04 07:38 4630016 ----a-w- c:\windows\system32\drivers\ati2mtag.sys 2010-03-03 04:07 . 2010-04-07 20:24 311296 ----a-w- c:\windows\system32\atiiiexx.dll 2010-03-03 04:02 . 2010-04-07 20:24 45056 ----a-w- c:\windows\system32\aticalrt.dll 2010-03-03 04:02 . 2010-04-07 20:24 45056 ----a-w- c:\windows\system32\aticalcl.dll 2010-03-03 04:01 . 2010-04-07 20:24 3641344 ----a-w- c:\windows\system32\aticaldd.dll 2010-03-03 03:44 . 2010-04-07 20:24 14262272 ----a-w- c:\windows\system32\atioglxx.dll 2010-03-03 03:40 . 2010-04-07 20:24 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-03-03 03:40 . 2008-12-31 12:42 446464 ----a-w- c:\windows\system32\ATIDEMGX(9).dll 2010-03-03 03:40 . 2008-12-31 12:42 446464 ----a-w- c:\windows\system32\ATIDEMGX(8).dll 2010-03-03 03:40 . 2008-12-31 12:42 446464 ----a-w- c:\windows\system32\ATIDEMGX(7).dll 2010-03-03 03:40 . 2008-12-31 12:42 446464 ----a-w- c:\windows\system32\ATIDEMGX(11).dll 2010-03-03 03:40 . 2008-12-31 12:42 446464 ----a-w- c:\windows\system32\ATIDEMGX(10).dll 2010-03-03 03:40 . 2010-04-07 20:24 3616096 ----a-w- c:\windows\system32\ati3duag.dll 2010-03-03 03:39 . 2010-04-07 20:24 301056 ----a-w- c:\windows\system32\ati2dvag.dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(9).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(8).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(2)(2).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(16).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(15).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(14).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(13).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(12).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(11).dll 2010-03-03 03:39 . 2004-08-04 07:56 301056 ----a-w- c:\windows\system32\ati2dvag(10).dll 2010-03-03 03:24 . 2009-04-29 02:07 208896 ----a-w- c:\windows\system32\atipdlxx.dll 2010-03-03 03:24 . 2010-04-07 20:24 2232320 ----a-w- c:\windows\system32\ativvaxx.dll 2010-03-03 03:24 . 2010-04-07 20:24 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2010-03-03 03:24 . 2010-04-07 20:24 887724 ----a-w- c:\windows\system32\ativva6x.dat 2010-03-03 03:24 . 2010-04-07 20:24 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2010-03-03 03:24 . 2010-04-07 20:24 3 ----a-w- c:\windows\system32\ativva5x.dat 2010-03-03 03:24 . 2009-04-29 02:06 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-03-03 03:23 . 2010-04-07 20:24 159744 ----a-w- c:\windows\system32\ati2evxx.dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(9).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(8).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(17).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(16).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(15).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(14).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(13).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(12).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(11).dll 2010-03-03 03:23 . 2008-08-21 02:07 159744 ----a-w- c:\windows\system32\ati2evxx(10).dll 2010-03-03 03:22 . 2009-04-29 02:04 602112 ----a-w- c:\windows\system32\ati2evxx.exe 2010-03-03 03:21 . 2010-04-07 20:24 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2010-03-03 03:16 . 2010-04-07 20:24 565248 ----a-w- c:\windows\system32\atikvmag.dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(9).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(8).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(2)(2).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(16).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(15).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(14).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(13).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(12).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(11).dll 2010-03-03 03:16 . 2008-08-21 01:19 565248 ----a-w- c:\windows\system32\atikvmag(10).dll 2010-03-03 03:15 . 2010-04-07 20:24 184320 ----a-w- c:\windows\system32\atiadlxx.dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(9).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(8).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(2)(2).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(16).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(15).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(14).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(13).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(12).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(11).dll 2010-03-03 03:15 . 2008-08-21 01:18 184320 ----a-w- c:\windows\system32\atiadlxx(10).dll 2010-03-03 03:14 . 2010-04-07 20:24 17408 ----a-w- c:\windows\system32\atitvo32.dll 2010-03-03 03:14 . 2010-04-07 20:24 393216 ----a-w- c:\windows\system32\atiok3x2.dll 2010-03-03 03:09 . 2010-04-07 20:24 638976 ----a-w- c:\windows\system32\ati2cqag.dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(9).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(8).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(2)(2).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(16).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(15).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(14).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(13).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(12).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(11).dll 2010-03-03 03:09 . 2004-08-04 07:56 638976 ----a-w- c:\windows\system32\ati2cqag(10).dll 2010-03-03 03:07 . 2010-04-07 20:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-03-03 03:07 . 2010-04-07 20:24 65024 ----a-w- c:\windows\system32\atimpc32.dll 2010-03-03 03:07 . 2010-04-07 20:24 65024 ----a-w- c:\windows\system32\amdpcom32.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\programas\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] "PC Suite Tray"="c:\programas\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-06-03 5964800] "StartCCC"="c:\programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440] "COMODO Internet Security"="c:\programas\COMODO\Firewall\cfp.exe" [2010-02-15 1800464] "GrooveMonitor"="c:\programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\mi_\Menu Iniciar\Programas\Arranque\ Stardock ObjectDock.lnk - c:\programas\Stardock\ObjectDock\ObjectDock.exe [2008-9-18 3450608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Arranque^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-12-11 15:57 948672 ----a-r- c:\programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-22 01:57 35760 ----a-w- c:\programas\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Firewall Pro] 2010-02-15 11:24 1800464 ----a-w- c:\programas\COMODO\Firewall\cfp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security] 2010-02-15 11:24 1800464 ----a-w- c:\programas\COMODO\Firewall\cfp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 16:09 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\programas\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2007-10-14 21:17 49152 ----a-w- c:\programas\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2007-08-22 16:31 80896 ----a-w- c:\programas\HP\Digital Imaging\bin\HpqSRmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nitro PDF Printer Monitor] 2008-06-04 12:55 210208 ----a-w- c:\programas\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OFFICEKB] 2009-01-27 13:49 387584 ----a-w- c:\programas\Labtec\Keyboard\V5.1\KBDAP32A.