Jump to content

PedroD92

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. TDSSKiller Quarantine Information log Version 1.0.0.4 ***** START SCAN 13-02-2012 23:27:51,76 ***** ---------- TDSSKiller logs ---------- TDSSKiller.2.7.12.0_13.02.2012_20.55.30_log.txt TDSSKiller.2.7.12.0_13.02.2012_21.41.00_log.txt ---------- TDSSStarter logs ---------- ---------- DIR LIST ---------- C:\TDSSKiller_Quarantine\13.02.2012_20.55.30 C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000 C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\object.ini C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000 C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000\tsk0000.dta C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000\object.ini C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000\tsk0000.ini ---------- INI FILES ---------- === C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\object.ini [infectedObject] Verdict: LockedFile.Multi.Generic === C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000\object.ini [infectedObject] Type: Service Name: sptd Type: Kernel driver (0x1) Start: Boot (0x0) ImagePath: \SystemRoot\System32\Drivers\sptd.sys Suspicious states: Locked file; === C:\TDSSKiller_Quarantine\13.02.2012_20.55.30\susp0000\svc0000\tsk0000.ini [infectedFile] Type: Raw image Src: C:\Windows\System32\Drivers\sptd.sys md5: d519ad2de7968cd2b47fea807c5b29b2
  2. I kinda skipped the last note... hope it doesn't hurt. Had to attach because the post would be too long. TDSSKiller.2.7.12.0_13.02.2012_20.55.30_log.txt
  3. Also forgot ot mention that my computer completely broke one of my usb sticks.
  4. All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-4239607641-1678930908-565341473-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_USERS\S-1-5-21-4239607641-1678930908-565341473-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-4239607641-1678930908-565341473-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5490cadb-6b6f-11e0-bbbd-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5490cadb-6b6f-11e0-bbbd-806e6f6e6963}\ not found. File F:\Install.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Pedro ->Temp folder emptied: 92860804 bytes ->Temporary Internet Files folder emptied: 981638 bytes ->Java cache emptied: 3957259 bytes ->FireFox cache emptied: 37996109 bytes ->Google Chrome cache emptied: 101771632 bytes ->Flash cache emptied: 8171938 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 100667998 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102681 bytes RecycleBin emptied: 330608 bytes Total Files Cleaned = 331,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 02132012_183337 Files\Folders moved on Reboot... C:\Users\Pedro\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. Registry entries deleted on Reboot...
  5. OTL - Extras.txt OTL Extras logfile created on: 13-02-2012 02:26:08 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Pedro\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 3,68 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 53,22% Memory free 7,35 Gb Paging File | 5,31 Gb Available in Paging File | 72,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 583,07 Gb Total Space | 330,41 Gb Free Space | 56,67% Space Free | Partition Type: NTFS Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter -- (River Past Corporation) "C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter -- (River Past Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java 6 Update 27 (64-bit) "{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003 "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety "{3DBC309D-CD67-3C96-AE94-C5164D66108C}" = Microsoft .NET Framework 4 Extended PTG Language Pack "{42FBA9A9-A14D-3918-BFE1-4FC8FEDDEF5C}" = Microsoft .NET Framework 4 Client Profile PTG Language Pack "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-006D-0816-1000-0000000FF1CE}" = Microsoft Office Clique-e-Use 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9822326F-410C-96A5-2F58-65E58F65D63B}" = ccc-utility64 "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5816A09-786E-C91D-3D99-8A8C92648750}" = ATI Catalyst Install Manager "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Audio Converter" = River Past Audio Converter "CCleaner" = CCleaner "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pacote de controladores do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PTG Language Pack" = Microsoft .NET Framework 4 Client Profile PTG Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PTG Language Pack" = Microsoft .NET Framework 4 Extended PTG Language Pack "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = Compressor WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3 "{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B148875-7C4D-A5A7-79FA-82D679939663}" = CCC Help Danish "{0D49143F-5710-6EAF-986F-86306C54D9F7}" = CCC Help Dutch "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker "{0DCE424F-F4A8-A3EA-3416-7A4CA189A164}" = CCC Help Czech "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3 "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{173871CD-D8A3-3105-9E9A-EF173067E954}" = Photo Gallery Builder "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{193B70F8-D757-B1D6-B2B0-826E92D889CC}" = CCC Help Polish "{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{23640476-5D3A-F071-A40F-345E16C91301}" = CCC Help Hungarian "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 29 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.30 Patch 1 "{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder "{30C01299-554C-4B62-BD0F-849F43E01C91}_is1" = Pokemon World Online version 1.8 "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34795BBE-39E4-41B6-997A-B88FD7306562}" = Windows Live Sync "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{39BE50E7-8059-C383-D8D0-3EC7B9A0B2C2}" = CCC Help Turkish "{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{4394B319-1CA6-9535-5A97-3407DE7B2865}" = CCC Help Chinese Traditional "{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content "{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E242AB2-86A7-4231-82A9-1E4226D23CA8}" = Catalyst Control Center - Branding "{4E2AC91C-090D-C0BE-98E0-35480A693D53}" = CCC Help Russian "{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3 "{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3 "{59A58CB1-5177-4AF7-DC09-886DC5175561}" = CCC Help Thai "{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3 "{6B70AFEB-18E9-0BBA-C876-50E61D2F1585}" = CCC Help Korean "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6D9BDC80-11EC-11E0-B918-0013D3D69929}" = Vegas Pro 10.0 "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3 "{7BBEA5FB-5BDA-5568-F370-66934F5862F8}" = Catalyst Control Center Graphics Light "{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3 "{7C3E29B2-038E-312D-938C-DED2C6451411}" = CCC Help German "{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3 "{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{800E5862-A2A2-B903-6B6E-660F5DFB1BFF}" = CCC Help Norwegian "{804D666C-1FB8-F116-358B-15F297113547}" = CCC Help English "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007 "{90120000-0015-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 "{90120000-0016-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007 "{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0017-0816-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2007 "{90120000-0017-0816-0000-0000000FF1CE}_OMUI.pt-pt_{43B9B2F1-4E71-4EBE-BAD1-F3B4418C8D0F}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 "{90120000-0018-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 "{90120000-0019-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 "{90120000-001A-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007 "{90120000-001B-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007 "{90120000-001F-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0816-1000-0000000FF1CE}_OMUI.pt-pt_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007 "{90120000-0044-0816-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 "{90120000-0044-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 "{90120000-006E-0816-0000-0000000FF1CE}_OMUI.pt-pt_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 "{90120000-00A1-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0816-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 "{90120000-00BA-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0816-0000-0000000FF1CE}" = Microsoft Office O MUI (Portuguese (Portugal)) 2007 "{90120000-0100-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0816-0000-0000000FF1CE}" = Microsoft Office X MUI (Portuguese (Portugal)) 2007 "{90120000-0101-0816-0000-0000000FF1CE}_OMUI.pt-pt_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" = "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{90497F91-64AA-6732-266E-4B7023989E5C}" = ccc-core-static "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95140000-0080-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.6.942 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A990CB5E-6951-12C0-6B29-4C0102E80827}" = CCC Help Portuguese "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAB17558-7189-1415-2370-D689FDD44B33}" = PX Profile Update "{ABC74AD3-8488-2D59-71CA-FE1FDBD99293}" = CCC Help Greek "{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B399B936-CDED-C8E5-D621-E6323855CF5B}" = Catalyst Control Center Graphics Full New "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3 "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3 "{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs "{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{BE985F96-BFD5-BCE2-97F6-B73BBF122943}" = CCC Help Japanese "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C314EA94-9FAF-969D-544F-816FE102EAFD}" = Catalyst Control Center InstallProxy "{C40DCE3C-E042-2DEE-4F77-8725E18BAE17}" = CCC Help Spanish "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3 "{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1F8C3EA-8274-90C1-460B-EE2DFA7B492B}" = CCC Help French "{D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1" = Sothink SWF Quicker "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3 "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver "{D7A1C3CB-1F27-4EAA-98DF-D266CA6B67D3}" = Microsoft Works "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite "{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E573FE55-5A89-F7CC-0A00-A9E79BB20C3B}" = CCC Help Finnish "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E75093FD-D74A-D7D0-AE15-BA89B30D9E54}" = Catalyst Control Center Localization All "{E92EAA89-9597-E7DF-6EB6-F21655D245F2}" = Catalyst Control Center Graphics Previews Vista "{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler "{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EEEDE742-915B-2D3F-5763-E7375BE7B144}" = CCC Help Chinese Standard "{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F9B82B36-5FC0-1E0D-0D56-066D1EDAC9E8}" = Catalyst Control Center Graphics Full Existing "{FC3CCF4F-ABE4-1CF6-347B-DEAFC9D82F1C}" = Catalyst Control Center Core Implementation "{FC4AAE94-A221-0725-4FD8-56262B0262BA}" = CCC Help Italian "{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FFAC99FD-DDF8-E138-E8F4-538B639C6984}" = CCC Help Swedish "{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4 "Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection "Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional "Afraid of Monsters: Director's Cut" = Afraid of Monsters: Director's Cut v1.0 "ASIO4ALL" = ASIO4ALL "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode) "avast" = avast! Free Antivirus "BSPlayerf" = BS.Player FREE "Celtx (2.9.1)" = Celtx (2.9.1) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "CoffeeCup Flash Menu Builder" = CoffeeCup Flash Menu Builder "com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.dmp.contentviewer" = Adobe Content Viewer "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1" = Photo Gallery Builder "Creative Jukebox Driver" = Creative Jukebox Driver "Desura" = Desura "FL Studio 9" = FL Studio 9 "Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16 "GIF Animator" = Microsoft GIF Animator "Gunz" = ijji - Gunz "Hardcore" = Hardcore "Identity Card" = Identity Card "I-Doser" = I-Doser Free "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "Intelli-studio" = SAMSUNG Intelli-studio "Kanguru" = Kanguru "LAME for Audacity_is1" = LAME v3.98.3 for Audacity "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1 "LManager" = Launch Manager "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.60.0.1800 "Minecraft Beta Cracked" = Minecraft Beta Cracked "Mozilla Firefox 6.0 (x86 pt-PT)" = Mozilla Firefox 6.0 (x86 pt-PT) "Mystery of Mortlake Mansion Free Trial_is1" = Mystery of Mortlake Mansion Free Trial "Nokia Suite" = Nokia Suite "Office14.Click2Run" = Microsoft Office Clique-e-Use 2010 "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "OMUI.pt-pt" = Microsoft Office Language Pack 2007 - Portuguese/Português "pcsx2-r4600" = PCSX2 - Playstation 2 Emulator "PKR" = PKR "Plants vs. Zombies" = Plants vs. Zombies "PoiZone" = PoiZone "PunkBusterSvc" = PunkBuster Services "Rob Papen Albino 2" = Rob Papen Albino 2 "Sawer" = Sawer "SharePointDesigner" = Microsoft Office SharePoint Designer 2007 "Smart GIF Creator_is1" = Smart GIF Creator "Steam App 10" = Counter-Strike "Steam App 15700" = Oddworld: Abe's Oddysee "Steam App 15710" = Oddworld: Abe's Exoddus "Steam App 17500" = Zombie Panic Source "Steam App 19000" = Silent Hill: Homecoming "Steam App 211" = Source SDK "Steam App 218" = Source SDK Base 2007 "Steam App 220" = Half-Life 2 "Steam App 24960" = Battlefield: Bad Company 2 "Steam App 4000" = Garry's Mod "Steam App 420" = Half-Life 2: Episode Two "Steam App 440" = Team Fortress 2 "Steam App 550" = Left 4 Dead 2 "Steam App 70" = Half-Life "Steam App 8140" = Tomb Raider: Underworld "Toxic Biohazard" = Toxic Biohazard "uTorrent" = µTorrent "Veetle TV" = Veetle TV "Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.9 "VTFEdit_is1" = VTFEdit 1.2.5 "WinLiveSuite" = Windows Live Essentials "Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4239607641-1678930908-565341473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 10-02-2012 19:32:00 | Computer Name = Pedro-PC | Source = Application Hang | ID = 1002 Description = O programa TurboBoost.exe versão 5.0.0.204 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção. ID do Processo: 1368 Hora de Início: 01cce84a88333a58 Hora de Fim: 0 Caminho da Aplicação: C:\Program Files (x86)\IObit\Advanced SystemCare 5\TurboBoost.exe ID do Relatório: 0d70a26c-543e-11e1-9d85-8557716db056 Error - 10-02-2012 23:57:35 | Computer Name = Pedro-PC | Source = System Restore | ID = 8193 Description = Error - 11-02-2012 00:07:47 | Computer Name = Pedro-PC | Source = System Restore | ID = 8193 Description = Error - 11-02-2012 00:11:15 | Computer Name = Pedro-PC | Source = MsiInstaller | ID = 10005 Description = Error - 11-02-2012 00:11:28 | Computer Name = Pedro-PC | Source = MsiInstaller | ID = 1023 Description = Error - 11-02-2012 00:31:33 | Computer Name = Pedro-PC | Source = Application Hang | ID = 1002 Description = O programa TurboBoost.exe versão 5.0.0.204 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção. ID do Processo: 4c0 Hora de Início: 01cce8750356e945 Hora de Fim: 0 Caminho da Aplicação: C:\Program Files (x86)\IObit\Advanced SystemCare 5\TurboBoost.exe ID do Relatório: 76b64ed8-5468-11e1-9d85-8557716db056 Error - 11-02-2012 15:49:19 | Computer Name = Pedro-PC | Source = System Restore | ID = 8193 Description = Error - 11-02-2012 19:26:57 | Computer Name = Pedro-PC | Source = VSS | ID = 12305 Description = Error - 11-02-2012 20:23:16 | Computer Name = Pedro-PC | Source = Application Hang | ID = 1002 Description = O programa chrome.exe versão 16.0.912.77 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção. ID do Processo: 774 Hora de Início: 01cce91a5be98f38 Hora de Fim: 8 Caminho da Aplicação: C:\Users\Pedro\AppData\Local\Google\Chrome\Application\chrome.exe ID do Relatório: 126bf847-550f-11e1-9454-9d535b708d51 Error - 11-02-2012 20:55:28 | Computer Name = Pedro-PC | Source = VSS | ID = 12305 Description = [ System Events ] Error - 12-02-2012 22:04:07 | Computer Name = Pedro-PC | Source = Application Popup | ID = 1060 Description = O carregamento de \SystemRoot\SysWow64\drivers\libusb0.sys foi bloqueado devido a incompatibilidade com este sistema. Contacte o fabricante de software para obter uma versão compatível do controlador. Error - 12-02-2012 22:04:08 | Computer Name = Pedro-PC | Source = Application Popup | ID = 1060 Description = O carregamento de \SystemRoot\SysWow64\drivers\libusb0.sys foi bloqueado devido a incompatibilidade com este sistema. Contacte o fabricante de software para obter uma versão compatível do controlador. Error - 12-02-2012 22:04:19 | Computer Name = Pedro-PC | Source = EventLog | ID = 6008 Description = O anterior encerramento do sistema, ?13-?02-?2012 às 02:02:10, foi inesperado. Error - 12-02-2012 22:04:12 | Computer Name = Pedro-PC | Source = Application Popup | ID = 1060 Description = O carregamento de \SystemRoot\SysWow64\drivers\libusb0.sys foi bloqueado devido a incompatibilidade com este sistema. Contacte o fabricante de software para obter uma versão compatível do controlador. Error - 12-02-2012 22:04:12 | Computer Name = Pedro-PC | Source = Application Popup | ID = 1060 Description = O carregamento de \SystemRoot\SysWow64\drivers\libusb0.sys foi bloqueado devido a incompatibilidade com este sistema. Contacte o fabricante de software para obter uma versão compatível do controlador. Error - 12-02-2012 22:04:13 | Computer Name = Pedro-PC | Source = Application Popup | ID = 1060 Description = O carregamento de \SystemRoot\SysWow64\drivers\libusb0.sys foi bloqueado devido a incompatibilidade com este sistema. Contacte o fabricante de software para obter uma versão compatível do controlador. Error - 12-02-2012 22:04:23 | Computer Name = Pedro-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Falha ao iniciar do Módulo de Extensibilidade WLAN. Caminho do Módulo: C:\Windows\system32\athExt.dll Código de Erro: 126 Error - 12-02-2012 22:04:39 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7000 Description = O serviço LibUsb-Win32 - Daemon, Version 0.1.10.1 falhou o arranque devido ao seguinte erro: %%2 Error - 12-02-2012 22:10:44 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034 Description = O serviço Advanced SystemCare Service 5 terminou inesperadamente. Isto aconteceu 1 vez(es). Error - 12-02-2012 22:17:52 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034 Description = O serviço DCService.exe terminou inesperadamente. Isto aconteceu 1 vez(es). < End of report >
  6. OTL OTL logfile created on: 13-02-2012 02:26:08 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Pedro\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 3,68 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 53,22% Memory free 7,35 Gb Paging File | 5,31 Gb Available in Paging File | 72,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 583,07 Gb Total Space | 330,41 Gb Free Space | 56,67% Space Free | Partition Type: NTFS Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-02-13 02:24:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pedro\Downloads\OTL.exe PRC - [2012-02-13 02:17:33 | 001,202,688 | ---- | M] () -- C:\Users\Pedro\Downloads\RogueKiller.exe PRC - [2012-02-13 02:14:35 | 000,336,971 | ---- | M] () -- C:\Users\Pedro\Downloads\FSS.exe PRC - [2012-01-17 22:51:27 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2012-01-17 18:16:24 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saui.exe PRC - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011-11-28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Programas\AVAST Software\Avast\AvastUI.exe PRC - [2011-11-28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programas\AVAST Software\Avast\AvastSvc.exe PRC - [2011-11-21 19:25:12 | 000,536,576 | ---- | M] () -- C:\Program Files (x86)\Kanguru\Kanguru.exe PRC - [2011-11-01 15:40:04 | 001,053,056 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2011-10-27 10:33:32 | 000,148,016 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2011-02-25 11:52:24 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\YouCam\YouCamTray.exe PRC - [2011-02-25 11:52:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe PRC - [2010-09-14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010-09-14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010-04-23 17:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010-04-17 05:57:08 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010-04-17 05:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe PRC - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2010-03-11 05:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010-03-11 05:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010-03-08 23:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010-03-08 23:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010-03-04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010-03-04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010-03-03 13:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010-03-03 13:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010-03-03 13:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010-02-09 18:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe PRC - [2010-01-29 23:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2010-01-13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2010-01-08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2009-09-30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2009-09-30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2009-02-23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe PRC - [2007-05-10 21:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe ========== Modules (No Company Name) ========== MOD - [2012-02-13 02:14:35 | 000,336,971 | ---- | M] () -- C:\Users\Pedro\Downloads\FSS.exe MOD - [2012-02-12 22:01:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll MOD - [2012-02-11 10:26:33 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll MOD - [2012-02-11 10:20:44 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll MOD - [2012-02-11 