Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Double accent

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Double accent

Unread postby askey127 » April 18th, 2011, 4:42 pm

artolassss,
---------------------------------------------
Run a Scan with OTL
Please download OTL.exe by OldTimer and save it to your desktop.
  • Double click on the icon to run it. For Vista or Win7, right click the icon and choose "Run as administrator".
  • Make sure all other windows are closed to let it run uninterrupted.
  • Copy the text from the code box below and paste it into the Custom Scans/Fixes box. Do not copy the word "Code:"
    Code: Select all
    /md5start
    sptd.sys
    explorer.exe
    winlogon.exe
    wininit.exe 
    userinit.exe
    /md5stop
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Re: Double accent

Unread postby artolassss » April 19th, 2011, 4:00 pm

OTL logfile created on: 19-04-2011 20:51:08 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Paula Andrade\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 93,16 Gb Total Space | 28,05 Gb Free Space | 30,11% Space Free | Partition Type: NTFS
Drive E: | 91,69 Gb Total Space | 49,00 Gb Free Space | 53,45% Space Free | Partition Type: NTFS

Computer Name: PAULAANDRADE-PC | User Name: Paula Andrade | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
PRC - [2011-03-01 21:17:14 | 000,470,032 | ---- | M] (Wolfram Research, Inc.) -- C:\Programas\Wolfram Research\Wolfram CDF Player\8.0\MathKernel.exe
PRC - [2011-03-01 19:58:08 | 008,097,296 | ---- | M] (Wolfram Research, Inc.) -- C:\Programas\Wolfram Research\Wolfram CDF Player\8.0\SystemFiles\FrontEnd\Binaries\Windows\WolframCDFPlayer.exe
PRC - [2010-10-05 20:26:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\System32\PrintCtrl.exe -- (Printer Control)
SRV - [2008-02-19 10:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008-01-29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programas\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-09-19 11:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Programas\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007-09-12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programas\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007-09-12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007-03-29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programas\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006-11-14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006-10-05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Programas\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006-05-25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - [2011-04-09 13:12:56 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-03-26 17:37:28 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Programas\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010-02-17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Programas\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-28 10:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32) Oxford Semi eSATA Filter (x32)
DRV - [2007-09-26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Controlador do Adaptador da ligação WiFi sem fios Intel(R)
DRV - [2007-07-26 16:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007-04-30 06:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007-04-16 13:02:36 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-04-16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007-03-06 15:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\CplIR.SYS -- (CplIR)
DRV - [2007-01-24 13:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2007-01-18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007-01-18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006-10-23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006-10-18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006-10-05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006-08-30 09:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006-07-28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2005-03-11 16:17:46 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-03-11 16:17:44 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-03-11 16:17:40 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-03-11 16:17:38 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-03-11 16:17:34 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pt/"
FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:11.3.25.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-08-05 19:55:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-24 19:26:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-13 20:24:19 | 000,000,000 | ---D | M]