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 10:57 1451520 ----a-w- c:\programas\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-01-21 11:41 136600 ----a-w- c:\programas\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-09-27 17:07 198160 ----a-w- c:\programas\Ficheiros comuns\Real\Update_OB\realsched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "wmsncs.exe"= wmsncs.exe:SYSTEM "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Programas\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Programas\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Programas\\Messenger\\msmsgs.exe"= "c:\\Programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Documents and Settings\\mi_\\Ambiente de trabalho\\utorrent.exe"= "c:\\Programas\\Skype\\Phone\\Skype.exe"= "c:\\Programas\\Sports Interactive\\Football Manager 2010\\fm.exe"= "c:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programas\\Steam\\Steam.exe"= "c:\\Programas\\Steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8080:TCP"= 8080:TCP:PORT1 "8081:TCP"= 8081:TCP:PORT2 "1013:TCP"= 1013:TCP:BS "4799:TCP"= 4799:TCP:FD "1288:TCP"= 1288:TCP:FD "3232:TCP"= 3232:TCP:FD [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [10-06-2008 11:33 150568] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [18-09-2008 14:28 114768] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [03-11-2008 21:56 134344] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [03-11-2008 21:56 25160] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18-09-2008 14:28 20560] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27-10-2008 10:14 717296] S2 gupdate;Google Update Service (gupdate);c:\programas\Google\Update\GoogleUpdate.exe [27-12-2009 14:37 135664] S3 BCASPROT;Advanced System Protector;\??\c:\programas\Systweak\Advanced System Protector\sasprot32.sys --> c:\programas\Systweak\Advanced System Protector\sasprot32.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Conteúdo da pasta 'Tarefas Agendadas' 2010-03-30 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2010-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programas\Google\Update\GoogleUpdate.exe [2009-12-27 13:37] 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programas\Google\Update\GoogleUpdate.exe [2009-12-27 13:37] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.google.com/ IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\mi_\Application Data\Mozilla\Firefox\Profiles\suyxigjp.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.newgrounds.com/ FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll FF - plugin: c:\programas\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\programas\Microsoft\Office Live\npOLW.dll FF - plugin: c:\programas\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\programas\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - fales FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\programas\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\programas\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\programas\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORFÃOS REMOVIDOS - - - - MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE MSConfigStartUp-TomTomHOME - c:\programas\TomTom HOME 2\TomTomHOMERunner.exe AddRemove-Unlocker - c:\programas\Unlocker\uninst.exe AddRemove-uTorrent - c:\programas\uTorrent\uTorrent.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-09 10:30 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="" "ScreenshotsDir"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\Football Manager 2010\\" "HistoryDir"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\FM Genie Scout 10\\History Points" "LangDB"="c:\\Programas\\Sports Interactive\\Football Manager 2010\\data\\db\\1000\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\Football Manager 2010\\games\\S.L.Benfica.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:0000006e "UniqueID"="35-E480-EFBF" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2008] "ShortlistDir"="" "LangDB"="c:\\Programas\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\mi_\\Os meus documentos\\Sports Interactive\\Football Manager 2008\\games\\Braga & Desempregado.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000001 "MinCondition"=dword:00000050 "SkinID"=dword:00000002 "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "WindowState"=dword:00000002 "WindowHeight"=dword:0000026d "WindowWidth"=dword:000003fc "WindowLeft"=dword:00000002 "WindowTop"=dword:0000004a "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000032 "Position4"=dword:00000004 "Visible4"=dword:00000001 "Width4"=dword:00000032 "Position5"=dword:00000005 "Visible5"=dword:00000001 "Width5"=dword:00000050 "Position6"=dword:00000006 "Visible6"=dword:00000001 "Width6"=dword:00000050 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000002d "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000001e "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000001e "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000001e "Position13"=dword:0000000d "Visible13"=dword:00000001 "Width13"=dword:0000003c "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000032 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:00000032 "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000032 "Position17"=dword:00000011 "Visible17"=dword:00000001 "Width17"=dword:00000050 "Position18"=dword:00000012 "Visible18"=dword:00000001 "Width18"=dword:00000050 "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000037 "Position4"=dword:00000008 "Visible4"=dword:00000001 "Width4"=dword:00000023 "Position5"=dword:00000009 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:0000000a "Visible6"=dword:00000001 "Width6"=dword:00000037 "Position7"=dword:0000000c "Visible7"=dword:00000001 "Width7"=dword:0000004b "Position8"=dword:0000000d "Visible8"=dword:00000001 "Width8"=dword:0000004b "Position9"=dword:0000000e "Visible9"=dword:00000001 "Width9"=dword:00000050 "Position10"=dword:00000010 "Visible10"=dword:00000000 "Width10"=dword:00000050 "Position11"=dword:00000011 "Visible11"=dword:00000000 "Width11"=dword:0000004b "Position12"=dword:00000012 "Visible12"=dword:00000000 "Width12"=dword:0000002d "Position13"=dword:00000013 "Visible13"=dword:00000000 "Width13"=dword:0000003c "Position14"=dword:00000014 "Visible14"=dword:00000000 "Width14"=dword:0000004b "Position15"=dword:00000015 "Visible15"=dword:00000000 "Width15"=dword:00000064 "Position16"=dword:00000016 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000017 "Visible17"=dword:00000000 "Width17"=dword:0000004b "Position18"=dword:00000018 "Visible18"=dword:00000000 "Width18"=dword:00000064 "Position19"=dword:00000019 "Visible19"=dword:00000000 "Width19"=dword:0000003c "Position20"=dword:0000001a "Visible20"=dword:00000000 "Width20"=dword:0000004b "Position21"=dword:0000001b "Visible21"=dword:00000000 "Width21"=dword:00000050 "Position22"=dword:0000001c "Visible22"=dword:00000000 "Width22"=dword:00000073 "Position23"=dword:0000001d "Visible23"=dword:00000000 "Width23"=dword:00000050 "Position24"=dword:0000001e "Visible24"=dword:00000000 "Width24"=dword:0000005a "Position25"=dword:0000001f "Visible25"=dword:00000000 "Width25"=dword:0000006e "Position26"=dword:00000020 "Visible26"=dword:00000000 "Width26"=dword:00000064 "Position27"=dword:00000021 "Visible27"=dword:00000000 "Width27"=dword:00000087 "Position28"=dword:00000022 "Visible28"=dword:00000000 "Width28"=dword:00000064 "Position29"=dword:00000023 "Visible29"=dword:00000000 "Width29"=dword:00000064 "Position30"=dword:00000024 "Visible30"=dword:00000000 "Width30"=dword:00000046 "Position31"=dword:00000025 "Visible31"=dword:00000000 "Width31"=dword:0000004b "Position32"=dword:00000026 "Visible32"=dword:00000000 "Width32"=dword:00000046 "Position33"=dword:00000027 "Visible33"=dword:00000000 "Width33"=dword:0000004b "Position34"=dword:00000028 "Visible34"=dword:00000000 "Width34"=dword:0000003c "Position35"=dword:0000002a "Visible35"=dword:00000000 "Width35"=dword:00000064 "Position36"=dword:0000002e "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000030 "Visible37"=dword:00000000 "Width37"=dword:0000005f "Position38"=dword:00000033 "Visible38"=dword:00000000 "Width38"=dword:00000091 "Position39"=dword:00000035 "Visible39"=dword:00000000 "Width39"=dword:0000003c "Position40"=dword:0000002c "Visible40"=dword:00000000 "Width40"=dword:0000005a "Position41"=dword:00000036 "Visible41"=dword:00000000 "Width41"=dword:00000041 "Position42"=dword:00000029 "Visible42"=dword:00000000 "Width42"=dword:00000050 "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000055 "Position44"=dword:0000002d "Visible44"=dword:00000000 "Width44"=dword:0000005f "Position45"=dword:00000037 "Visible45"=dword:00000000 "Width45"=dword:00000050 "Position46"=dword:00000038 "Visible46"=dword:00000000 "Width46"=dword:0000004b "Position47"=dword:00000039 "Visible47"=dword:00000000 "Width47"=dword:0000004b "Position48"=dword:0000003a "Visible48"=dword:00000000 "Width48"=dword:00000046 "Position49"=dword:0000003b "Visible49"=dword:00000000 "Width49"=dword:00000032 "Position50"=dword:0000003c "Visible50"=dword:00000000 "Width50"=dword:0000003c "Position51"=dword:0000003d "Visible51"=dword:00000000 "Width51"=dword:0000004b "Position52"=dword:0000003e "Visible52"=dword:00000000 "Width52"=dword:0000003c "Position53"=dword:0000003f "Visible53"=dword:00000000 "Width53"=dword:00000037 "Position54"=dword:00000040 "Visible54"=dword:00000000 "Width54"=dword:00000069 "Position55"=dword:00000041 "Visible55"=dword:00000000 "Width55"=dword:0000005a "Position56"=dword:00000044 "Visible56"=dword:00000000 "Width56"=dword:0000004b "Position57"=dword:00000045 "Visible57"=dword:00000000 "Width57"=dword:0000004b "Position58"=dword:00000046 "Visible58"=dword:00000000 "Width58"=dword:00000037 "Position59"=dword:00000047 "Visible59"=dword:00000000 "Width59"=dword:0000003c "Position60"=dword:00000048 "Visible60"=dword:00000000 "Width60"=dword:0000003c "Position61"=dword:00000049 "Visible61"=dword:00000000 "Width61"=dword:00000041 "Position62"=dword:0000004a "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000004b "Visible63"=dword:00000000 "Width63"=dword:0000003c "Position64"=dword:0000004c "Visible64"=dword:00000000 "Width64"=dword:0000003c "Position65"=dword:0000004d "Visible65"=dword:00000000 "Width65"=dword:0000004b "Position66"=dword:0000004e "Visible66"=dword:00000000 "Width66"=dword:0000003c "Position67"=dword:0000004f "Visible67"=dword:00000000 "Width67"=dword:00000046 "Position68"=dword:00000050 "Visible68"=dword:00000000 "Width68"=dword:00000028 "Position69"=dword:00000051 "Visible69"=dword:00000000 "Width69"=dword:00000041 "Position70"=dword:00000052 "Visible70"=dword:00000000 "Width70"=dword:0000003c "Position71"=dword:00000053 "Visible71"=dword:00000000 "Width71"=dword:00000069 "Position72"=dword:00000054 "Visible72"=dword:00000000 "Width72"=dword:00000041 "Position73"=dword:00000055 "Visible73"=dword:00000000 "Width73"=dword:0000005f "Position74"=dword:00000056 "Visible74"=dword:00000000 "Width74"=dword:0000003c "Position75"=dword:00000057 "Visible75"=dword:00000000 "Width75"=dword:00000037 "Position76"=dword:00000058 "Visible76"=dword:00000000 "Width76"=dword:0000004b "Position77"=dword:00000059 "Visible77"=dword:00000000 "Width77"=dword:00000050 "Position78"=dword:0000005a "Visible78"=dword:00000000 "Width78"=dword:00000037 "Position79"=dword:0000005b "Visible79"=dword:00000000 "Width79"=dword:00000037 "Position80"=dword:0000005c "Visible80"=dword:00000000 "Width80"=dword:0000005a "Position81"=dword:0000005d "Visible81"=dword:00000000 "Width81"=dword:0000004b "Position82"=dword:0000005e "Visible82"=dword:00000000 "Width82"=dword:00000055 "Position83"=dword:0000005f "Visible83"=dword:00000000 "Width83"=dword:0000002d "Position84"=dword:00000060 "Visible84"=dword:00000000 "Width84"=dword:00000037 "Position85"=dword:00000061 "Visible85"=dword:00000000 "Width85"=dword:0000003c "Position86"=dword:00000062 "Visible86"=dword:00000000 "Width86"=dword:00000046 "Position87"=dword:00000063 "Visible87"=dword:00000000 "Width87"=dword:0000003c "Position88"=dword:00000064 "Visible88"=dword:00000000 "Width88"=dword:0000005a "Position89"=dword:00000065 "Visible89"=dword:00000000 "Width89"=dword:0000003c "Position90"=dword:00000066 "Visible90"=dword:00000000 "Width90"=dword:00000050 "Position91"=dword:00000067 "Visible91"=dword:00000000 "Width91"=dword:00000046 "Position92"=dword:00000068 "Visible92"=dword:00000000 "Width92"=dword:0000005a "Position93"=dword:00000069 "Visible93"=dword:00000000 "Width93"=dword:00000037 "Position94"=dword:0000006a "Visible94"=dword:00000000 "Width94"=dword:0000003c "Position95"=dword:0000006b "Visible95"=dword:00000000 "Width95"=dword:0000003c "Position96"=dword:0000006c "Visible96"=dword:00000000 "Width96"=dword:00000046 "Position97"=dword:0000006d "Visible97"=dword:00000000 "Width97"=dword:00000046 "Position98"=dword:0000006e "Visible98"=dword:00000000 "Width98"=dword:00000055 "Position99"=dword:0000006f "Visible99"=dword:00000000 "Width99"=dword:00000073 "Position100"=dword:00000042 "Visible100"=dword:00000000 "Width100"=dword:00000041 "Position101"=dword:00000070 "Visible101"=dword:00000000 "Width101"=dword:0000003c "Position102"=dword:00000071 "Visible102"=dword:00000000 "Width102"=dword:0000003c "Position103"=dword:00000072 "Visible103"=dword:00000000 "Width103"=dword:00000046 "Position104"=dword:00000073 "Visible104"=dword:00000000 "Width104"=dword:0000003c "Position105"=dword:00000074 "Visible105"=dword:00000000 "Width105"=dword:00000041 "Position106"=dword:0000000f "Visible106"=dword:00000001 "Width106"=dword:00000050 "Position107"=dword:0000000b "Visible107"=dword:00000001 "Width107"=dword:00000028 "Position108"=dword:00000043 "Visible108"=dword:00000000 "Width108"=dword:00000050 "Position109"=dword:0000002f "Visible109"=dword:00000000 "Width109"=dword:00000050 "Position110"=dword:00000031 "Visible110"=dword:00000000 "Width110"=dword:00000055 "Position111"=dword:00000032 "Visible111"=dword:00000000 "Width111"=dword:00000082 "Position112"=dword:00000034 "Visible112"=dword:00000000 "Width112"=dword:00000087 "Position113"=dword:00000075 "Visible113"=dword:00000000 "Width113"=dword:00000050 "Position114"=dword:00000076 "Visible114"=dword:00000000 "Width114"=dword:00000050 "Position115"=dword:00000077 "Visible115"=dword:00000000 "Width115"=dword:00000050 "Position116"=dword:00000078 "Visible116"=dword:00000000 "Width116"=dword:00000050 "Position117"=dword:00000079 "Visible117"=dword:00000000 "Width117"=dword:00000050 "Position118"=dword:0000007a "Visible118"=dword:00000000 "Width118"=dword:00000050 "Position119"=dword:0000007b "Visible119"=dword:00000000 "Width119"=dword:00000050 "Position120"=dword:0000007c "Visible120"=dword:00000000 "Width120"=dword:00000050 "Position121"=dword:0000007d "Visible121"=dword:00000000 "Width121"=dword:00000050 "Position122"=dword:0000007e "Visible122"=dword:00000000 "Width122"=dword:00000050 "Position123"=dword:0000007f "Visible123"=dword:00000000 "Width123"=dword:00000050 "Position124"=dword:00000080 "Visible124"=dword:00000000 "Width124"=dword:00000050 "Position125"=dword:00000081 "Visible125"=dword:00000000 "Width125"=dword:00000050 "Position126"=dword:00000082 "Visible126"=dword:00000000 "Width126"=dword:00000050 "Position127"=dword:00000083 "Visible127"=dword:00000000 "Width127"=dword:00000050 "Position128"=dword:00000084 "Visible128"=dword:00000000 "Width128"=dword:00000050 "Position129"=dword:00000085 "Visible129"=dword:00000000 "Width129"=dword:00000050 "Position130"=dword:00000086 "Visible130"=dword:00000000 "Width130"=dword:00000050 "Position131"=dword:00000087 "Visible131"=dword:00000000 "Width131"=dword:00000050 "Position132"=dword:00000088 "Visible132"=dword:00000000 "Width132"=dword:00000050 "Position133"=dword:00000089 "Visible133"=dword:00000000 "Width133"=dword:00000050 "Position134"=dword:0000008a "Visible134"=dword:00000000 "Width134"=dword:00000050 "Position135"=dword:0000008b "Visible135"=dword:00000000 "Width135"=dword:00000050 "Position136"=dword:0000008c "Visible136"=dword:00000000 "Width136"=dword:00000050 "Position137"=dword:0000008d "Visible137"=dword:00000000 "Width137"=dword:00000050 "Position138"=dword:0000008e "Visible138"=dword:00000000 "Width138"=dword:00000050 "Position139"=dword:0000008f "Visible139"=dword:00000000 "Width139"=dword:00000050 "Position140"=dword:00000090 "Visible140"=dword:00000000 "Width140"=dword:00000050 "Position141"=dword:00000091 "Visible141"=dword:00000000 "Width141"=dword:00000050 "Position142"=dword:00000092 "Visible142"=dword:00000000 "Width142"=dword:00000050 "Position143"=dword:00000093 "Visible143"=dword:00000000 "Width143"=dword:00000050 "Position144"=dword:00000094 "Visible144"=dword:00000000 "Width144"=dword:00000050 "Position145"=dword:00000095 "Visible145"=dword:00000000 "Width145"=dword:00000050 "Position146"=dword:00000004 "Visible146"=dword:00000000 "Width146"=dword:00000037 "Position147"=dword:00000005 "Visible147"=dword:00000000 "Width147"=dword:00000028 "Position148"=dword:00000006 "Visible148"=dword:00000000 "Width148"=dword:00000037 "Position149"=dword:00000007 "Visible149"=dword:00000001 "Width149"=dword:0000003a [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000069 "Position4"=dword:00000005 "Visible4"=dword:00000001 "Width4"=dword:00000028 "Position5"=dword:00000006 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:00000004 "Visible6"=dword:00000001 "Width6"=dword:00000028 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000004b "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000002d "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000003c "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000004b "Position13"=dword:0000000d "Visible13"=dword:00000000 "Width13"=dword:00000064 "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000064 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:0000004b "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000011 "Visible17"=dword:00000000 "Width17"=dword:0000003c "Position18"=dword:00000012 "Visible18"=dword:00000000 "Width18"=dword:0000004b "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 "Position20"=dword:00000014 "Visible20"=dword:00000000 "Width20"=dword:00000046 "Position21"=dword:00000015 "Visible21"=dword:00000000 "Width21"=dword:0000004b "Position22"=dword:00000016 "Visible22"=dword:00000000 "Width22"=dword:00000046 "Position23"=dword:00000017 "Visible23"=dword:00000000 "Width23"=dword:00000046 "Position24"=dword:00000018 "Visible24"=dword:00000000 "Width24"=dword:0000003c "Position25"=dword:00000019 "Visible25"=dword:00000000 "Width25"=dword:00000041 "Position26"=dword:0000001a "Visible26"=dword:00000000 "Width26"=dword:0000003c "Position27"=dword:0000001b "Visible27"=dword:00000000 "Width27"=dword:00000055 "Position28"=dword:0000001c "Visible28"=dword:00000000 "Width28"=dword:00000069 "Position29"=dword:0000001d "Visible29"=dword:00000000 "Width29"=dword:0000006e "Position30"=dword:0000001e "Visible30"=dword:00000000 "Width30"=dword:00000064 "Position31"=dword:0000001f "Visible31"=dword:00000000 "Width31"=dword:00000078 "Position32"=dword:00000020 "Visible32"=dword:00000000 "Width32"=dword:00000064 "Position33"=dword:00000021 "Visible33"=dword:00000000 "Width33"=dword:00000087 "Position34"=dword:00000022 "Visible34"=dword:00000000 "Width34"=dword:00000069 "Position35"=dword:00000023 "Visible35"=dword:00000000 "Width35"=dword:0000006e "Position36"=dword:00000024 "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000025 "Visible37"=dword:00000000 "Width37"=dword:0000004b "Position38"=dword:00000026 "Visible38"=dword:00000000 "Width38"=dword:0000002d "Position39"=dword:00000027 "Visible39"=dword:00000000 "Width39"=dword:00000055 "Position40"=dword:00000028 "Visible40"=dword:00000000 "Width40"=dword:00000046 "Position41"=dword:00000029 "Visible41"=dword:00000000 "Width41"=dword:0000004b "Position42"=dword:0000002a "Visible42"=dword:00000000 "Width42"=dword:0000003c "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000046 "Position44"=dword:0000002c "Visible44"=dword:00000000 "Width44"=dword:00000073 "Position45"=dword:0000002d "Visible45"=dword:00000000 "Width45"=dword:0000004b "Position46"=dword:0000002e "Visible46"=dword:00000000 "Width46"=dword:00000073 "Position47"=dword:0000002f "Visible47"=dword:00000000 "Width47"=dword:0000007d "Position48"=dword:00000030 "Visible48"=dword:00000000 "Width48"=dword:0000006e "Position49"=dword:00000031 "Visible49"=dword:00000000 "Width49"=dword:00000037 "Position50"=dword:00000032 "Visible50"=dword:00000000 "Width50"=dword:00000064 "Position51"=dword:00000033 "Visible51"=dword:00000000 "Width51"=dword:00000037 "Position52"=dword:00000034 "Visible52"=dword:00000000 "Width52"=dword:0000004b "Position53"=dword:00000035 "Visible53"=dword:00000000 "Width53"=dword:00000046 "Position54"=dword:00000036 "Visible54"=dword:00000000 "Width54"=dword:00000037 "Position55"=dword:00000037 "Visible55"=dword:00000000 "Width55"=dword:0000003c "Position56"=dword:00000038 "Visible56"=dword:00000000 "Width56"=dword:00000055 "Position57"=dword:00000039 "Visible57"=dword:00000000 "Width57"=dword:0000003c "Position58"=dword:0000003a "Visible58"=dword:00000000 "Width58"=dword:0000003c "Position59"=dword:0000003b "Visible59"=dword:00000000 "Width59"=dword:00000055 "Position60"=dword:0000003c "Visible60"=dword:00000000 "Width60"=dword:00000046 "Position61"=dword:0000003d "Visible61"=dword:00000000 "Width61"=dword:0000004b "Position62"=dword:0000003e "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000003f "Visible63"=dword:00000000 "Width63"=dword:0000005a "Position64"=dword:00000040 "Visible64"=dword:00000000 "Width64"=dword:0000006e "Position65"=dword:00000041 "Visible65"=dword:00000000 "Width65"=dword:00000050 "Position66"=dword:00000042 "Visible66"=dword:00000000 "Width66"=dword:00000032 "Position67"=dword:00000043 "Visible67"=dword:00000000 "Width67"=dword:00000064 "Position68"=dword:00000044 "Visible68"=dword:00000000 "Width68"=dword:0000004b "Position69"=dword:00000045 "Visible69"=dword:00000000 "Width69"=dword:0000002d "Position70"=dword:00000046 "Visible70"=dword:00000000 "Width70"=dword:0000004b "Position71"=dword:00000047 "Visible71"=dword:00000000 "Width71"=dword:0000005a "Position72"=dword:00000048 "Visible72"=dword:00000000 "Width72"=dword:0000005a "Position73"=dword:00000049 "Visible73"=dword:00000000 "Width73"=dword:00000050 "Position74"=dword:0000004a "Visible74"=dword:00000000 "Width74"=dword:0000004b "Position75"=dword:0000004b "Visible75"=dword:00000000 "Width75"=dword:00000050 "Position76"=dword:0000004c "Visible76"=dword:00000000 "Width76"=dword:0000005a "Position77"=dword:0000004d "Visible77"=dword:00000000 "Width77"=dword:00000041 "Position78"=dword:0000004e "Visible78"=dword:00000000 "Width78"=dword:00000041 "Position79"=dword:0000004f "Visible79"=dword:00000000 "Width79"=dword:00000041 "Position80"=dword:00000050 "Visible80"=dword:00000000 "Width80"=dword:00000041 "Position81"=dword:00000051 "Visible81"=dword:00000000 "Width81"=dword:00000041 "Position82"=dword:00000052 "Visible82"=dword:00000000 "Width82"=dword:00000041 "Position83"=dword:00000053 "Visible83"=dword:00000000 "Width83"=dword:00000041 "Position84"=dword:00000054 "Visible84"=dword:00000000 "Width84"=dword:00000041 "Position85"=dword:00000055 "Visible85"=dword:00000000 "Width85"=dword:00000041 "Position86"=dword:00000056 "Visible86"=dword:00000000 "Width86"=dword:00000050 [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients] "GKWeightCoef"=dword:00000064 "GKCurrentAbilityCoef"=dword:00000000 "GKCornersCoef"=dword:00000000 "GKCrossingCoef"=dword:00000000 "GKDribblingCoef"=dword:00000000 "GKFinishingCoef"=dword:00000000 "GKFirstTouchCoef"=dword:00000000 "GKFreeKicksCoef"=dword:00000000 "GKHeadingCoef"=dword:00000000 "GKLongShotsCoef"=dword:00000000 "GKLongThrowsCoef"=dword:00000000 "GKMarkingCoef"=dword:00000000 "GKPassingCoef"=dword:00000000 "GKPenaltiesCoef"=dword:00000000 "GKTacklingCoef"=dword:00000005 "GKTechniqueCoef"=dword:00000000 "GKLeftFootCoef"=dword:00000000 "GKRightFootCoef"=dword:00000000 "GKAggressionCoef"=dword:0000000a "GKAnticipationCoef"=dword:00000005 "GKBraveryCoef"=dword:00000014 "GKComposureCoef"=dword:00000014 "GKConcentrationCoef"=dword:0000000a "GKConsistencyCoef"=dword:0000000a "GKCreativityCoef"=dword:00000000 "GKDecisionsCoef"=dword:00000014 "GKDeterminationCoef"=dword:0000000a "GKDirtinessCoef"=dword:fffffffb "GKFlairCoef"=dword:00000000 "GKImportantMatchesCoef"=dword:0000000a "GKInfluenceCoef"=dword:0000000a "GKOffTheBallCoef"=dword:00000000 "GKPositioningCoef"=dword:00000050 "GKTeamworkCoef"=dword:00000005 "GKWorkRateCoef"=dword:00000000 "GKAccelerationCoef"=dword:00000005 "GKAgilityCoef"=dword:0000000a "GKBalanceCoef"=dword:0000000a "GKInjuryPronenessCoef"=dword:fffffffb "GKJumpingCoef"=dword:00000050 "GKNaturalFitnessCoef"=dword:00000005 "GKPaceCoef"=dword:00000000 "GKStaminaCoef"=dword:00000000 "GKStrengthCoef"=dword:0000000a "GKVersatilityCoef"=dword:00000000 "GKAerialAbilityCoef"=dword:00000032 "GKCommandOfAreaCoef"=dword:00000014 "GKCommunicationCoef"=dword:00000032 "GKEccentricityCoef"=dword:ffffffec "GKHandlingCoef"=dword:00000064 "GKKickingCoef"=dword:0000000a "GKOneOnOnesCoef"=dword:00000032 "GKReflexesCoef"=dword:00000064 "GKRushingOutCoef"=dword:00000014 "GKTendencyToPunchCoef"=dword:fffffff6 "GKThrowingCoef"=dword:0000000a "GKAdaptabilityCoef"=dword:00000005 "GKAmbitionCoef"=dword:0000000a "GKControversyCoef"=dword:fffffffb "GKLoyalityCoef"=dword:00000005 "GKPressureCoef"=dword:00000005 "GKProfessionalismCoef"=dword:00000005 "GKSportsmanshipCoef"=dword:00000005 "GKTemperamentCoef"=dword:00000005 "SWWeightCoef"=dword:00000066 "SWCurrentAbilityCoef"=dword:00000000 "SWCornersCoef"=dword:00000000 "SWCrossingCoef"=dword:00000000 "SWDribblingCoef"=dword:00000000 "SWFinishingCoef"=dword:00000000 "SWFirstTouchCoef"=dword:00000014 "SWFreeKicksCoef"=dword:0000000a "SWHeadingCoef"=dword:00000064 "SWLongShotsCoef"=dword:0000000a "SWLongThrowsCoef"=dword:00000000 "SWMarkingCoef"=dword:00000064 "SWPassingCoef"=dword:0000000a "SWPenaltiesCoef"=dword:00000005 "SWTacklingCoef"=dword:00000064 "SWTechniqueCoef"=dword:0000000a "SWLeftFootCoef"=dword:00000005 "SWRightFootCoef"=dword:00000005 "SWAggressionCoef"=dword:00000014 "SWAnticipationCoef"=dword:00000014 "SWBraveryCoef"=dword:00000028 "SWComposureCoef"=dword:00000028 "SWConcentrationCoef"=dword:0000003c "SWConsistencyCoef"=dword:0000000a "SWCreativityCoef"=dword:0000000a "SWDecisionsCoef"=dword:00000014 "SWDeterminationCoef"=dword:0000000a "SWDirtinessCoef"=dword:ffffffe7 "SWFlairCoef"=dword:00000000 "SWImportantMatchesCoef"=dword:0000000a "SWInfluenceCoef"=dword:0000000a "SWOffTheBallCoef"=dword:0000000a "SWPositioningCoef"=dword:00000064 "SWTeamworkCoef"=dword:00000028 "SWWorkRateCoef"=dword:00000014 "SWAccelerationCoef"=dword:0000001e "SWAgilityCoef"=dword:0000000a "SWBalanceCoef"=dword:00000014 "SWInjuryPronenessCoef"=dword:fffffffb "SWJumpingCoef"=dword:00000064 "SWNaturalFitnessCoef"=dword:00000005 "SWPaceCoef"=dword:00000014 "SWStaminaCoef"=dword:0000000a "SWStrengthCoef"=dword:00000050 "SWVersatilityCoef"=dword:00000005 "SWAerialAbilityCoef"=dword:00000000 "SWCommandOfAreaCoef"=dword:00000000 "SWCommunicationCoef"=dword:00000000 "SWEccentricityCoef"=dword:00000000 "SWHandlingCoef"=dword:00000000 "SWKickingCoef"=dword:00000000 "SWOneOnOnesCoef"=dword:00000005 "SWReflexesCoef"=dword:00000005 "SWRushingOutCoef"=dword:00000000 "SWTendencyToPunchCoef"=dword:00000000 "SWThrowingCoef"=dword:00000000 "SWAdaptabilityCoef"=dword:00000005 "SWAmbitionCoef"=dword:0000000a "SWControversyCoef"=dword:fffffffb "SWLoyalityCoef"=dword:00000005 "SWPressureCoef"=dword:00000005 "SWProfessionalismCoef"=dword:00000005 "SWSportsmanshipCoef"=dword:00000005 "SWTemperamentCoef"=dword:00000005 "CBWeightCoef"=dword:00000064 "CBCurrentAbilityCoef"=dword:00000000 "CBCornersCoef"=dword:00000000 "CBCrossingCoef"=dword:00000000 "CBDribblingCoef"=dword:00000000 "CBFinishingCoef"=dword:00000000 "CBFirstTouchCoef"=dword:00000014 "CBFreeKicksCoef"=dword:0000000a "CBHeadingCoef"=dword:00000064 "CBLongShotsCoef"=dword:0000000a "CBLongThrowsCoef"=dword:00000000 "CBMarkingCoef"=dword:00000050 "CBPassingCoef"=dword:00000014 "CBPenaltiesCoef"=dword:00000005 "CBTacklingCoef"=dword:00000064 "CBTechniqueCoef"=dword:0000000a "CBLeftFootCoef"=dword:00000005 "CBRightFootCoef"=dword:00000005 "CBAggressionCoef"=dword:00000014 "CBAnticipationCoef"=dword:00000014 "CBBraveryCoef"=dword:00000028 "CBComposureCoef"=dword:00000014 "CBConcentrationCoef"=dword:00000028 "CBConsistencyCoef"=dword:0000000a "CBCreativityCoef"=dword:0000000a "CBDecisionsCoef"=dword:00000014 "CBDeterminationCoef"=dword:0000000a "CBDirtinessCoef"=dword:ffffffec "CBFlairCoef"=dword:00000000 "CBImportantMatchesCoef"=dword:0000000a "CBInfluenceCoef"=dword:0000000a "CBOffTheBallCoef"=dword:0000000a "CBPositioningCoef"=dword:00000050 "CBTeamworkCoef"=dword:00000028 "CBWorkRateCoef"=dword:00000014 "CBAccelerationCoef"=dword:00000028 "CBAgilityCoef"=dword:0000000a "CBBalanceCoef"=dword:00000014 "CBInjuryPronenessCoef"=dword:fffffffb "CBJumpingCoef"=dword:00000064 "CBNaturalFitnessCoef"=dword:00000005 "CBPaceCoef"=dword:0000001e "CBStaminaCoef"=dword:0000000a "CBStrengthCoef"=dword:0000003c "CBVersatilityCoef"=dword:00000005 "CBAerialAbilityCoef"=dword:00000000 "CBCommandOfAreaCoef"=dword:00000000 "CBCommunicationCoef"=dword:00000000 "CBEccentricityCoef"=dword:00000000 "CBHandlingCoef"=dword:00000000 "CBKickingCoef"=dword:00000000 "CBOneOnOnesCoef"=dword:00000005 "CBReflexesCoef"=dword:00000005 "CBRushingOutCoef"=dword:00000000 "CBTendencyToPunchCoef"=dword:00000000 "CBThrowingCoef"=dword:00000000 "CBAdaptabilityCoef"=dword:00000005 "CBAmbitionCoef"=dword:0000000a "CBControversyCoef"=dword:fffffffb "CBLoyalityCoef"=dword:00000005 "CBPressureCoef"=dword:00000005 "CBProfessionalismCoef"=dword:00000005 "CBSportsmanshipCoef"=dword:00000005 "CBTemperamentCoef"=dword:00000005 "FBWeightCoef"=dword:00000069 "FBCurrentAbilityCoef"=dword:00000000 "FBCornersCoef"=dword:0000000a "FBCrossingCoef"=dword:0000001e "FBDribblingCoef"=dword:00000014 "FBFinishingCoef"=dword:00000000 "FBFirstTouchCoef"=dword:00000014 "FBFreeKicksCoef"=dword:0000000a "FBHeadingCoef"=dword:0000003c "FBLongShotsCoef"=dword:0000000a "FBLongThrowsCoef"=dword:0000000a "FBMarkingCoef"=dword:0000003c "FBPassingCoef"=dword:0000001e "FBPenaltiesCoef"=dword:00000005 "FBTacklingCoef"=dword:00000064 "FBTechniqueCoef"=dword:00000014 "FBLeftFootCoef"=dword:00000005 "FBRightFootCoef"=dword:00000005 "FBAggressionCoef"=dword:0000000f "FBAnticipationCoef"=dword:00000050 "FBBraveryCoef"=dword:00000014 "FBComposureCoef"=dword:0000000a "FBConcentrationCoef"=dword:0000001e "FBConsistencyCoef"=dword:0000000a "FBCreativityCoef"=dword:0000000a "FBDecisionsCoef"=dword:00000014 "FBDeterminationCoef"=dword:0000000a "FBDirtinessCoef"=dword:fffffff6 "FBFlairCoef"=dword:00000005 "FBImportantMatchesCoef"=dword:0000000a "FBInfluenceCoef"=dword:0000000a "FBOffTheBallCoef"=dword:00000014 "FBPositioningCoef"=dword:00000064 "FBTeamworkCoef"=dword:00000014 "FBWorkRateCoef"=dword:00000014 "FBAccelerationCoef"=dword:0000003c "FBAgilityCoef"=dword:0000000a "FBBalanceCoef"=dword:00000014 "FBInjuryPronenessCoef"=dword:fffffffb "FBJumpingCoef"=dword:0000003c "FBNaturalFitnessCoef"=dword:00000005 "FBPaceCoef"=dword:00000050 "FBStaminaCoef"=dword:0000003c "FBStrengthCoef"=dword:00000028 "FBVersatilityCoef"=dword:00000005 "FBAerialAbilityCoef"=dword:00000000 "FBCommandOfAreaCoef"=dword:00000000 "FBCommunicationCoef"=dword:00000000 "FBEccentricityCoef"=dword:00000000 "FBHandlingCoef"=dword:00000000 "FBKickingCoef"=dword:00000000 "FBOneOnOnesCoef"=dword:00000005 "FBReflexesCoef"=dword:00000005 "FBRushingOutCoef"=dword:00000000 "FBTendencyToPunchCoef"=dword:00000000 "FBThrowingCoef"=dword:00000000 "FBAdaptabilityCoef"=dword:00000005 "FBAmbitionCoef"=dword:0000000a "FBControversyCoef"=dword:fffffffb "FBLoyalityCoef"=dword:00000005 "FBPressureCoef"=dword:00000005 "FBProfessionalismCoef"=dword:00000005 "FBSportsmanshipCoef"=dword:00000005 "FBTemperamentCoef"=dword:00000005 "WBWeightCoef"=dword:0000006c "WBCurrentAbilityCoef"=dword:00000000 "WBCornersCoef"=dword:0000000a "WBCrossingCoef"=dword:0000003c "WBDribblingCoef"=dword:00000028 "WBFinishingCoef"=dword:0000000a "WBFirstTouchCoef"=dword:00000014 "WBFreeKicksCoef"=dword:0000000a "WBHeadingCoef"=dword:00000028 "WBLongShotsCoef"=dword:00000014 "WBLongThrowsCoef"=dword:0000000a "WBMarkingCoef"=dword:0000003c "WBPassingCoef"=dword:00000028 "WBPenaltiesCoef"=dword:00000005 "WBTacklingCoef"=dword:00000064 "WBTechniqueCoef"=dword:00000028 "WBLeftFootCoef"=dword:00000005 "WBRightFootCoef"=dword:00000005 "WBAggressionCoef"=dword:0000000a "WBAnticipationCoef"=dword:00000050 "WBBraveryCoef"=dword:0000000a "WBComposureCoef"=dword:0000000a "WBConcentrationCoef"=dword:00000014 "WBConsistencyCoef"=dword:0000000a "WBCreativityCoef"=dword:00000014 "WBDecisionsCoef"=dword:00000014 "WBDeterminationCoef"=dword:0000000a "WBDirtinessCoef"=dword:fffffff6 "WBFlairCoef"=dword:0000000a "WBImportantMatchesCoef"=dword:0000000a "WBInfluenceCoef"=dword:0000000a "WBOffTheBallCoef"=dword:00000014 "WBPositioningCoef"=dword:00000064 "WBTeamworkCoef"=dword:00000014 "WBWorkRateCoef"=dword:00000028 "WBAccelerationCoef"=dword:00000050 "WBAgilityCoef"=dword:0000000a "WBBalanceCoef"=dword:00000014 "WBInjuryPronenessCoef"=dword:fffffffb "WBJumpingCoef"=dword:00000014 "WBNaturalFitnessCoef"=dword:00000005 "WBPaceCoef"=dword:00000064 "WBStaminaCoef"=dword:00000050 "WBStrengthCoef"=dword:00000028 "WBVersatilityCoef"=dword:00000005 "WBAerialAbilityCoef"=dword:00000000 "WBCommandOfAreaCoef"=dword:00000000 "WBCommunicationCoef"=dword:00000000 "WBEccentricityCoef"=dword:00000000 "WBHandlingCoef"=dword:00000000 "WBKickingCoef"=dword:00000000 "WBOneOnOnesCoef"=dword:00000005 "WBReflexesCoef"=dword:00000005 "WBRushingOutCoef"=dword:00000000 "WBTendencyToPunchCoef"=dword:00000000 "WBThrowingCoef"=dword:00000000 "WBAdaptabilityCoef"=dword:00000005 "WBAmbitionCoef"=dword:0000000a "WBControversyCoef"=dword:fffffffb "WBLoyalityCoef"=dword:00000005 "WBPressureCoef"=dword:00000005 "WBProfessionalismCoef"=dword:00000005 "WBSportsmanshipCoef"=dword:00000005 "WBTemperamentCoef"=dword:00000005 "DMWeightCoef"=dword:00000067 "DMCurrentAbilityCoef"=dword:00000000 "DMCornersCoef"=dword:0000000a "DMCrossingCoef"=dword:0000001e "DMDribblingCoef"=dword:00000014 "DMFinishingCoef"=dword:0000000a "DMFirstTouchCoef"=dword:0000001e "DMFreeKicksCoef"=dword:0000000a "DMHeadingCoef"=dword:00000028 "DMLongShotsCoef"=dword:00000014 "DMLongThrowsCoef"=dword:00000005 "DMMarkingCoef"=dword:0000003c "DMPassingCoef"=dword:00000028 "DMPenaltiesCoef"=dword:00000005 "DMTacklingCoef"=dword:00000064 "DMTechniqueCoef"=dword:0000001e "DMLeftFootCoef"=dword:00000005 "DMRightFootCoef"=dword:00000005 "DMAggressionCoef"=dword:00000028 "DMAnticipationCoef"=dword:00000028 "DMBraveryCoef"=dword:00000014 "DMComposureCoef"=dword:0000000a "DMConcentrationCoef"=dword:00000014 "DMConsistencyCoef"=dword:0000000a "DMCreativityCoef"=dword:00000014 "DMDecisionsCoef"=dword:00000014 "DMDeterminationCoef"=dword:0000000a "DMDirtinessCoef"=dword:fffffff6 "DMFlairCoef"=dword:0000000a "DMImportantMatchesCoef"=dword:0000000a "DMInfluenceCoef"=dword:0000000a "DMOffTheBallCoef"=dword:0000001e "DMPositioningCoef"=dword:00000050 "DMTeamworkCoef"=dword:00000028 "DMWorkRateCoef"=dword:00000050 "DMAccelerationCoef"=dword:00000028 "DMAgilityCoef"=dword:0000000a "DMBalanceCoef"=dword:0000000a "DMInjuryPronenessCoef"=dword:fffffffb "DMJumpingCoef"=dword:00000028 "DMNaturalFitnessCoef"=dword:00000005 "DMPaceCoef"=dword:00000028 "DMStaminaCoef"=dword:0000003c "DMStrengthCoef"=dword:00000028 "DMVersatilityCoef"=dword:00000005 "DMAerialAbilityCoef"=dword:00000000 "DMCommandOfAreaCoef"=dword:00000000 "DMCommunicationCoef"=dword:00000000 "DMEccentricityCoef"=dword:00000000 "DMHandlingCoef"=dword:00000000 "DMKickingCoef"=dword:00000000 "DMOneOnOnesCoef"=dword:00000005 "DMReflexesCoef"=dword:00000005 "DMRushingOutCoef"=dword:00000000 "DMTendencyToPunchCoef"=dword:00000000 "DMThrowingCoef"=dword:00000000 "DMAdaptabilityCoef"=dword:00000005 "DMAmbitionCoef"=dword:0000000a "DMControversyCoef"=dword:fffffffb "DMLoyalityCoef"=dword:00000005 "DMPressureCoef"=dword:00000005 "DMProfessionalismCoef"=dword:00000005 "DMSportsmanshipCoef"=dword:00000005 "DMTemperamentCoef"=dword:00000005 "MWeightCoef"=dword:00000068 "MCurrentAbilityCoef"=dword:00000000 "MCornersCoef"=dword:0000000a "MCrossingCoef"=dword:00000028 "MDribblingCoef"=dword:00000032 "MFinishingCoef"=dword:00000014 "MFirstTouchCoef"=dword:0000001e "MFreeKicksCoef"=dword:0000000a "MHeadingCoef"=dword:0000001e "MLongShotsCoef"=dword:00000014 "MLongThrowsCoef"=dword:00000005 "MMarkingCoef"=dword:00000028 "MPassingCoef"=dword:00000046 "MPenaltiesCoef"=dword:00000005 "MTacklingCoef"=dword:0000003c "MTechniqueCoef"=dword:00000032 "MLeftFootCoef"=dword:00000005 "MRightFootCoef"=dword:00000005 "MAggressionCoef"=dword:0000001e "MAnticipationCoef"=dword:00000028 "MBraveryCoef"=dword:0000000a "MComposureCoef"=dword:0000000a "MConcentrationCoef"=dword:0000000a "MConsistencyCoef"=dword:0000000a "MCreativityCoef"=dword:0000003c "MDecisionsCoef"=dword:0000001e "MDeterminationCoef"=dword:0000000a "MDirtinessCoef"=dword:fffffffb "MFlairCoef"=dword:0000000a "MImportantMatchesCoef"=dword:0000000a "MInfluenceCoef"=dword:0000000a "MOffTheBallCoef"=dword:00000028 "MPositioningCoef"=dword:00000028 "MTeamworkCoef"=dword:00000032 "MWorkRateCoef"=dword:00000032 "MAccelerationCoef"=dword:00000032 "MAgilityCoef"=dword:0000000a "MBalanceCoef"=dword:0000000a "MInjuryPronenessCoef"=dword:fffffffb "MJumpingCoef"=dword:00000028 "MNaturalFitnessCoef"=dword:00000005 "MPaceCoef"=dword:00000028 "MStaminaCoef"=dword:0000003c "MStrengthCoef"=dword:0000001e "MVersatilityCoef"=dword:00000005 "MAerialAbilityCoef"=dword:00000000 "MCommandOfAreaCoef"=dword:00000000 "MCommunicationCoef"=dword:00000000 "MEccentricityCoef"=dword:00000000 "MHandlingCoef"=dword:00000000 "MKickingCoef"=dword:00000000 "MOneOnOnesCoef"=dword:00000005 "MReflexesCoef"=dword:00000005 "MRushingOutCoef"=dword:00000000 "MTendencyToPunchCoef"=dword:00000000 "MThrowingCoef"=dword:00000000 "MAdaptabilityCoef"=dword:00000005 "MAmbitionCoef"=dword:0000000a "MControversyCoef"=dword:fffffffb "MLoyalityCoef"=dword:00000005 "MPressureCoef"=dword:00000005 "MProfessionalismCoef"=dword:00000005 "MSportsmanshipCoef"=dword:00000005 "MTemperamentCoef"=dword:00000005 "AMWeightCoef"=dword:00000068 "AMCurrentAbilityCoef"=dword:00000000 "AMCornersCoef"=dword:0000000a "AMCrossingCoef"=dword:0000003c "AMDribblingCoef"=dword:00000050 "AMFinishingCoef"=dword:00000028 "AMFirstTouchCoef"=dword:0000001e "AMFreeKicksCoef"=dword:0000000a "AMHeadingCoef"=dword:00000014 "AMLongShotsCoef"=dword:00000014 "AMLongThrowsCoef"=dword:00000005 "AMMarkingCoef"=dword:0000000a "AMPassingCoef"=dword:00000064 "AMPenaltiesCoef"=dword:00000005 "AMTacklingCoef"=dword:0000000a "AMTechniqueCoef"=dword:00000050 "AMLeftFootCoef"=dword:00000005 "AMRightFootCoef"=dword:00000005 "AMAggressionCoef"=dword:0000000a "AMAnticipationCoef"=dword:0000001e "AMBraveryCoef"=dword:0000000a "AMComposureCoef"=dword:0000000a "AMConcentrationCoef"=dword:0000000a "AMConsistencyCoef"=dword:0000000a "AMCreativityCoef"=dword:00000064 "AMDecisionsCoef"=dword:00000028 "AMDeterminationCoef"=dword:0000000a "AMDirtinessCoef"=dword:fffffffb "AMFlairCoef"=dword:00000014 "AMImportantMatchesCoef"=dword:0000000a "AMInfluenceCoef"=dword:0000000a "AMOffTheBallCoef"=dword:0000003c "AMPositioningCoef"=dword:00000014 "AMTeamworkCoef"=dword:0000003c "AMWorkRateCoef"=dword:00000014 "AMAccelerationCoef"=dword:0000003c "AMAgilityCoef"=dword:0000000a "AMBalanceCoef"=dword:0000000a "AMInjuryPronenessCoef"=dword:fffffffb "AMJumpingCoef"=dword:00000014 "AMNaturalFitnessCoef"=dword:00000005 "AMPaceCoef"=dword:0000003c "AMStaminaCoef"=dword:0000003c "AMStrengthCoef"=dword:00000014 "AMVersatilityCoef"=dword:00000005 "AMAerialAbilityCoef"=dword:00000000 "AMCommandOfAreaCoef"=dword:00000000 "AMCommunicationCoef"=dword:00000000 "AMEccentricityCoef"=dword:00000000 "AMHandlingCoef"=dword:00000000 "AMKickingCoef"=dword:00000000 "AMOneOnOnesCoef"=dword:00000005 "AMReflexesCoef"=dword:00000005 "AMRushingOutCoef"=dword:00000000 "AMTendencyToPunchCoef"=dword:00000000 "AMThrowingCoef"=dword:00000000 "AMAdaptabilityCoef"=dword:00000005 "AMAmbitionCoef"=dword:0000000a "AMControversyCoef"=dword:fffffffb "AMLoyalityCoef"=dword:00000005 "AMPressureCoef"=dword:00000005 "AMProfessionalismCoef"=dword:00000005 "AMSportsmanshipCoef"=dword:00000005 "AMTemperamentCoef"=dword:00000005 "WWeightCoef"=dword:00000069 "WCurrentAbilityCoef"=dword:00000000 "WCornersCoef"=dword:0000000a "WCrossingCoef"=dword:00000064 "WDribblingCoef"=dword:00000064 "WFinishingCoef"=dword:0000003c "WFirstTouchCoef"=dword:0000001e "WFreeKicksCoef"=dword:0000000a "WHeadingCoef"=dword:00000014 "WLongShotsCoef"=dword:00000014 "WLongThrowsCoef"=dword:00000005 "WMarkingCoef"=dword:0000000a "WPassingCoef"=dword:0000003c "WPenaltiesCoef"=dword:00000005 "WTacklingCoef"=dword:0000000a "WTechniqueCoef"=dword:00000050 "WLeftFootCoef"=dword:00000005 "WRightFootCoef"=dword:00000005 "WAggressionCoef"=dword:0000000a "WAnticipationCoef"=dword:00000014 "WBraveryCoef"=dword:0000000a "WComposureCoef"=dword:0000000a "WConcentrationCoef"=dword:0000000a "WConsistencyCoef"=dword:0000000a "WCreativityCoef"=dword:0000003c "WDecisionsCoef"=dword:00000014 "WDeterminationCoef"=dword:0000000a "WDirtinessCoef"=dword:fffffffb "WFlairCoef"=dword:0000000a "WImportantMatchesCoef"=dword:00000014 "WInfluenceCoef"=dword:0000000a "WOffTheBallCoef"=dword:0000003c "WPositioningCoef"=dword:00000014 "WTeamworkCoef"=dword:0000001e "WWorkRateCoef"=dword:0000001e "WAccelerationCoef"=dword:00000050 "WAgilityCoef"=dword:00000014 "WBalanceCoef"=dword:0000000a "WInjuryPronenessCoef"=dword:fffffffb "WJumpingCoef"=dword:00000014 "WNaturalFitnessCoef"=dword:00000005 "WPaceCoef"=dword:00000064 "WStaminaCoef"=dword:0000003c "WStrengthCoef"=dword:00000014 "WVersatilityCoef"=dword:00000005 "WAerialAbilityCoef"=dword:00000000 "WCommandOfAreaCoef"=dword:00000000 "WCommunicationCoef"=dword:00000000 "WEccentricityCoef"=dword:00000000 "WHandlingCoef"=dword:00000000 "WKickingCoef"=dword:00000000 "WOneOnOnesCoef"=dword:00000005 "WReflexesCoef"=dword:00000005 "WRushingOutCoef"=dword:00000000 "WTendencyToPunchCoef"=dword:00000000 "WThrowingCoef"=dword:00000000 "WAdaptabilityCoef"=dword:00000005 "WAmbitionCoef"=dword:0000000a "WControversyCoef"=dword:fffffffb "WLoyalityCoef"=dword:00000005 "WPressureCoef"=dword:00000005 "WProfessionalismCoef"=dword:00000005 "WSportsmanshipCoef"=dword:00000005 "WTemperamentCoef"=dword:00000005 "FSTWeightCoef"=dword:00000067 "FSTCurrentAbilityCoef"=dword:00000000 "FSTCornersCoef"=dword:0000000a "FSTCrossingCoef"=dword:0000000a "FSTDribblingCoef"=dword:00000050 "FSTFinishingCoef"=dword:00000064 "FSTFirstTouchCoef"=dword:00000028 "FSTFreeKicksCoef"=dword:0000000a "FSTHeadingCoef"=dword:00000028 "FSTLongShotsCoef"=dword:00000014 "FSTLongThrowsCoef"=dword:00000000 "FSTMarkingCoef"=dword:00000000 "FSTPassingCoef"=dword:00000028 "FSTPenaltiesCoef"=dword:00000005 "FSTTacklingCoef"=dword:00000000 "FSTTechniqueCoef"=dword:00000050 "FSTLeftFootCoef"=dword:00000005 "FSTRightFootCoef"=dword:00000005 "FSTAggressionCoef"=dword:0000000a "FSTAnticipationCoef"=dword:0000000a "FSTBraveryCoef"=dword:0000000a "FSTComposureCoef"=dword:0000000a "FSTConcentrationCoef"=dword:0000000a "FSTConsistencyCoef"=dword:0000000a "FSTCreativityCoef"=dword:00000028 "FSTDecisionsCoef"=dword:0000000a "FSTDeterminationCoef"=dword:0000000a "FSTDirtinessCoef"=dword:fffffffb "FSTFlairCoef"=dword:0000000a "FSTImportantMatchesCoef"=dword:0000000a "FSTInfluenceCoef"=dword:0000000a "FSTOffTheBallCoef"=dword:00000050 "FSTPositioningCoef"=dword:0000000a "FSTTeamworkCoef"=dword:0000000a "FSTWorkRateCoef"=dword:0000000a "FSTAccelerationCoef"=dword:00000064 "FSTAgilityCoef"=dword:00000028 "FSTBalanceCoef"=dword:0000000a "FSTInjuryPronenessCoef"=dword:fffffffb "FSTJumpingCoef"=dword:00000014 "FSTNaturalFitnessCoef"=dword:00000005 "FSTPaceCoef"=dword:00000064 "FSTStaminaCoef"=dword:00000028 "FSTStrengthCoef"=dword:00000014 "FSTVersatilityCoef"=dword:00000005 "FSTAerialAbilityCoef"=dword:00000000 "FSTCommandOfAreaCoef"=dword:00000000 "FSTCommunicationCoef"=dword:00000000 "FSTEccentricityCoef"=dword:00000000 "FSTHandlingCoef"=dword:00000000 "FSTKickingCoef"=dword:00000000 "FSTOneOnOnesCoef"=dword:00000005 "FSTReflexesCoef"=dword:00000005 "FSTRushingOutCoef"=dword:00000000 "FSTTendencyToPunchCoef"=dword:00000000 "FSTThrowingCoef"=dword:00000000 "FSTAdaptabilityCoef"=dword:00000005 "FSTAmbitionCoef"=dword:0000000a "FSTControversyCoef"=dword:fffffffb "FSTLoyalityCoef"=dword:00000005 "FSTPressureCoef"=dword:00000005 "FSTProfessionalismCoef"=dword:00000005 "FSTSportsmanshipCoef"=dword:00000005 "FSTTemperamentCoef"=dword:00000005 "TSTWeightCoef"=dword:00000067 "TSTCurrentAbilityCoef"=dword:00000000 "TSTCornersCoef"=dword:00000000 "TSTCrossingCoef"=dword:0000000a "TSTDribblingCoef"=dword:0000003c "TSTFinishingCoef"=dword:00000050 "TSTFirstTouchCoef"=dword:0000001e "TSTFreeKicksCoef"=dword:0000000a "TSTHeadingCoef"=dword:00000064 "TSTLongShotsCoef"=dword:00000014 "TSTLongThrowsCoef"=dword:00000000 "TSTMarkingCoef"=dword:00000000 "TSTPassingCoef"=dword:00000028 "TSTPenaltiesCoef"=dword:00000005 "TSTTacklingCoef"=dword:00000000 "TSTTechniqueCoef"=dword:00000028 "TSTLeftFootCoef"=dword:00000005 "TSTRightFootCoef"=dword:00000005 "TSTAggressionCoef"=dword:00000014 "TSTAnticipationCoef"=dword:0000000a "TSTBraveryCoef"=dword:00000014 "TSTComposureCoef"=dword:0000000a "TSTConcentrationCoef"=dword:0000000a "TSTConsistencyCoef"=dword:0000000a "TSTCreativityCoef"=dword:00000014 "TSTDecisionsCoef"=dword:0000000a "TSTDeterminationCoef"=dword:0000000a "TSTDirtinessCoef"=dword:fffffffb "TSTFlairCoef"=dword:0000000a "TSTImportantMatchesCoef"=dword:0000000a "TSTInfluenceCoef"=dword:0000000a "TSTOffTheBallCoef"=dword:00000050 "TSTPositioningCoef"=dword:00000014 "TSTTeamworkCoef"=dword:0000000a "TSTWorkRateCoef"=dword:0000000a "TSTAccelerationCoef"=dword:00000028 "TSTAgilityCoef"=dword:00000014 "TSTBalanceCoef"=dword:00000014 "TSTInjuryPronenessCoef"=dword:fffffffb "TSTJumpingCoef"=dword:00000064 "TSTNaturalFitnessCoef"=dword:00000005 "TSTPaceCoef"=dword:00000028 "TSTStaminaCoef"=dword:00000014 "TSTStrengthCoef"=dword:00000050 "TSTVersatilityCoef"=dword:00000005 "TSTAerialAbilityCoef"=dword:00000000 "TSTCommandOfAreaCoef"=dword:00000000 "TSTCommunicationCoef"=dword:00000000 "TSTEccentricityCoef"=dword:00000000 "TSTHandlingCoef"=dword:00000000 "TSTKickingCoef"=dword:00000000 "TSTOneOnOnesCoef"=dword:00000005 "TSTReflexesCoef"=dword:00000005 "TSTRushingOutCoef"=dword:00000000 "TSTTendencyToPunchCoef"=dword:00000000 "TSTThrowingCoef"=dword:00000000 "TSTAdaptabilityCoef"=dword:00000005 "TSTAmbitionCoef"=dword:0000000a "TSTControversyCoef"=dword:fffffffb "TSTLoyalityCoef"=dword:00000005 "TSTPressureCoef"=dword:00000005 "TSTProfessionalismCoef"=dword:00000005 "TSTSportsmanshipCoef"=dword:00000005 "TSTTemperamentCoef"=dword:00000005 [HKEY_USERS\S-1-5-21-842925246-492894223-839522115-1004\Software\SecuROM\License information*] "datasecu"=hex:10,b4,78,cd,8f,7c,62,b2,17,04,d5,de,25,b3,20,fa,0e,53,86,d2,1f, 00,01,52,69,13,a5,31,34,c5,cf,53,7c,5f,04,72,a5,88,0e,fb,6a,39,30,7e,e2,14,\ "rkeysecu"=hex:6b,39,8f,fb,62,5c,4d,8d,83,ae,78,f0,f5,cb,07,ca . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(740) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . Tempo para conclusão: 2010-04-09 10:32:03 ComboFix-quarantined-files.txt 2010-04-09 09:32 Pré-execução: 26.562.646.016 bytes livres Pós execução: 26.731.405.312 bytes livres - - End Of File - - 83A64A5971689903DED906CB327A06C0 Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Maio 9, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