10:20:37 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll MOD - [2012-02-11 10:20:22 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll MOD - [2012-02-11 10:20:15 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll MOD - [2012-02-11 10:20:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll MOD - [2012-02-11 10:20:10 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll MOD - [2012-02-11 10:20:00 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2012-01-20 05:35:35 | 000,411,120 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll MOD - [2012-01-20 05:35:34 | 003,767,792 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll MOD - [2012-01-20 05:34:10 | 000,122,880 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll MOD - [2012-01-20 05:34:09 | 000,222,208 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll MOD - [2012-01-20 05:34:07 | 001,746,432 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll MOD - [2012-01-20 02:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll MOD - [2012-01-20 02:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Pedro\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll MOD - [2011-11-21 19:25:12 | 000,536,576 | ---- | M] () -- C:\Program Files (x86)\Kanguru\Kanguru.exe MOD - [2011-11-01 15:42:14 | 000,392,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll MOD - [2011-11-01 15:42:12 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll MOD - [2011-11-01 15:42:08 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll MOD - [2011-11-01 15:42:06 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll MOD - [2011-11-01 15:41:38 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll MOD - [2011-11-01 15:41:36 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll MOD - [2011-11-01 15:41:34 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2011-11-01 15:41:32 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll MOD - [2011-11-01 15:41:30 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2011-11-01 15:41:24 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll MOD - [2011-11-01 15:41:22 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll MOD - [2011-11-01 15:41:20 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2011-11-01 15:41:18 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2011-11-01 15:41:16 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2011-11-01 15:41:14 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll MOD - [2011-11-01 15:41:12 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2011-11-01 15:41:10 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll MOD - [2011-11-01 15:41:06 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2011-11-01 15:40:56 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll MOD - [2011-11-01 15:40:54 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll MOD - [2011-11-01 15:40:52 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll MOD - [2011-11-01 15:40:08 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll MOD - [2011-11-01 15:40:00 | 000,438,144 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll MOD - [2011-11-01 15:39:36 | 001,041,792 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll MOD - [2011-11-01 15:39:06 | 000,740,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2011-11-01 14:57:42 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2011-04-21 01:49:44 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-09-09 10:27:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Kanguru\DeviceMgrUIPlugin.dll MOD - [2010-08-31 10:25:20 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Kanguru\LocaleMgrPlugin.dll MOD - [2010-08-31 10:23:40 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Kanguru\NotifyServicePlugin.dll MOD - [2010-08-31 10:21:22 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Kanguru\ConfigFilePlugin.dll MOD - [2010-08-31 10:19:50 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Kanguru\DeviceMgrPlugin.dll MOD - [2010-08-31 10:16:42 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Kanguru\NetInfoPlugin.dll MOD - [2010-08-31 10:13:48 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Kanguru\DialUpPlugin.dll MOD - [2010-08-31 09:49:42 | 001,019,904 | ---- | M] () -- C:\Program Files (x86)\Kanguru\NDISAPI.dll MOD - [2010-05-31 17:54:32 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Kanguru\DetectDev.dll MOD - [2010-05-31 17:54:26 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Kanguru\DeviceOperate.dll MOD - [2010-05-31 17:54:24 | 000,598,016 | ---- | M] () -- C:\Program Files (x86)\Kanguru\atcomm.dll MOD - [2010-05-31 17:53:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Kanguru\XCodec.dll MOD - [2010-04-23 10:16:42 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Kanguru\isaputrace.dll MOD - [2010-03-24 21:17:36 | 008,794,464 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll MOD - [2010-03-09 00:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2010-01-13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2009-05-20 06:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011-11-28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010-04-20 23:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012-02-07 13:18:30 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-01-17 22:51:27 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-01-13 11:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-11-16 15:55:49 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-07-23 20:26:09 | 000,131,400 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service) SRV - [2011-05-28 16:12:30 | 000,075,136 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-10-21 20:09:00 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010-09-14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010-09-14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010-08-19 08:52:04 | 000,229,376 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2010-04-23 09:46:04 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programas\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2010-04-22 17:39:54 | 000,171,040 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programas\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc) SRV - [2010-04-17 05:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-08 23:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010-03-04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel® SRV - [2010-03-03 13:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010-01-29 23:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2010-01-28 23:27:36 | 000,243,232 | ---- | M] (Acer Group) [Disabled | Stopped] -- C:\Programas\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010-01-08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009-09-30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel® SRV - [2009-09-30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel® SRV - [2009-06-10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-03-20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) SRV - [2005-03-09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-01-31 22:06:07 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011-11-28 17:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2011-11-28 17:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2011-11-28 17:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2011-11-28 17:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2011-11-28 17:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011-11-28 17:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2011-08-17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011-08-17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011-08-17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011-08-17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011-08-01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011-03-11 06:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 06:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-01-15 16:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2011-01-01 09:12:24 | 000,097,040 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:64bit: - [2010-12-16 22:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010-09-14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2010-09-14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2010-09-14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2010-09-14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010-08-31 18:09:00 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2010-08-19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2010-08-07 17:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010-07-28 08:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010-07-27 15:26:34 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:64bit: - [2010-07-27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2010-04-21 01:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010-04-20 22:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010-04-20 22:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2010-04-07 20:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010-04-07 02:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010-03-11 12:17:42 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010-03-04 02:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010-02-10 07:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009-12-22 01:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009-09-17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel® DRV:64bit: - [2009-07-14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009-07-14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 00:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009-06-10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-06-03 02:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009-06-03 02:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009-06-03 02:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009-05-26 13:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009-05-05 08:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009-05-05 08:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2009-07-14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) DRV - [2005-03-09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) DRV - [2004-12-31 15:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 IE - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0 FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1 FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0 FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9 FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1 FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5 FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pedro\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pedro\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-02-12 13:20:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-02 23:11:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_6.