[2009-01-30 02:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Extensions
[2011-04-19 20:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions
[2010-09-18 01:45:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-13 17:59:33 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\firefox@tvunetworks.com
[2011-03-27 22:01:38 | 000,000,000 | ---D | M] (Corretor para Português Europeu) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\pt-PT@dictionaries.addons.mozilla.org
[2010-12-07 22:19:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\vshare@toolbar
[2010-04-17 16:19:17 | 000,000,571 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Roaming\Mozilla\Firefox\Profiles\h10dh0wc.default\searchplugins\dicionrio-priberam.xml
[2009-01-30 02:47:18 | 000,002,119 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Roaming\Mozilla\Firefox\Profiles\h10dh0wc.default\searchplugins\pesquisa-de-vdeos-do-youtube.xml
[2011-04-19 18:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programas\Mozilla Firefox\extensions
[2010-05-25 22:46:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-30 18:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-07 04:57:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-04-05 00:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-09 13:16:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programas\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009-05-10 21:34:51 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-09-09 20:28:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009-12-27 19:02:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010-04-01 13:49:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010-05-25 22:46:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-30 18:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-07 04:57:12 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-04-05 00:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-09 13:16:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\LINKFILTER@KASPERSKY.RU
[2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-03-07 19:58:21 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011-03-07 19:58:21 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml
[2011-03-07 19:58:21 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml
[2011-03-07 19:58:21 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml
[2011-03-07 19:58:21 | 000,000,953 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011-04-18 19:43:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HWSetup] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programas\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Programas\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Programas\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programas\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKCU..\Run: [{79C2D018-E41C-D1D4-CA38-974B6EF47836}] C:\Users\Paula Andrade\Ziexi\wayn.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10n_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Iniciação Rápida do Microsoft Office OneNote 2007.lnk = C:\Programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Programas\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows Photo Gallery\DSCF8497.JPG
O24 - Desktop BackupWallPaper: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows Photo Gallery\DSCF8497.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Paula Andrade\Desktop\Maitê grava vídeo a pedir desculpa aos portugueses - JN - Google Chrome.flv.flv
[2011-04-19 20:50:09 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\otl
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\MathematicaPlayer
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Local\MathematicaPlayer
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MathematicaPlayer
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\Wolfram Research
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\ResearchSoft
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mathematica
[2011-04-19 20:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
[2011-04-19 20:39:31 | 000,369,680 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i3.dll
[2011-04-19 20:39:31 | 000,335,888 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mltcpip32.mlp
[2011-04-19 20:39:31 | 000,260,112 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i2.dll
[2011-04-19 20:39:31 | 000,253,968 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i1.dll
[2011-04-19 20:39:31 | 000,167,952 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlmodule32.dll
[2011-04-19 20:39:31 | 000,093,712 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mltcp32.mlp
[2011-04-19 20:39:31 | 000,088,080 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlshm32.mlp
[2011-04-19 20:39:31 | 000,079,376 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlmap32.mlp
[2011-04-19 20:38:54 | 000,000,000 | ---D | C] -- C:\Programas\Wolfram Research
[2011-04-19 20:33:06 | 120,366,224 | ---- | C] (Wolfram Research, Inc. ) -- C:\Users\Paula Andrade\Desktop\CDFPlayer_8.0.1_WIN.EXE
[2011-04-18 19:51:25 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Local\temp
[2011-04-18 19:44:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-04-18 19:37:45 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011-04-18 19:21:48 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-04-18 19:21:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-04-18 19:21:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-04-18 19:20:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-04-18 19:20:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-04-18 19:19:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011-04-16 14:59:49 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Users\Paula Andrade\Desktop\aswMBR.exe
[2011-04-15 23:24:25 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Paula Andrade\Desktop\tdsskiller.exe
[2011-04-13 20:23:39 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\Adobe
[2011-04-13 20:09:35 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
[2011-04-11 00:36:20 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011-04-10 22:20:36 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\SUPERAntiSpyware.com
[2011-04-10 22:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011-04-10 22:20:22 | 000,000,000 | ---D | C] -- C:\Programas\SUPERAntiSpyware
[2011-04-10 22:19:13 | 010,849,672 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Paula Andrade\Desktop\SUPERAntiSpyware.exe
[2011-04-10 22:18:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup-1.50.1.1100.exe
[2011-04-10 19:45:14 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\Tudo
[2011-04-09 16:01:55 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011-04-09 15:26:37 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Paula Andrade\Desktop\HijackThis.exe
[2011-04-09 15:23:41 | 000,092,672 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Paula Andrade\Desktop\KillBox.exe
[2011-04-09 13:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2011
[2011-04-09 13:13:24 | 000,000,000 | ---D | C] -- C:\Programas\Kaspersky Lab
[2011-04-09 13:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011-04-09 13:12:56 | 000,488,536 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011-04-09 12:57:25 | 115,842,960 | ---- | C] (Kaspersky Lab) -- C:\Users\Paula Andrade\Desktop\kav11.0.2.556en.exe
[2011-04-09 12:54:51 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Malwarebytes
[2011-04-09 12:54:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-04-09 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-04-09 12:54:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-04-09 12:54:29 | 000,000,000 | ---D | C] -- C:\Programas\Malwarebytes' Anti-Malware
[2011-04-09 12:52:36 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup.exe
[2011-04-09 02:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011-04-09 02:15:47 | 000,000,000 | ---D | C] -- C:\Programas\CCleaner
[2011-04-09 02:12:59 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\Paula Andrade\Desktop\ccsetup305.exe
[2011-04-09 02:07:58 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Reviversoft
[2011-04-09 02:07:42 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\Windows\System32\roboot.exe
[2011-04-09 02:07:42 | 000,000,000 | ---D | C] -- C:\Programas\Reviversoft
[2011-04-08 11:58:11 | 008,104,967 | ---- | C] (McAfee Inc.) -- C:\Users\Paula Andrade\Desktop\stinger10101504.exe
[2011-04-08 11:57:18 | 000,178,312 | ---- | C] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FxBgbear.exe
[2011-04-08 11:57:12 | 000,164,040 | ---- | C] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FixBugb.exe
[2011-04-08 11:56:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-03-28 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\Censos 2011
[2011-03-26 18:11:12 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011-03-26 17:42:30 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Documents\Alcohol 120%
[2009-02-12 14:49:30 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2009-02-12 14:49:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2009-02-12 14:49:30 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2009-02-12 14:49:30 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2009-02-12 14:49:29 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2009-02-12 14:49:29 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2009-02-12 14:49:29 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2009-02-12 14:49:29 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2009-02-12 14:49:28 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2009-02-12 14:49:28 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2009-02-12 14:49:28 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2009-02-12 14:49:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2009-02-12 14:49:27 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2009-02-12 14:49:27 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2009-02-12 14:49:27 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Paula Andrade\Desktop\Maitê grava vídeo a pedir desculpa aos portugueses - JN - Google Chrome.flv.flv
[2011-04-19 20:41:41 | 000,001,356 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Local\d3d9caps.dat
[2011-04-19 20:35:30 | 120,366,224 | ---- | M] (Wolfram Research, Inc. ) -- C:\Users\Paula Andrade\Desktop\CDFPlayer_8.0.1_WIN.EXE
[2011-04-19 19:52:46 | 000,098,816 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-19 18:44:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-04-19 18:36:23 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-04-19 18:34:01 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-04-19 18:34:01 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-04-18 20:11:00 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-04-18 19:43:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011-04-18 19:17:33 | 004,324,176 | R--- | M] () -- C:\Users\Paula Andrade\Desktop\zzz.exe
[2011-04-17 18:53:16 | 000,000,081 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\testhd.bat
[2011-04-17 17:55:06 | 000,368,533 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\MiniToolBox.exe
[2011-04-16 15:01:44 | 000,000,512 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\MBR.dat
[2011-04-16 14:59:49 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Users\Paula Andrade\Desktop\aswMBR.exe
[2011-04-15 23:24:26 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Paula Andrade\Desktop\tdsskiller.exe
[2011-04-15 23:05:16 | 000,404,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-04-15 20:44:18 | 000,659,894 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2011-04-15 20:44:18 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-04-15 20:44:18 | 000,131,142 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2011-04-15 20:44:18 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-04-13 20:24:19 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
[2011-04-11 22:11:10 | 000,625,664 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\dds.scr
[2011-04-11 01:13:57 | 000,002,603 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\Excel.lnk
[2011-04-10 22:22:23 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-04-10 22:20:33 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011-04-10 22:19:50 | 010,849,672 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Paula Andrade\Desktop\SUPERAntiSpyware.exe
[2011-04-10 22:19:41 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup-1.50.1.1100.exe
[2011-04-09 16:55:48 | 000,092,882 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\cc_20110409_165528.reg
[2011-04-09 16:46:43 | 000,453,632 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\CKScanner.exe
[2011-04-09 15:26:38 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Paula Andrade\Desktop\HijackThis.exe
[2011-04-09 15:23:44 | 000,092,672 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Paula Andrade\Desktop\KillBox.exe
[2011-04-09 15:21:25 | 000,047,722 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\f-bugbr.zip
[2011-04-09 13:43:59 | 000,002,493 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-04-09 13:34:09 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011-04-09 13:34:09 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011-04-09 13:12:56 | 000,488,536 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011-04-09 12:59:44 | 115,842,960 | ---- | M] (Kaspersky Lab) -- C:\Users\Paula Andrade\Desktop\kav11.0.2.556en.exe
[2011-04-09 12:53:56 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup.exe
[2011-04-09 02:13:08 | 003,050,664 | ---- | M] (Piriform Ltd) -- C:\Users\Paula Andrade\Desktop\ccsetup305.exe
[2011-04-08 11:58:25 | 008,104,967 | ---- | M] (McAfee Inc.) -- C:\Users\Paula Andrade\Desktop\stinger10101504.exe
[2011-04-08 11:57:19 | 000,178,312 | ---- | M] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FxBgbear.exe
[2011-04-08 11:57:13 | 000,164,040 | ---- | M] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FixBugb.exe
[2011-03-26 18:14:27 | 000,000,124 | ---- | M] () -- C:\Users\Paula Andrade\Documents\ax_files.xml
[2011-03-26 18:11:13 | 000,000,900 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\Revo Uninstaller.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-04-18 19:21:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011-04-18 19:21:48 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011-04-18 19:21:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-04-18 19:21:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-04-18 19:21:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-04-18 19:17:32 | 004,324,176 | R--- | C] () -- C:\Users\Paula Andrade\Desktop\zzz.exe
[2011-04-17 18:53:16 | 000,000,081 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\testhd.bat
[2011-04-17 17:55:03 | 000,368,533 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\MiniToolBox.exe
[2011-04-16 15:01:44 | 000,000,512 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\MBR.dat
[2011-04-13 20:24:19 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-04-13 20:24:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011-04-11 22:10:56 | 000,625,664 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\dds.scr
[2011-04-10 22:20:33 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011-04-09 16:55:43 | 000,092,882 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\cc_20110409_165528.reg
[2011-04-09 16:46:37 | 000,453,632 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\CKScanner.exe
[2011-04-09 15:21:14 | 000,047,722 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\f-bugbr.zip