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_6.0 [2012-01-08 21:46:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-01-02 22:52:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012-01-08 21:46:41 | 000,000,000 | ---D | M] [2011-11-02 14:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Extensions [2011-11-02 14:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Extensions\celtx@celtx.com [2011-11-17 09:55:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-09-18 21:24:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-11-17 09:55:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG [2011-11-02 14:54:20 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG [2011-08-12 06:32:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-08-12 03:56:45 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2011-08-12 03:56:45 | 000,001,529 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\priberam.xml [2011-08-12 03:56:45 | 000,002,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\sapo.xml [2011-08-12 03:56:45 | 000,000,942 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-ptpt.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pedro\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\ CHR - Extension: Pesquisa do Google = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Pesquisa do Google = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: SiteAdvisor = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\ CHR - Extension: Gmail = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found. O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programas\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVBg] c:\program files\realtek\audio\hda\ravbg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001..\Run: [] File not found O4 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001..\Run: [Mobile Partner] C:\Program Files (x86)\Kanguru\Kanguru.exe () O4 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001..\Run: [steam] c:\program files (x86)\steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-4239607641-1678930908-565341473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/stg_drm.ocx (SpinTop DRM Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/armhelper.ocx (ArmHelper Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DEB3855-83F0-4D87-9A5F-E2519220788D}: NameServer = 62.169.67.172 62.169.67.171 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66906848-AB49-442B-9AEC-CA7EF9FFD4C2}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{3c32df0e-1466-11e1-abdd-c80aa9a0edc0}\Shell - "" = AutoRun O33 - MountPoints2\{3c32df0e-1466-11e1-abdd-c80aa9a0edc0}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3c32df1d-1466-11e1-abdd-c80aa9a0edc0}\Shell - "" = AutoRun O33 - MountPoints2\{3c32df1d-1466-11e1-abdd-c80aa9a0edc0}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5490cadb-6b6f-11e0-bbbd-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5490cadb-6b6f-11e0-bbbd-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Install.exe O33 - MountPoints2\{c7142373-098a-11e1-bc81-c80aa9a0edc0}\Shell - "" = AutoRun O33 - MountPoints2\{c7142373-098a-11e1-bc81-c80aa9a0edc0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012-02-13 02:17:44 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\RK_Quarantine [2012-02-13 02:07:18 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DECDE8A0-FE70-4DFE-8711-183709F5EF1B} [2012-02-13 02:06:36 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{F65D6E18-5850-4134-ABD1-DDAFE9E7FA95} [2012-02-13 01:54:56 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{2D43792D-6FCF-4F0F-A4E6-8B8D8B0DF25A} [2012-02-13 01:54:14 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{1D08A28C-E86A-4522-9960-B2DD174B2F10} [2012-02-13 01:09:28 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0A349874-C984-4893-966C-4ADC7B696596} [2012-02-13 01:08:14 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{AD63BD81-F74D-45B4-81E3-94FB1DA0C958} [2012-02-13 00:42:02 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{07C2CB0F-B8F6-4B58-AC42-5A20F785B54F} [2012-02-13 00:41:34 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{52C566DD-F68C-41C5-B150-EE46788F9ADC} [2012-02-12 21:41:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{E133A777-1510-486D-AE8C-8FAE6AD5634E} [2012-02-12 21:41:30 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{A5DE488A-0714-406C-8C4D-8E2FD03303B4} [2012-02-12 16:26:05 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B19EB699-6973-4762-9D9B-BB3ABFFD1BC5} [2012-02-12 16:25:49 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{D33081E0-A4CF-40D1-BCEC-8153F70EE9BF} [2012-02-12 13:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-02-12 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012-02-12 13:29:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{13115605-0EDC-4E47-B18D-25D100530FB7} [2012-02-12 13:28:22 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B2D24549-9694-4203-AFE7-839E5A2CBC2E} [2012-02-12 04:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee [2012-02-11 22:56:41 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Saves [2012-02-11 17:44:55 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\Nova pasta [2012-02-11 04:08:25 | 000,000,000 | ---D | C] -- C:\c4ac066f28bbb75f2f0587288d [2012-02-11 03:46:02 | 000,023,896 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2012-02-10 22:55:33 | 000,000,000 | -HSD | C] -- C:\found.008 [2012-02-10 21:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012-02-10 21:32:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\IObit [2012-02-10 21:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2012-02-10 21:31:04 | 030,218,224 | ---- | C] (IObit ) -- C:\Users\Pedro\Desktop\asc-setup.exe [2012-02-09 14:54:49 | 000,000,000 | -HSD | C] -- C:\found.007 [2012-02-02 19:29:11 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{63F9CB90-B0B4-4968-8E3E-3929B753C402} [2012-02-02 19:28:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{46450237-2037-4A1C-953B-E931545DA252} [2012-02-02 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\riotsGamesLogs [2012-02-02 18:04:59 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\LolClient [2012-02-02 16:30:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{C785257D-E347-4789-823C-566A213B63C1} [2012-02-02 16:30:32 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{E80CF1F8-700F-47B3-8A83-2E23C94FF05D} [2012-02-02 05:30:09 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Brushes [2012-02-02 03:42:34 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{7E41854D-0DD3-468D-918C-2AD43E6A6C4A} [2012-02-02 03:42:03 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{BC70E52A-D265-4EF9-A42B-4D1E79F92AC2} [2012-01-31 21:42:29 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc [2012-01-31 21:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc [2012-01-31 21:38:15 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys [2012-01-31 21:38:15 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys [2012-01-31 21:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc [2012-01-31 21:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2012-01-31 21:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO [2012-01-30 21:24:42 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0EDE59F1-F4E2-4A1B-A83E-F81582A9EC23} [2012-01-30 21:24:19 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{7624E708-DAFF-4BBB-8D73-1EF191864033} [2012-01-29 23:22:27 | 000,000,000 | ---D | C] -- C:\adobeTemp [2012-01-29 18:20:05 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{1FA65C79-8B14-42DC-8D0D-EFDB3C65CC97} [2012-01-29 18:19:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{445B10E4-9BCC-4952-9E8B-D5802448D8AE} [2012-01-29 17:56:01 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\HP [2012-01-29 17:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2012-01-29 17:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2012-01-29 17:45:00 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2012-01-29 17:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012-01-29 17:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012-01-28 22:45:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{D7FE8BF9-F1B9-49DB-B088-F903A86FCF80} [2012-01-28 22:45:27 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{6EB707EB-86EE-4938-B4E3-396A6372E8B6} [2012-01-28 14:18:22 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{101AD348-F063-4120-9581-C7427E62ACB5} [2012-01-25 14:41:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{4B3A9DAB-EB59-4D4D-B0AE-EA17E3C0815C} [2012-01-25 14:40:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{F2619017-7795-4524-9A16-0C4A059CD048} [2012-01-23 22:27:36 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B3BC93B4-3860-4098-8F2D-B5EEA564866F} [2012-01-23 22:26:50 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{9956D6CC-EB9C-4EFB-92EA-EC36F5649879} [2012-01-23 11:30:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{1D0CDA25-A955-46E2-A1B3-5E2508941721} [2012-01-23 11:30:25 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{9896EF01-A5A2-4D7D-A54F-0235C49AE950} [2012-01-23 11:17:31 | 000,000,000 | -HSD | C] -- C:\found.006 [2012-01-23 04:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-01-23 04:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Minnetonka Audio Software [2012-01-22 20:11:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{BA5FDC8A-BC55-45A8-B411-34FA4E8F122D} [2012-01-22 20:10:28 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{1FC717FC-233C-4180-9105-63D5A7E06DD7} [2012-01-22 19:49:09 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{5EF0E186-91E8-435B-BB43-969E42C955FE} [2012-01-22 19:48:32 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{FC2AE311-9F6B-4F6E-ABA7-B9DB3281AFF1} [2012-01-22 03:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River Past [2012-01-22 03:11:58 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\River Past G5 [2012-01-22 03:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\River Past G5 [2012-01-22 03:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past [2012-01-22 03:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\River Past [2012-01-22 01:55:47 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{6D1F277C-8A52-43D7-BC77-1F216634B20C} [2012-01-22 01:55:23 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{EB57820B-8063-460E-BF72-A6DF57BB5A0B} [2012-01-21 19:06:03 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{F2A3E11A-7505-435A-BDBE-FAAACB949FFD} [2012-01-21 19:05:42 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{7760DE3B-3AD6-4378-8F73-4F414DCE205F} [2012-01-21 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DCF0ABF4-CFE7-481F-B52C-69B582AED12F} [2012-01-21 18:32:23 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{A274C847-AD16-4825-9754-4D083A775387} [2012-01-21 18:24:01 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{6C6162F3-F4F1-4274-8D8B-5CE1FE0DD3B9} [2012-01-21 18:23:43 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{8618E000-6387-421C-8FC3-4EF60C8ECFF0} [2012-01-21 15:08:14 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{3CC4BC51-BAC7-42F7-9C10-700513F8E175} [2012-01-21 15:07:59 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DA98287B-13A4-48E9-B583-482C6B8CA95A} [2012-01-21 08:24:20 | 000,000,000 | -HSD | C] -- C:\found.005 [2012-01-19 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{8A3DE575-52F8-4D14-ABA9-353FC7AFD56B} [2012-01-19 20:55:51 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{1F9C1ED3-E1BF-4C6E-A975-FD65C46B6A71} [2012-01-18 14:37:33 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{6A2B0A63-4B9D-4A95-B728-3ABB5EC13376} [2012-01-18 14:36:54 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{4853569A-643C-4A02-A23E-878FBF1A70DE} [2012-01-18 12:14:11 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{067395B1-5674-4398-BFEB-8399ADC74DD5} [2012-01-18 12:13:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{3F8324D2-6446-46C0-B8A5-1E510A2D3E7D} [2012-01-18 00:19:16 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{4B756AFC-84F7-4008-8856-B7D304D330F0} [2012-01-18 00:19:01 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{05178676-29FF-4EE2-9911-3AD7DC70B639} [2012-01-17 23:02:57 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Adobe [2012-01-17 22:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story [2012-01-17 22:02:52 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{377C5680-5267-41E7-A1C3-199FC645744F} [2012-01-17 22:02:30 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DBEFB33A-D878-4833-A870-A986BA6022B1} [2012-01-17 20:40:40 | 000,000,000 | ---D | C] -- C:\Riot Games [2012-01-17 20:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-01-17 16:17:01 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\PMB Files [2012-01-17 16:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-01-17 16:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012-01-17 11:21:13 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B6CD64C8-34E8-41EC-8EF6-D7C7292E6849} [2012-01-17 11:20:43 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{5B9519C5-6525-40D4-95E8-F0462BA37AEB} [2012-01-16 11:46:16 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll [2012-01-15 16:28:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{940ED9F7-1B37-4A3F-9AD9-E3044C9CD820} [2012-01-15 16:28:25 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{A1F13562-3BA0-476C-9B11-F9831741FCF6} [2012-01-14 14:47:33 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0A99B73D-57E9-427A-A44C-DFEEBF492AF1} [2012-01-14 14:47:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{165185AF-1C1D-4077-8CB6-68EBC58D1A3F} [2011-05-29 17:17:58 | 014,921,284 | ---- | C] ( ) -- C:\Windows\SysWow64\xa22433520.exe [2011-05-29 17:17:57 | 014,921,284 | ---- | C] ( ) -- C:\Windows\SysWow64\xa22433271.exe [2011-04-22 19:40:59 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-02-13 02:15:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-13 02:15:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-13 02:10:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4239607641-1678930908-565341473-1001UA.job [2012-02-13 02:10:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4239607641-1678930908-565341473-1001Core.job [2012-02-13 02:04:44 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-13 02:04:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-13 02:04:10 | 2962,243,584 | -HS- | M] () -- C:\hiberfil.sys [2012-02-13 01:36:21 | 001,671,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-13 01:36:21 | 000,722,398 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat [2012-02-13 01:36:21 | 000,655,754 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-02-13 01:36:21 | 000,153,062 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat [2012-02-13 01:36:21 | 000,122,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-02-13 00:38:26 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-12 23:07:29 | 000,007,602 | ---- | M] () -- C:\Users\Pedro\AppData\Local\resmon.resmoncfg [2012-02-12 21:32:55 | 005,259,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-02-12 18:56:27 | 000,074,102 | ---- | M] () -- C:\Users\Pedro\Documents\cc_20120212_185602.reg [2012-02-12 18:55:16 | 001,853,311 | ---- | M] () -- C:\Users\Pedro\Desktop\ProcessExplorer.zip [2012-02-10 22:58:40 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat [2012-02-10 17:07:26 | 030,218,224 | ---- | M] (IObit ) -- C:\Users\Pedro\Desktop\asc-setup.exe [2012-02-05 22:13:52 | 003,411,685 | ---- | M] () -- C:\Users\Pedro\Desktop\cartaz2.psd [2012-02-05 22:08:37 | 004,818,092 | ---- | M] () -- C:\Users\Pedro\Desktop\cartaz3.psd [2012-02-03 00:17:01 | 002,995,468 | ---- | M] () -- C:\Users\Pedro\Desktop\cartaz.psd [2012-01-31 22:06:07 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-01-31 21:42:29 | 000,000,993 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-01-29 18:12:40 | 000,228,902 | ---- | M] () -- C:\Windows\hpoins19.dat.temp [2012-01-29 17:47:47 | 000,002,103 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-23 04:33:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-01-23 04:21:21 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz [2012-01-23 04:21:21 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll [2012-01-23 04:21:21 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\clauth2.dll [2012-01-23 04:21:21 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\clauth1.dll [2012-01-23 04:21:21 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz [2012-01-23 04:21:21 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll [2012-01-23 04:21:21 | 000,000,087 | ---- | M] () -- C:\Windows\SysWow64\ssprs.tgz [2012-01-23 04:21:21 | 000,000,073 | ---- | M] () -- C:\Windows\SysWow64\ssprs.dll [2012-01-22 03:12:00 | 000,162,954 | ---- | M] () -- C:\Windows\Audio Converter Uninstaller.exe [2012-01-17 17:06:46 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-01-17 17:06:46 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-01-17 17:05:50 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-01-16 11:46:16 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-02-12 21:36:33 | 000,002,103 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-02-12 21:36:33 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-02-12 21:36:33 | 000,001,782 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2012-02-12 21:36:33 | 000,000,993 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-02-12 21:32:14 | 005,259,984 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-02-12 18:56:04 | 000,074,102 | ---- | C] () -- C:\Users\Pedro\Documents\cc_20120212_185602.reg [2012-02-12 18:54:18 | 001,853,311 | ---- | C] () -- C:\Users\Pedro\Desktop\ProcessExplorer.zip [2012-02-11 19:03:55 | 000,007,602 | ---- | C] () -- C:\Users\Pedro\AppData\Local\resmon.resmoncfg [2012-02-10 22:58:40 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat [2012-02-05 22:08:36 | 004,818,092 | ---- | C] () -- C:\Users\Pedro\Desktop\cartaz3.psd [2012-02-03 15:58:17 | 003,411,685 | ---- | C] () -- C:\Users\Pedro\Desktop\cartaz2.psd [2012-02-02 05:55:29 | 002,995,468 | ---- | C] () -- C:\Users\Pedro\Desktop\cartaz.psd [2012-01-31 22:06:07 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-01-29 23:28:02 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS5.5.lnk [2012-01-29 23:24:26 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [2012-01-29 23:20:58 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk [2012-01-29 23:16:39 | 000,001,383 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [2012-01-29 23:16:17 | 000,001,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [2012-01-29 18:11:48 | 000,228,902 | ---- | C] () -- C:\Windows\hpoins19.dat.temp [2012-01-29 18:11:48 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2012-01-23 04:21:21 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz [2012-01-23 04:21:21 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll [2012-01-23 04:21:21 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll [2012-01-23 04:21:21 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll [2012-01-23 04:21:21 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz [2012-01-23 04:21:21 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll [2012-01-23 04:21:21 | 000,000,087 | ---- | C] () -- C:\Windows\SysWow64\ssprs.tgz [2012-01-23 04:21:21 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll [2012-01-22 03:11:59 | 000,162,954 | ---- | C] () -- C:\Windows\Audio Converter Uninstaller.exe [2012-01-17 22:55:57 | 000,001,323 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk [2012-01-17 22:54:47 | 000,001,219 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk [2012-01-17 22:54:24 | 000,002,331 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk [2012-01-17 22:52:38 | 000,001,411 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2012-01-17 22:28:56 | 000,001,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011-11-27 19:27:26 | 000,003,584 | ---- | C] () -- C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-11-21 03:22:41 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE [2011-10-26 21:42:44 | 000,000,132 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011-10-16 16:11:53 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2011-09-25 17:34:10 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2011-09-09 12:06:50 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011-09-07 21:21:57 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2011-08-18 21:28:01 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys [2011-08-09 11:45:26 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2011-08-03 08:31:01 | 000,000,000 | ---- | C] () -- C:\Users\Pedro\AppData\Local\{923F0284-9F56-4E1C-9577-9E49F05EB693} [2011-07-11 15:53:34 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011-05-28 16:12:52 | 000,280,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-05-28 16:12:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-05-20 13:56:01 | 000,000,132 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011-05-15 18:41:56 | 001,669,626 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-05-13 14:32:20 | 000,000,013 | -H-- | C] () -- C:\ProgramData\ÝÃÄΛÒ3113›.sys [2011-05-13 14:23:39 | 000,000,132 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011-04-22 19:40:59 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2011-04-22 19:40:59 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2011-04-22 19:40:59 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2011-04-22 19:40:58 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll [2011-04-22 19:40:58 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2011-04-20 17:03:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-04-20 17:00:44 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-05-14 05:22:42 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010-05-14 05:22:42 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010-05-14 05:22:42 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010-05-14 05:22:41 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010-05-14 05:22:41 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010-05-14 05:22:40 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010-05-14 04:57:51 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009-07-14 05:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 02:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 02:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 00:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2012-02-13 01:01:50 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit [2012-02-13 01:01:50 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit [2011-11-27 17:49:21 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\.minecraft [2011-06-13 23:29:35 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\2K Sports [2012-01-23 05:41:30 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Audacity [2011-06-08 15:54:49 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Bioshock [2011-04-25 20:04:10 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\BSplayer [2011-04-25 19:42:37 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\BSplayer Pro [2011-05-13 14:32:20 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\CoffeeCup Software [2011-10-11 13:38:34 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011-05-18 12:57:35 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\com.aspiro.musicbox [2011-05-20 14:30:53 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1 [2011-05-27 15:02:15 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\DVDVideoSoftIEHelpers [2011-08-29 22:38:12 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Fit3DLive [2011-07-10 16:52:34 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\fltk.org [2012-02-11 23:44:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\GameRanger [2011-11-02 14:54:40 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Greyfirst [2011-05-15 20:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\IDoser [2011-07-11 15:03:28 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\ijjigame [2012-02-11 19:37:04 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\IObit [2012-02-02 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\LolClient [2011-08-18 21:38:11 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\MotioninJoy [2011-04-25 20:35:36 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Mystery of Mortlake Mansion [2011-11-30 14:32:08 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Need for Speed World [2012-01-08 21:51:32 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PC Suite [2011-09-08 23:53:19 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Pokemon Online [2011-04-23 18:45:36 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PowerCinema [2011-04-25 20:56:28 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Publish Providers [2012-01-22 03:11:58 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\River Past G5 [2012-02-12 02:36:00 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SoftGrid Client [2011-04-25 20:56:24 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Sony [2011-05-22 14:23:31 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SpinTop [2011-05-03 18:11:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Sports Interactive [2011-05-09 22:20:43 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011-07-20 12:50:37 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SystemRequirementsLab [2011-05-30 18:33:08 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TP [2011-09-08 23:26:48 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Tunngle [2012-02-11 03:46:15 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\uTorrent [2011-09-25 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\VDownloader [2011-05-14 13:46:11 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Windows Live Writer [2012-01-08 20:09:49 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:196FC0A6 @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838 @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E36F5B57 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:7D6EC5BE @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:A8A212CE < End of report >
  7. Thanks for the fast reply! Here are the logs: Farbar Service Scanner Farbar Service Scanner Version: 12-02-2012 01 Ran by Pedro (administrator) on 13-02-2012 at 02:15:00 Running from "C:\Users\Pedro\Downloads" Microsoft Windows 7 Home Premium (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is set to Disabled. The default start type is Auto. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ Windows Defender: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll [2009-07-14 00:09] - [2009-07-14 01:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3 C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll [2009-07-13 23:36] - [2009-07-14 01:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5 C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll [2009-07-14 00:36] - [2009-07-14 01:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7 C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** RogueKiller RogueKiller V7.0.4 [02/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo...13-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User: Pedro [Admin rights] Mode: Scan -- Date : 02/13/2012 02:22:59 ¤¤¤ Bad processes: 2 ¤¤¤ [sUSP PATH] DCService.exe -- C:\ProgramData\DatacardService\DCService.exe -> KILLED [TermProc] [sUSP PATH] DCSHelper.exe -- C:\ProgramData\DatacardService\DCSHelper.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 7 ¤¤¤ [sUSP PATH] {669E2577-E795-4A27-AC19-97F7ECEC817B}.job : C:\Users\Pedro\Desktop\Dead Island\deadislandgame.exe -> FOUND [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{1DEB3855-83F0-4D87-9A5F-E2519220788D} : NameServer (62.169.67.172 62.169.67.171) -> FOUND [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{1DEB3855-83F0-4D87-9A5F-E2519220788D} : NameServer (62.169.67.172 62.169.67.171) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BEVT-22A0RT0 +++++ --- User --- [MBR] 01bca7cf3235a9cfcd88c227409f7b11 [bSP] 89f8c6983651e829af0f3f04eea4a92e : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 597066 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  8. Hello MrCharlie. The scan I did before was in one of my other computers, just wanted to be better safe than sorry on that one. Now, I have a laptop which has been slower and slower. Did a Malwarebytes scan on it but it turned out nothing, I did both on normal boot mode and safe mode, and nothing. With nothing else to turn to, I did the dds scan. Here are the logs: DDS.text . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29 Run by Pedro at 22:16:03 on 2012-02-12 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.351.2070.18.3767.1982 [GMT 0:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\atieclxx.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\PLFSetI.exe C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\ProgramData\DatacardService\DCService.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe C:\Windows\System32\igfxtray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Kanguru\Kanguru.exe C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Cyberlink\YouCam\YouCamTray.exe C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe C:\Windows\system32\igfxext.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Steam\Steam.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\msiexec.exe C:\Users\Pedro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Pedro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Pedro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Pedro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\wermgr.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0816&m=aspire_5820tg&r=27360411m616l0473z145t46n1p235 uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mWinlogon: Userinit=userinit.exe, BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Programa Auxiliar de Início de Sessão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [AdobeBridge] uRun: [<NO NAME>] uRun: [steam] "c:\program files (x86)\steam\steam.exe" -silent uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Mobile Partner] C:\Program Files (x86)\Kanguru\Kanguru.exe uRun: [Google Update] "C:\Users\Pedro\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart mRun: [<NO NAME>] mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" StartupFolder: C:\Users\Pedro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/stg_drm.ocx DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/armhelper.ocx DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{1DEB3855-83F0-4D87-9A5F-E2519220788D} : NameServer = 62.169.67.172 62.169.67.171 TCP: Interfaces\{66906848-AB49-442B-9AEC-CA7EF9FFD4C2} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{66906848-AB49-442B-9AEC-CA7EF9FFD4C2}\14C657E6F6 : DhcpNameServer = 192.168.0.1 192.168.0.201 TCP: Interfaces\{66906848-AB49-442B-9AEC-CA7EF9FFD4C2}\4586F6D637F6E6932313638354 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{66906848-AB49-442B-9AEC-CA7EF9FFD4C2}\56465727F616D6 : DhcpNameServer = 193.136.192.45 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {074C1DC5-9320-4A9A-947D-C042949C6216} {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {72853161-30C5-4D22-B7F9-0BBC1D38A37E} {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {AE7CD045-E861-484f-8273-0445EE161910} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {B4F3A835-0E21-4959-BA22-42B3008E02FF} {DBC80044-A445-435b-BC74-9C25C1C588A9} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} {47833539-D0C5-4125-9FA8-0819E2EAAC93} {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [(Predefini‡Æo)] mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe mRun-x64: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" IE-X64: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\obg23fks.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Pedro\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-2-10 497496] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-1-2 44768] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664] R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-8-19 229376] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-14 325200] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-4-22 820768] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-7 2343816] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-14 13336] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-22 652872] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-12 103440] R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640] R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-5-14 171040] R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-5-14 260640] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] S2 gupdate;Serviço Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-22 135664] S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2011-7-23 131400] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 gupdatem;Serviço Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-22 135664] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] . =============== Created Last 30 ================ . 