[2011-04-09 13:15:54 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011-04-09 13:15:54 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-04-09 12:54:37 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-04-08 11:58:22 | 000,001,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011-04-08 11:58:22 | 000,001,124 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Iniciação Rápida do Microsoft Office OneNote 2007.lnk
[2011-03-26 17:55:55 | 000,000,124 | ---- | C] () -- C:\Users\Paula Andrade\Documents\ax_files.xml
[2010-12-28 21:56:10 | 000,024,880 | ---- | C] () -- C:\Windows\System32\drivers\OXUDIDRV_x32.sys
[2010-08-05 19:54:34 | 000,023,204 | ---- | C] () -- C:\Windows\hpqins15.dat.temp
[2010-07-18 15:35:01 | 001,391,616 | ---- | C] () -- C:\Windows\System32\ActPDF.dll
[2010-07-18 15:34:27 | 000,691,200 | ---- | C] () -- C:\Windows\System32\PrintLog.exe
[2010-07-18 15:34:27 | 000,524,288 | ---- | C] () -- C:\Windows\System32\PrtPass.exe
[2010-07-18 14:15:56 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010-06-06 17:01:24 | 000,172,973 | ---- | C] () -- C:\Windows\hpoins36.dat
[2010-04-24 02:26:23 | 000,000,000 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\AVSMediaPlayer.m3u
[2010-04-16 21:11:42 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-04-16 21:11:41 | 000,001,644 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010-04-12 03:08:25 | 000,522,928 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010-03-30 00:09:33 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Organic
[2010-03-30 00:09:33 | 000,000,268 | RH-- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Nature
[2010-03-30 00:09:33 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Percussion Kit
[2010-03-30 00:09:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010-03-30 00:06:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\NetServices
[2010-03-30 00:06:38 | 000,000,268 | RH-- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Metadata Importer
[2010-03-30 00:06:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010-03-30 00:06:38 | 000,000,012 | RH-- | C] () -- C:\ProgramData\PPD Plugins
[2010-03-01 02:01:21 | 000,023,191 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009-10-20 20:24:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-20 20:24:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-09-28 10:55:38 | 000,052,656 | ---- | C] () -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys
[2009-09-28 10:55:16 | 000,048,688 | ---- | C] () -- C:\Windows\System32\OXSDICIN_x32.dll
[2009-09-24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-09-09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009-06-24 10:40:36 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009-05-29 16:52:26 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-05-29 16:47:06 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-05-25 13:04:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-02-12 14:53:13 | 000,000,093 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009-02-12 14:49:30 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2009-02-12 14:49:30 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2009-01-21 13:31:05 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008-10-14 14:56:21 | 000,011,845 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008-09-14 15:46:47 | 000,001,356 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Local\d3d9caps.dat
[2008-05-01 19:27:00 | 000,098,816 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007-10-17 11:27:34 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007-10-17 11:27:33 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007-10-17 11:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007-10-17 11:27:29 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007-10-17 11:24:25 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007-10-17 11:24:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007-10-17 11:24:25 | 000,010,151 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007-10-17 11:24:25 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007-09-04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007-07-13 15:33:31 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007-07-13 15:33:31 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007-07-13 15:33:31 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007-07-13 15:33:31 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007-07-13 15:33:31 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007-07-13 15:33:31 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007-07-13 15:16:32 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007-04-25 11:40:59 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007-02-07 18:57:50 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007-02-05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007-01-22 09:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2007-01-18 05:49:15 | 000,659,894 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2007-01-18 05:49:15 | 000,332,682 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2007-01-18 05:49:15 | 000,131,142 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2007-01-18 05:49:15 | 000,039,514 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2006-12-05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 13:47:37 | 000,404,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005-11-23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005-10-05 13:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2005-09-13 17:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2005-09-13 17:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2005-07-22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2008-05-01 01:14:49 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\DesktopSMS
[2009-01-26 23:04:20 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\EuroTalk
[2010-08-29 19:15:24 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\FreeMoviesToDVD
[2010-08-13 13:35:43 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\GetRightToGo
[2010-07-19 22:25:31 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Iceni
[2010-03-30 14:43:02 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Nikon
[2011-04-09 02:07:58 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Reviversoft
[2010-08-09 20:17:53 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Samsung
[2010-07-29 21:48:23 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Teleca
[2008-05-25 18:49:08 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Toshiba
[2010-04-19 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Uniblue
[2009-12-20 20:53:50 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\VistaCodecs
[2009-01-03 16:38:21 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\VSRevoGroup
[2011-02-07 02:58:01 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Windows Live Writer
[2011-04-18 20:25:55 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011-03-20 05:35:40 | 000,000,458 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{76757496-0F36-4228-BD15-54FCD1F5BDDB}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2008-10-29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008-10-30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008-05-01 18:35:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008-05-01 18:35:01 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008-10-28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006-11-02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008-01-19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SPTD.SYS >
[2011-03-26 17:37:28 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) MD5=A199171385BE17973FD800FA91F8F78A -- C:\Windows\System32\drivers\sptd.sys

< MD5 for: USERINIT.EXE >
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006-11-02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WININIT.EXE >
[2008-01-19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe
[2008-01-19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008-01-19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006-11-02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby artolassss » April 19th, 2011, 4:01 pm

There aren't any Extras.txt file.
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby askey127 » April 19th, 2011, 7:25 pm

artolassss,
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    [2010-05-25 22:46:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010-08-30 18:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010-11-07 04:57:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2009-05-10 21:34:51 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    [2009-09-09 20:28:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    [2009-12-27 19:02:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    [2010-04-01 13:49:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    [2010-05-25 22:46:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010-08-30 18:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010-11-07 04:57:12 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
    O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
    
    :Reg
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000000
    
    :Commands
    [EMPTYTEMP]
    [RESETHOSTS]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
----------------------------------------------
Go to Start, Programs,Accessories, System Tools, and select Disk Defragmenter.
Choose C: drive and let it defrag.

Let me know if it's any faster
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Double accent

Unread postby artolassss » April 20th, 2011, 2:15 pm

OTL logfile created on: 20-04-2011 18:57:41 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Paula Andrade\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 93,16 Gb Total Space | 26,45 Gb Free Space | 28,39% Space Free | Partition Type: NTFS
Drive E: | 91,69 Gb Total Space | 49,00 Gb Free Space | 53,45% Space Free | Partition Type: NTFS

Computer Name: PAULAANDRADE-PC | User Name: Paula Andrade | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
PRC - [2011-03-16 23:24:21 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010-10-27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010-08-25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009-08-21 11:36:46 | 000,878,080 | ---- | M] (ActMask Co.,Ltd - http://www.all2pdf.com) -- C:\Windows\System32\PrintDisp.exe
PRC - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\System32\PrintCtrl.exe
PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programas\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-02-26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programas\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009-02-24 17:00:26 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Programas\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-02-19 10:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2008-01-29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Programas\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007-09-19 11:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Programas\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007-09-12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Programas\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007-09-03 11:39:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-07-20 20:45:16 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programas\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007-07-11 15:57:42 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Programas\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007-07-10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programas\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2007-06-19 15:28:32 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programas\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007-06-13 08:16:02 | 000,528,384 | R--- | M] () -- C:\Programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007-05-17 16:03:24 | 004,813,312 | ---- | M] () -- C:\Programas\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2007-04-10 16:40:28 | 000,413,696 | ---- | M] (Chicony) -- C:\Programas\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007-03-29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programas\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007-03-16 03:23:20 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Programas\Common Files\Teleca Shared\Generic.exe
PRC - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007-02-12 13:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006-11-14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006-11-06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Programas\TOSHIBA\Utilities\KeNotify.exe
PRC - [2006-10-05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programas\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006-05-25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\System32\PrintCtrl.exe -- (Printer Control)
SRV - [2008-02-19 10:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008-01-29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programas\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-09-19 11:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programas\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007-09-12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programas\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007-09-12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007-03-29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programas\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006-11-14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006-10-05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programas\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006-05-25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - [2011-04-09 13:12:56 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-03-26 17:37:28 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programas\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010-02-17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programas\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-28 10:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32) Oxford Semi eSATA Filter (x32)
DRV - [2007-09-26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Controlador do Adaptador da ligação WiFi sem fios Intel(R)
DRV - [2007-07-26 16:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007-04-30 06:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007-04-16 13:02:36 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-04-16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007-03-06 15:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\CplIR.SYS -- (CplIR)
DRV - [2007-01-24 13:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2007-01-18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007-01-18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006-10-23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006-10-18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006-10-05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006-08-30 09:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006-07-28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2005-03-11 16:17:46 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-03-11 16:17:44 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-03-11 16:17:40 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-03-11 16:17:38 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-03-11 16:17:34 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pt/"
FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:11.3.25.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-08-05 19:55:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-24 19:26:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-13 20:24:19 | 000,000,000 | ---D | M]