2012-02-12 22:12:41 -------- d-----w- C:\83355b204a1d46363b564ab4 2012-02-12 22:04:09 -------- d-----w- C:\27321b9e8c5375db31d5faefd2d29c42 2012-02-12 22:00:44 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67A366E8-0054-4E9D-97DC-D667E89BE61E}\mpengine.dll 2012-02-12 21:41:46 -------- d-----w- C:\Users\Pedro\AppData\Local\{E133A777-1510-486D-AE8C-8FAE6AD5634E} 2012-02-12 21:41:30 -------- d-----w- C:\Users\Pedro\AppData\Local\{A5DE488A-0714-406C-8C4D-8E2FD03303B4} 2012-02-12 18:16:59 696600 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2012-02-12 18:09:37 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{636EE7E5-A58A-4519-88B0-3C56C47C239E}\offreg.dll 2012-02-12 16:26:05 -------- d-----w- C:\Users\Pedro\AppData\Local\{B19EB699-6973-4762-9D9B-BB3ABFFD1BC5} 2012-02-12 16:25:49 -------- d-----w- C:\Users\Pedro\AppData\Local\{D33081E0-A4CF-40D1-BCEC-8153F70EE9BF} 2012-02-12 13:30:26 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-02-12 13:29:48 -------- d-----w- C:\Users\Pedro\AppData\Local\{13115605-0EDC-4E47-B18D-25D100530FB7} 2012-02-12 13:28:22 -------- d-----w- C:\Users\Pedro\AppData\Local\{B2D24549-9694-4203-AFE7-839E5A2CBC2E} 2012-02-12 04:11:51 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee 2012-02-12 03:55:51 -------- d-----w- C:\Program Files (x86)\1-Click-Fix 2012-02-11 04:31:38 723456 ----a-w- C:\Windows\System32\EncDec.dll 2012-02-11 04:31:38 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2012-02-11 04:14:02 3141632 ----a-w- C:\Windows\System32\win32k.sys 2012-02-11 04:13:19 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll 2012-02-11 04:13:19 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll 2012-02-11 04:13:00 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-02-11 04:12:07 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll 2012-02-11 04:12:07 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll 2012-02-11 04:08:25 -------- d-----w- C:\c4ac066f28bbb75f2f0587288d 2012-02-11 04:08:10 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2012-02-11 04:08:10 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax 2012-02-11 04:08:10 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax 2012-02-11 04:08:10 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2012-02-11 04:08:10 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax 2012-02-11 04:08:10 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2012-02-11 04:08:10 288256 ----a-w- C:\Windows\System32\MSNP.ax 2012-02-11 04:08:10 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax 2012-02-11 04:08:10 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2012-02-11 04:08:10 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2012-02-11 04:07:53 861184 ----a-w- C:\Windows\System32\oleaut32.dll 2012-02-11 04:07:53 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2012-02-11 04:07:53 331776 ----a-w- C:\Windows\System32\oleacc.dll 2012-02-11 04:07:53 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2012-02-11 03:46:02 23896 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2012-02-10 22:55:33 -------- d-sh--w- C:\found.008 2012-02-10 21:32:57 -------- d-----w- C:\ProgramData\IObit 2012-02-10 21:32:40 -------- d-----w- C:\Users\Pedro\AppData\Roaming\IObit 2012-02-10 21:32:34 -------- d-----w- C:\Program Files (x86)\IObit 2012-02-09 14:54:49 -------- d-sh--w- C:\found.007 2012-02-02 19:29:11 -------- d-----w- C:\Users\Pedro\AppData\Local\{63F9CB90-B0B4-4968-8E3E-3929B753C402} 2012-02-02 19:28:40 -------- d-----w- C:\Users\Pedro\AppData\Local\{46450237-2037-4A1C-953B-E931545DA252} 2012-02-02 18:10:31 -------- d-----w- C:\Users\Pedro\riotsGamesLogs 2012-02-02 18:04:59 -------- d-----w- C:\Users\Pedro\AppData\Roaming\LolClient 2012-02-02 16:30:48 -------- d-----w- C:\Users\Pedro\AppData\Local\{C785257D-E347-4789-823C-566A213B63C1} 2012-02-02 16:30:32 -------- d-----w- C:\Users\Pedro\AppData\Local\{E80CF1F8-700F-47B3-8A83-2E23C94FF05D} 2012-02-02 03:42:34 -------- d-----w- C:\Users\Pedro\AppData\Local\{7E41854D-0DD3-468D-918C-2AD43E6A6C4A} 2012-02-02 03:42:03 -------- d-----w- C:\Users\Pedro\AppData\Local\{BC70E52A-D265-4EF9-A42B-4D1E79F92AC2} 2012-01-31 22:06:07 530488 ----a-w- C:\Windows\System32\drivers\sptd.sys 2012-01-31 21:38:15 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys 2012-01-31 21:38:15 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys 2012-01-31 21:38:14 -------- d-----w- C:\Program Files (x86)\MagicDisc 2012-01-31 21:29:36 -------- d-----w- C:\Program Files (x86)\MagicISO 2012-01-30 21:24:42 -------- d-----w- C:\Users\Pedro\AppData\Local\{0EDE59F1-F4E2-4A1B-A83E-F81582A9EC23} 2012-01-30 21:24:19 -------- d-----w- C:\Users\Pedro\AppData\Local\{7624E708-DAFF-4BBB-8D73-1EF191864033} 2012-01-29 23:22:27 -------- d-----w- C:\adobeTemp 2012-01-29 18:20:05 -------- d-----w- C:\Users\Pedro\AppData\Local\{1FA65C79-8B14-42DC-8D0D-EFDB3C65CC97} 2012-01-29 18:19:20 -------- d-----w- C:\Users\Pedro\AppData\Local\{445B10E4-9BCC-4952-9E8B-D5802448D8AE} 2012-01-29 17:47:16 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard 2012-01-29 17:45:01 -------- d-----w- C:\Program Files (x86)\HP 2012-01-29 17:43:21 -------- d-----w- C:\Program Files\HP 2012-01-29 17:38:42 642360 ----a-w- C:\Windows\System32\hpzids40.dll 2012-01-29 17:38:41 861184 ----a-w- C:\Windows\System32\hpowiav1.dll 2012-01-29 17:38:41 498176 ----a-w- C:\Windows\System32\hpovst01.dll 2012-01-29 17:38:40 730624 ----a-w- C:\Windows\System32\hpotscl1.dll 2012-01-28 22:45:48 -------- d-----w- C:\Users\Pedro\AppData\Local\{D7FE8BF9-F1B9-49DB-B088-F903A86FCF80} 2012-01-28 22:45:27 -------- d-----w- C:\Users\Pedro\AppData\Local\{6EB707EB-86EE-4938-B4E3-396A6372E8B6} 2012-01-28 14:18:22 -------- d-----w- C:\Users\Pedro\AppData\Local\{101AD348-F063-4120-9581-C7427E62ACB5} 2012-01-25 14:41:31 -------- d-----w- C:\Users\Pedro\AppData\Local\{4B3A9DAB-EB59-4D4D-B0AE-EA17E3C0815C} 2012-01-25 14:40:31 -------- d-----w- C:\Users\Pedro\AppData\Local\{F2619017-7795-4524-9A16-0C4A059CD048} 2012-01-23 22:27:36 -------- d-----w- C:\Users\Pedro\AppData\Local\{B3BC93B4-3860-4098-8F2D-B5EEA564866F} 2012-01-23 22:26:50 -------- d-----w- C:\Users\Pedro\AppData\Local\{9956D6CC-EB9C-4EFB-92EA-EC36F5649879} 2012-01-23 11:30:40 -------- d-----w- C:\Users\Pedro\AppData\Local\{1D0CDA25-A955-46E2-A1B3-5E2508941721} 2012-01-23 11:30:25 -------- d-----w- C:\Users\Pedro\AppData\Local\{9896EF01-A5A2-4D7D-A54F-0235C49AE950} 2012-01-23 11:17:31 -------- d-sh--w- C:\found.006 2012-01-23 04:21:21 73 ----a-w- C:\Windows\SysWow64\ssprs.dll 2012-01-23 04:21:21 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll 2012-01-23 04:21:21 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll 2012-01-23 04:21:21 1025 ----a-w- C:\Windows\SysWow64\clauth2.dll 2012-01-23 04:21:21 1025 ----a-w- C:\Windows\SysWow64\clauth1.dll 2012-01-23 04:21:21 -------- d-----w- C:\ProgramData\Minnetonka Audio Software 2012-01-22 20:11:07 -------- d-----w- C:\Users\Pedro\AppData\Local\{BA5FDC8A-BC55-45A8-B411-34FA4E8F122D} 2012-01-22 20:10:28 -------- d-----w- C:\Users\Pedro\AppData\Local\{1FC717FC-233C-4180-9105-63D5A7E06DD7} 2012-01-22 19:49:09 -------- d-----w- C:\Users\Pedro\AppData\Local\{5EF0E186-91E8-435B-BB43-969E42C955FE} 2012-01-22 19:48:32 -------- d-----w- C:\Users\Pedro\AppData\Local\{FC2AE311-9F6B-4F6E-ABA7-B9DB3281AFF1} 2012-01-22 03:11:59 162954 ----a-w- C:\Windows\Audio Converter Uninstaller.exe 2012-01-22 03:11:58 -------- d-----w- C:\Users\Pedro\AppData\Roaming\River Past G5 2012-01-22 03:11:58 -------- d-----w- C:\ProgramData\River Past G5 2012-01-22 03:11:58 -------- d-----w- C:\Program Files\Common Files\River Past 2012-01-22 03:11:57 -------- d-----w- C:\Program Files\River Past 2012-01-22 01:55:47 -------- d-----w- C:\Users\Pedro\AppData\Local\{6D1F277C-8A52-43D7-BC77-1F216634B20C} 2012-01-22 01:55:23 -------- d-----w- C:\Users\Pedro\AppData\Local\{EB57820B-8063-460E-BF72-A6DF57BB5A0B} 2012-01-21 19:06:03 -------- d-----w- C:\Users\Pedro\AppData\Local\{F2A3E11A-7505-435A-BDBE-FAAACB949FFD} 2012-01-21 19:05:42 -------- d-----w- C:\Users\Pedro\AppData\Local\{7760DE3B-3AD6-4378-8F73-4F414DCE205F} 2012-01-21 18:32:57 -------- d-----w- C:\Users\Pedro\AppData\Local\{DCF0ABF4-CFE7-481F-B52C-69B582AED12F} 2012-01-21 18:32:23 -------- d-----w- C:\Users\Pedro\AppData\Local\{A274C847-AD16-4825-9754-4D083A775387} 2012-01-21 18:24:01 -------- d-----w- C:\Users\Pedro\AppData\Local\{6C6162F3-F4F1-4274-8D8B-5CE1FE0DD3B9} 2012-01-21 18:23:43 -------- d-----w- C:\Users\Pedro\AppData\Local\{8618E000-6387-421C-8FC3-4EF60C8ECFF0} 2012-01-21 15:08:14 -------- d-----w- C:\Users\Pedro\AppData\Local\{3CC4BC51-BAC7-42F7-9C10-700513F8E175} 2012-01-21 15:07:59 -------- d-----w- C:\Users\Pedro\AppData\Local\{DA98287B-13A4-48E9-B583-482C6B8CA95A} 2012-01-21 08:24:20 -------- d-sh--w- C:\found.005 2012-01-19 20:56:29 -------- d-----w- C:\Users\Pedro\AppData\Local\{8A3DE575-52F8-4D14-ABA9-353FC7AFD56B} 2012-01-19 20:55:51 -------- d-----w- C:\Users\Pedro\AppData\Local\{1F9C1ED3-E1BF-4C6E-A975-FD65C46B6A71} 2012-01-18 14:37:33 -------- d-----w- C:\Users\Pedro\AppData\Local\{6A2B0A63-4B9D-4A95-B728-3ABB5EC13376} 2012-01-18 14:36:54 -------- d-----w- C:\Users\Pedro\AppData\Local\{4853569A-643C-4A02-A23E-878FBF1A70DE} 2012-01-18 12:14:11 -------- d-----w- C:\Users\Pedro\AppData\Local\{067395B1-5674-4398-BFEB-8399ADC74DD5} 2012-01-18 12:13:31 -------- d-----w- C:\Users\Pedro\AppData\Local\{3F8324D2-6446-46C0-B8A5-1E510A2D3E7D} 2012-01-18 00:19:16 -------- d-----w- C:\Users\Pedro\AppData\Local\{4B756AFC-84F7-4008-8856-B7D304D330F0} 2012-01-18 00:19:01 -------- d-----w- C:\Users\Pedro\AppData\Local\{05178676-29FF-4EE2-9911-3AD7DC70B639} 2012-01-17 22:32:51 -------- d-----w- C:\Program Files (x86)\Adobe Story 2012-01-17 22:02:52 -------- d-----w- C:\Users\Pedro\AppData\Local\{377C5680-5267-41E7-A1C3-199FC645744F} 2012-01-17 22:02:30 -------- d-----w- C:\Users\Pedro\AppData\Local\{DBEFB33A-D878-4833-A870-A986BA6022B1} 2012-01-17 20:57:14 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2012-01-17 20:57:14 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2012-01-17 20:57:13 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2012-01-17 20:40:40 -------- d-----w- C:\Riot Games 2012-01-17 16:17:01 -------- d-----w- C:\Users\Pedro\AppData\Local\PMB Files 2012-01-17 16:17:00 -------- d-----w- C:\ProgramData\PMB Files 2012-01-17 16:16:38 -------- d-----w- C:\Program Files (x86)\Pando Networks 2012-01-17 11:21:13 -------- d-----w- C:\Users\Pedro\AppData\Local\{B6CD64C8-34E8-41EC-8EF6-D7C7292E6849} 2012-01-17 11:20:43 -------- d-----w- C:\Users\Pedro\AppData\Local\{5B9519C5-6525-40D4-95E8-F0462BA37AEB} 2012-01-16 11:46:16 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll 2012-01-15 16:28:40 -------- d-----w- C:\Users\Pedro\AppData\Local\{940ED9F7-1B37-4A3F-9AD9-E3044C9CD820} 2012-01-15 16:28:25 -------- d-----w- C:\Users\Pedro\AppData\Local\{A1F13562-3BA0-476C-9B11-F9831741FCF6} 2012-01-14 14:47:33 -------- d-----w- C:\Users\Pedro\AppData\Local\{0A99B73D-57E9-427A-A44C-DFEEBF492AF1} 2012-01-14 14:47:20 -------- d-----w- C:\Users\Pedro\AppData\Local\{165185AF-1C1D-4077-8CB6-68EBC58D1A3F} . ==================== Find3M ==================== . 