[2009-01-30 02:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Extensions
[2011-04-20 18:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions
[2010-09-18 01:45:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-13 17:59:33 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\firefox@tvunetworks.com
[2011-03-27 22:01:38 | 000,000,000 | ---D | M] (Corretor para Português Europeu) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\pt-PT@dictionaries.addons.mozilla.org
[2010-12-07 22:19:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Paula Andrade\AppData\Roaming\mozilla\Firefox\Profiles\h10dh0wc.default\extensions\vshare@toolbar
[2010-04-17 16:19:17 | 000,000,571 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Roaming\Mozilla\Firefox\Profiles\h10dh0wc.default\searchplugins\dicionrio-priberam.xml
[2009-01-30 02:47:18 | 000,002,119 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Roaming\Mozilla\Firefox\Profiles\h10dh0wc.default\searchplugins\pesquisa-de-vdeos-do-youtube.xml
[2011-04-20 18:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programas\Mozilla Firefox\extensions
[2011-04-05 00:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-09 13:16:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programas\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-04-05 00:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-09 13:16:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\LINKFILTER@KASPERSKY.RU
[2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-03-07 19:58:21 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011-03-07 19:58:21 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml
[2011-03-07 19:58:21 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml
[2011-03-07 19:58:21 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml
[2011-03-07 19:58:21 | 000,000,953 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011-04-20 18:52:27 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programas\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HWSetup] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programas\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Programas\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Programas\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programas\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKCU..\Run: [{79C2D018-E41C-D1D4-CA38-974B6EF47836}] C:\Users\Paula Andrade\Ziexi\wayn.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Iniciação Rápida do Microsoft Office OneNote 2007.lnk = C:\Programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Programas\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows Photo Gallery\DSCF8497.JPG
O24 - Desktop BackupWallPaper: C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows Photo Gallery\DSCF8497.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Paula Andrade\Desktop\Maitê grava vídeo a pedir desculpa aos portugueses - JN - Google Chrome.flv.flv
[2011-04-20 18:51:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-04-19 20:50:09 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\otl
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\MathematicaPlayer
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Local\MathematicaPlayer
[2011-04-19 20:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MathematicaPlayer
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\Wolfram Research
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\ResearchSoft
[2011-04-19 20:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mathematica
[2011-04-19 20:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
[2011-04-19 20:39:31 | 000,369,680 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i3.dll
[2011-04-19 20:39:31 | 000,335,888 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mltcpip32.mlp
[2011-04-19 20:39:31 | 000,260,112 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i2.dll
[2011-04-19 20:39:31 | 000,253,968 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\ml32i1.dll
[2011-04-19 20:39:31 | 000,167,952 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlmodule32.dll
[2011-04-19 20:39:31 | 000,093,712 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mltcp32.mlp
[2011-04-19 20:39:31 | 000,088,080 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlshm32.mlp
[2011-04-19 20:39:31 | 000,079,376 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\System32\mlmap32.mlp
[2011-04-19 20:38:54 | 000,000,000 | ---D | C] -- C:\Programas\Wolfram Research
[2011-04-19 20:33:06 | 120,366,224 | ---- | C] (Wolfram Research, Inc. ) -- C:\Users\Paula Andrade\Desktop\CDFPlayer_8.0.1_WIN.EXE
[2011-04-18 19:51:25 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Local\temp
[2011-04-18 19:44:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-04-18 19:37:45 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011-04-18 19:21:48 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-04-18 19:21:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-04-18 19:21:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-04-18 19:20:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-04-18 19:20:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-04-18 19:19:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011-04-16 14:59:49 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Users\Paula Andrade\Desktop\aswMBR.exe
[2011-04-15 23:24:25 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Paula Andrade\Desktop\tdsskiller.exe
[2011-04-13 20:23:39 | 000,000,000 | ---D | C] -- C:\Programas\Common Files\Adobe
[2011-04-13 20:09:35 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
[2011-04-11 00:36:20 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011-04-10 22:20:36 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\SUPERAntiSpyware.com
[2011-04-10 22:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011-04-10 22:20:22 | 000,000,000 | ---D | C] -- C:\Programas\SUPERAntiSpyware
[2011-04-10 22:19:13 | 010,849,672 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Paula Andrade\Desktop\SUPERAntiSpyware.exe
[2011-04-10 22:18:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup-1.50.1.1100.exe
[2011-04-10 19:45:14 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\Tudo
[2011-04-09 16:01:55 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011-04-09 15:26:37 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Paula Andrade\Desktop\HijackThis.exe
[2011-04-09 15:23:41 | 000,092,672 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Paula Andrade\Desktop\KillBox.exe
[2011-04-09 13:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2011
[2011-04-09 13:13:24 | 000,000,000 | ---D | C] -- C:\Programas\Kaspersky Lab
[2011-04-09 13:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011-04-09 13:12:56 | 000,488,536 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011-04-09 12:57:25 | 115,842,960 | ---- | C] (Kaspersky Lab) -- C:\Users\Paula Andrade\Desktop\kav11.0.2.556en.exe
[2011-04-09 12:54:51 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Malwarebytes
[2011-04-09 12:54:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-04-09 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-04-09 12:54:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-04-09 12:54:29 | 000,000,000 | ---D | C] -- C:\Programas\Malwarebytes' Anti-Malware
[2011-04-09 12:52:36 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup.exe
[2011-04-09 02:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011-04-09 02:15:47 | 000,000,000 | ---D | C] -- C:\Programas\CCleaner
[2011-04-09 02:12:59 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\Paula Andrade\Desktop\ccsetup305.exe
[2011-04-09 02:07:58 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Reviversoft
[2011-04-09 02:07:42 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\Windows\System32\roboot.exe
[2011-04-09 02:07:42 | 000,000,000 | ---D | C] -- C:\Programas\Reviversoft
[2011-04-08 11:58:11 | 008,104,967 | ---- | C] (McAfee Inc.) -- C:\Users\Paula Andrade\Desktop\stinger10101504.exe
[2011-04-08 11:57:18 | 000,178,312 | ---- | C] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FxBgbear.exe
[2011-04-08 11:57:12 | 000,164,040 | ---- | C] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FixBugb.exe
[2011-04-08 11:56:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-03-28 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Desktop\Censos 2011
[2011-03-26 18:11:12 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011-03-26 17:42:30 | 000,000,000 | ---D | C] -- C:\Users\Paula Andrade\Documents\Alcohol 120%
[2009-02-12 14:49:30 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2009-02-12 14:49:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2009-02-12 14:49:30 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2009-02-12 14:49:30 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2009-02-12 14:49:29 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2009-02-12 14:49:29 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2009-02-12 14:49:29 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2009-02-12 14:49:29 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2009-02-12 14:49:28 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2009-02-12 14:49:28 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2009-02-12 14:49:28 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2009-02-12 14:49:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2009-02-12 14:49:27 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2009-02-12 14:49:27 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2009-02-12 14:49:27 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Paula Andrade\Desktop\Maitê grava vídeo a pedir desculpa aos portugueses - JN - Google Chrome.flv.flv
[2011-04-20 18:55:19 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-04-20 18:55:01 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-04-20 18:55:01 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-04-20 18:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-04-20 18:54:36 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2011-04-20 18:52:27 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011-04-19 22:37:10 | 000,421,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-04-19 20:41:41 | 000,001,356 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Local\d3d9caps.dat
[2011-04-19 20:35:30 | 120,366,224 | ---- | M] (Wolfram Research, Inc. ) -- C:\Users\Paula Andrade\Desktop\CDFPlayer_8.0.1_WIN.EXE
[2011-04-19 19:52:46 | 000,098,816 | ---- | M] () -- C:\Users\Paula Andrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-18 20:11:00 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-04-18 19:17:33 | 004,324,176 | R--- | M] () -- C:\Users\Paula Andrade\Desktop\zzz.exe
[2011-04-17 18:53:16 | 000,000,081 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\testhd.bat
[2011-04-17 17:55:06 | 000,368,533 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\MiniToolBox.exe
[2011-04-16 15:01:44 | 000,000,512 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\MBR.dat
[2011-04-16 14:59:49 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Users\Paula Andrade\Desktop\aswMBR.exe
[2011-04-15 23:24:26 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Paula Andrade\Desktop\tdsskiller.exe
[2011-04-15 20:44:18 | 000,659,894 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2011-04-15 20:44:18 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-04-15 20:44:18 | 000,131,142 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2011-04-15 20:44:18 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-04-13 20:24:19 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-04-13 20:09:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paula Andrade\Desktop\OTL.exe
[2011-04-11 22:11:10 | 000,625,664 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\dds.scr
[2011-04-11 01:13:57 | 000,002,603 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\Excel.lnk
[2011-04-10 22:22:23 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-04-10 22:20:33 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011-04-10 22:19:50 | 010,849,672 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Paula Andrade\Desktop\SUPERAntiSpyware.exe
[2011-04-10 22:19:41 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup-1.50.1.1100.exe
[2011-04-09 16:55:48 | 000,092,882 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\cc_20110409_165528.reg
[2011-04-09 16:46:43 | 000,453,632 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\CKScanner.exe
[2011-04-09 15:26:38 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Paula Andrade\Desktop\HijackThis.exe
[2011-04-09 15:23:44 | 000,092,672 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Paula Andrade\Desktop\KillBox.exe
[2011-04-09 15:21:25 | 000,047,722 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\f-bugbr.zip
[2011-04-09 13:43:59 | 000,002,493 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-04-09 13:34:09 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011-04-09 13:34:09 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011-04-09 13:12:56 | 000,488,536 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011-04-09 12:59:44 | 115,842,960 | ---- | M] (Kaspersky Lab) -- C:\Users\Paula Andrade\Desktop\kav11.0.2.556en.exe
[2011-04-09 12:53:56 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Paula Andrade\Desktop\mbam-setup.exe
[2011-04-09 02:13:08 | 003,050,664 | ---- | M] (Piriform Ltd) -- C:\Users\Paula Andrade\Desktop\ccsetup305.exe
[2011-04-08 11:58:25 | 008,104,967 | ---- | M] (McAfee Inc.) -- C:\Users\Paula Andrade\Desktop\stinger10101504.exe
[2011-04-08 11:57:19 | 000,178,312 | ---- | M] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FxBgbear.exe
[2011-04-08 11:57:13 | 000,164,040 | ---- | M] (Symantec Corporation) -- C:\Users\Paula Andrade\Desktop\FixBugb.exe
[2011-03-26 18:14:27 | 000,000,124 | ---- | M] () -- C:\Users\Paula Andrade\Documents\ax_files.xml
[2011-03-26 18:11:13 | 000,000,900 | ---- | M] () -- C:\Users\Paula Andrade\Desktop\Revo Uninstaller.lnk