2012-01-29 05:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-17 17:06:46 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-01-17 17:06:46 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-01-17 17:05:50 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-12-31 14:10:42 0 ----a-w- C:\Windows\SysWow64\shoBBF2.tmp 2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr 2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-11-19 15:07:41 77312 ----a-w- C:\Windows\System32\packager.dll 2011-11-19 14:06:13 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys 2011-11-17 07:14:10 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll 2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll 2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll 2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll 2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll 2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe 2011-11-17 05:41:38 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll 2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll 2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2010-01-26 11:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe . ============= FINISH: 22:19:44,66 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 22-04-2011 20:34:07 System Uptime: 12-02-2012 21:37:48 (1 hours ago) . Motherboard: Acer | | ZR7B Processor: Intel® Core i5 CPU M 450 @ 2.40GHz | CPU | 1584/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 583 GiB total, 330,449 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) 1-Click-Fix v8.0 2007 Microsoft Office Suite Service Pack 2 (SP2) Acer Arcade Deluxe Acer Arcade Movie Acer Backup Manager Acer Crystal Eye Webcam Acer eRecovery Management Acer GameZone Console Acer PowerSmart Manager Acer Registration Acer ScreenSaver Acer Updater Acer VCM Acrobat.com Actualização do Microsoft Office Excel 2007 Help (KB963678) Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) Actualização do Microsoft Office Word 2007 Help (KB963665) Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe After Effects CS3 Third Party Content Adobe After Effects CS4 Adobe After Effects CS4 Presets Adobe AIR Adobe Anchor Service CS3 Adobe Anchor Service CS4 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps CS4 Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Color Video Profiles AE CS4 Adobe Community Help Adobe Content Viewer Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS4 Adobe Device Central CS3 Adobe Download Assistant Adobe Dreamweaver CS3 Adobe Dynamiclink Support Adobe Encore CS3 Adobe Encore CS3 Codecs Adobe ExtendScript Toolkit 2 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS3 Adobe Fireworks CS3 Adobe Flash CS3 Adobe Flash CS3 Professional Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe InDesign CS5.5 Adobe Linguistics CS3 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Additional Exporter Adobe Media Player Adobe MotionPicture Color Files CS4 Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop CS3 Adobe Photoshop CS5 Adobe Premiere Pro CS3 Adobe Premiere Pro CS3 Functional Content Adobe Premiere Pro CS3 Third Party Content Adobe Premiere Pro CS5.5 Adobe Reader 9.1 MUI Adobe Setup Adobe SING CS3 Adobe Soundbooth CS3 Adobe Soundbooth CS3 Codecs Adobe Stock Photos CS3 Adobe Story Adobe Type Support CS4 Adobe Update Manager CS3 Adobe Update Manager CS4 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 Adobe XMP Panels CS4 Advanced SystemCare 5 Afraid of Monsters: Director's Cut v1.0 AHV content for Acrobat and Flash Alcor Micro USB Card Reader Amazonia Apple Application Support Apple Software Update ASIO4ALL Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver µTorrent Audacity 1.3.13 (Unicode) avast! Free Antivirus Backup Manager Basic Battlefield: Bad Company 2 BS.Player FREE Cake Mania Call Of Cthulhu DCoTE Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Celtx (2.9.1) Chicken Invaders 2 CoffeeCup Flash Menu Builder Complemento Messenger Controlo ActiveX do Windows Live Mesh para Ligações Remotas Counter-Strike Creative Jukebox Driver CyberLink YouCam D3DX10 Dairy Dash Desura Dream Day First Home Dual-Core Optimizer eSobi v2 Farm Frenzy 2 FL Studio 9 Free WMA to MP3 Converter 1.16 Galapago Galeria de Fotografias do Windows Live Garry's Mod Google Chrome Google Earth Plug-in Google Update Helper Granny In Paradise GTA San Andreas Half-Life Half-Life 2 Half-Life 2: Episode Two Hardcore Heroes of Hellas I-Doser Free Identity Card ijji - Gunz IL Download Manager Intel® Control Center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Java Auto Updater Java 6 Update 29 Junk Mail filter update Kanguru LAME v3.98.3 for Audacity Launch Manager League of Legends Left 4 Dead 2 LibUSB-Win32-0.1.10.1 LogMeIn Hamachi Malwarebytes Anti-Malware versão 1.60.0.1800 McAfee SiteAdvisor MediaShow Espresso Mesh Runtime Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft GIF Animator Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2010 Microsoft Office Access MUI (Portuguese (Portugal)) 2007 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Clique-e-Use 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2010 Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 Microsoft Office Language Pack 2007 - Portuguese/Português Microsoft Office O MUI (Portuguese (Portugal)) 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Portuguese (Portugal)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing (Portuguese (Portugal)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2010 Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Office Word MUI (Portuguese (Portugal)) 2007 Microsoft Office X MUI (Portuguese (Portugal)) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft_VC100_CRT_SP1_x86 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Minecraft Beta Cracked Mozilla Firefox 6.0 (x86 pt-PT) MSVC80_x86_v2 MSVC90_x86 MSVCRT MSVCRT Redists MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion Free Trial MyWinLocker MyWinLocker Suite Nokia Connectivity Cable Driver Nokia Suite Norton Online Backup NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Oddworld: Abe's Exoddus Oddworld: Abe's Oddysee Optical Drive Power Management Pando Media Booster PC Connectivity Solution PCSX2 - Playstation 2 Emulator PDF Settings PDF Settings CS5 Photo Gallery Builder Photoshop Camera Raw Pixel Bender Toolkit PKR Plants vs. Zombies PoiZone Pokemon Online 1.0.30 Patch 1 Pokemon World Online version 1.8 PunkBuster Services PX Profile Update QuickTime REACTOR Realtek High Definition Audio Driver Rob Papen Albino 2 SAMSUNG Intelli-studio Sawer Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2518870) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Shredder SILENT HILL 3 Silent Hill: Homecoming Skype™ 5.3 Smart GIF Creator Sothink SWF Quicker Source SDK Source SDK Base 2007 Spin & Win Steam Suite Shared Configuration CS4 swMSM System Requirements Lab CYRI Team Fortress 2 Tomb Raider: Underworld Toxic Biohazard Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Word 2007 (KB974631) VDownloader 3.6.942 Veetle TV Vegas Pro 10.0 Virtual DJ Pro Full - Atomix Productions VirtualCloneDrive VLC media player 1.1.9 VTFEdit 1.2.5 Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Wolfenstein - Enemy Territory Zombie Panic Source . ==== End Of File ===========================
  9. Hey all, a friend told me you guys here could help me with these logs. I'll leave 'em here, got logs of both Malwarebytes and Hijackthis. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 3:25:58, on 09-02-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programas\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Windows Defender\MsMpEng.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\Programas\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Programas\Avira\AntiVir Desktop\sched.exe C:\PROGRA~1\FICHEI~1\Stardock\SDMCP.exe C:\WINDOWS\Explorer.EXE C:\Programas\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Programas\Java\jre6\bin\jqs.exe C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe C:\Programas\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Programas\TortoiseSVN\bin\TSVNCache.exe C:\Programas\CyberLink\PowerDVD\PDVDServ.exe C:\Programas\Windows Defender\MSASCui.exe C:\WINDOWS\RTHDCPL.EXE C:\Programas\Java\jre6\bin\jusched.exe C:\Programas\DivX\DivX Update\DivXUpdate.exe C:\Programas\HP\HP Software Update\HPWuSchd2.exe C:\Programas\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Spybot - Search & Destroy\TeaTimer.exe C:\Programas\DAEMON Tools Lite\daemon.exe C:\Programas\Messenger\msmsgs.exe C:\Programas\ManyCam 2.4\ManyCam.exe C:\Programas\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe C:\WINDOWS\system32\wuauclt.exe C:\Programas\Java\jre6\bin\jucheck.exe C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\rundll32.exe C:\Programas\Steam\Steam.exe C:\Programas\Pando Networks\Media Booster\PMB.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.54\deploy\LoLLauncher.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.126\deploy\LolClient.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\Programas\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\msiexec.exe C:\Programas\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O1 - Hosts: 5.87.18.106 pes09pcgate-e.winning-eleven.net O1 - Hosts: 5.151.118.192 pes2009web.winning-eleven.net O1 - Hosts: stun.xten.com pes7stun-e.winning-eleven.net O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programas\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programas\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [startCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Programas\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [innoSetupRegFile.0000000001] "C:\WINDOWS\is-9KPJS.exe" /REG O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ManyCam] "C:\Programas\ManyCam 2.4\ManyCam.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Programas\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIçO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Programas\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Programas\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programas\PokerStars\PokerStarsUpdate.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programas\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programas\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229967733390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C3FFAA57-52FC-42A6-97BC-008B8379A61F}: NameServer = 156.154.70.22,156.154.71.22 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programas\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Programas\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Programas\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Serviço Google Update (gupdate1c9907eea543afc) (gupdate1c9907eea543afc) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Programas\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe O23 - Service: NBService - Nero AG - C:\Programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\DOCUME~1\User\DEFINI~1\Temp\500064-PMLPatch\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 14512 bytes Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 3 09-02-2012 3:06:20 mbam-log-2012-02-09 (03-06-20).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|) Objects scanned: 301691 Time elapsed: 2 hour(s), 37 minute(s), 18 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 4 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Programas\BT Next Evolution\btnext.exe (Malware.Packer.T) -> Quarantined and deleted successfully. C:\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.