========== Files Created - No Company Name ==========

[2011-04-20 18:54:36 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2011-04-18 19:21:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011-04-18 19:21:48 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011-04-18 19:21:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-04-18 19:21:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-04-18 19:21:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-04-18 19:17:32 | 004,324,176 | R--- | C] () -- C:\Users\Paula Andrade\Desktop\zzz.exe
[2011-04-17 18:53:16 | 000,000,081 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\testhd.bat
[2011-04-17 17:55:03 | 000,368,533 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\MiniToolBox.exe
[2011-04-16 15:01:44 | 000,000,512 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\MBR.dat
[2011-04-13 20:24:19 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-04-13 20:24:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011-04-11 22:10:56 | 000,625,664 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\dds.scr
[2011-04-10 22:20:33 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011-04-09 16:55:43 | 000,092,882 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\cc_20110409_165528.reg
[2011-04-09 16:46:37 | 000,453,632 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\CKScanner.exe
[2011-04-09 15:21:14 | 000,047,722 | ---- | C] () -- C:\Users\Paula Andrade\Desktop\f-bugbr.zip
[2011-04-09 13:15:54 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011-04-09 13:15:54 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-04-09 12:54:37 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-04-08 11:58:22 | 000,001,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011-04-08 11:58:22 | 000,001,124 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Iniciação Rápida do Microsoft Office OneNote 2007.lnk
[2011-03-26 17:55:55 | 000,000,124 | ---- | C] () -- C:\Users\Paula Andrade\Documents\ax_files.xml
[2010-12-28 21:56:10 | 000,024,880 | ---- | C] () -- C:\Windows\System32\drivers\OXUDIDRV_x32.sys
[2010-08-05 19:54:34 | 000,023,204 | ---- | C] () -- C:\Windows\hpqins15.dat.temp
[2010-07-18 15:35:01 | 001,391,616 | ---- | C] () -- C:\Windows\System32\ActPDF.dll
[2010-07-18 15:34:27 | 000,691,200 | ---- | C] () -- C:\Windows\System32\PrintLog.exe
[2010-07-18 15:34:27 | 000,524,288 | ---- | C] () -- C:\Windows\System32\PrtPass.exe
[2010-07-18 14:15:56 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010-06-06 17:01:24 | 000,172,973 | ---- | C] () -- C:\Windows\hpoins36.dat
[2010-04-24 02:26:23 | 000,000,000 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\AVSMediaPlayer.m3u
[2010-04-16 21:11:42 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-04-16 21:11:41 | 000,001,644 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010-04-12 03:08:25 | 000,522,928 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010-03-30 00:09:33 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Organic
[2010-03-30 00:09:33 | 000,000,268 | RH-- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Nature
[2010-03-30 00:09:33 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Percussion Kit
[2010-03-30 00:09:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010-03-30 00:06:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\NetServices
[2010-03-30 00:06:38 | 000,000,268 | RH-- | C] () -- C:\Users\Paula Andrade\AppData\Roaming\Metadata Importer
[2010-03-30 00:06:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010-03-30 00:06:38 | 000,000,012 | RH-- | C] () -- C:\ProgramData\PPD Plugins
[2010-03-01 02:01:21 | 000,023,191 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009-10-20 20:24:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-20 20:24:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-09-28 10:55:38 | 000,052,656 | ---- | C] () -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys
[2009-09-28 10:55:16 | 000,048,688 | ---- | C] () -- C:\Windows\System32\OXSDICIN_x32.dll
[2009-09-24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-09-09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009-06-24 10:40:36 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009-05-29 16:52:26 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-05-29 16:47:06 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-05-25 13:04:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-02-12 14:53:13 | 000,000,093 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009-02-12 14:49:30 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2009-02-12 14:49:30 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2009-01-21 13:31:05 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008-10-14 14:56:21 | 000,011,845 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008-09-14 15:46:47 | 000,001,356 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Local\d3d9caps.dat
[2008-05-01 19:27:00 | 000,098,816 | ---- | C] () -- C:\Users\Paula Andrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007-10-17 11:27:34 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007-10-17 11:27:33 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007-10-17 11:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007-10-17 11:27:29 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007-10-17 11:24:25 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007-10-17 11:24:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007-10-17 11:24:25 | 000,010,151 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007-10-17 11:24:25 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007-09-04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007-07-13 15:33:31 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007-07-13 15:33:31 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007-07-13 15:33:31 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007-07-13 15:33:31 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007-07-13 15:33:31 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007-07-13 15:33:31 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007-07-13 15:16:32 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007-07-13 14:57:08 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007-04-25 11:40:59 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007-02-07 18:57:50 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007-02-05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007-01-22 09:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2007-01-18 05:49:15 | 000,659,894 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2007-01-18 05:49:15 | 000,332,682 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2007-01-18 05:49:15 | 000,131,142 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2007-01-18 05:49:15 | 000,039,514 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2006-12-05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 13:47:37 | 000,421,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005-11-23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005-10-05 13:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2005-09-13 17:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2005-09-13 17:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2005-07-22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2008-05-01 01:14:49 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\DesktopSMS
[2009-01-26 23:04:20 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\EuroTalk
[2010-08-29 19:15:24 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\FreeMoviesToDVD
[2010-08-13 13:35:43 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\GetRightToGo
[2010-07-19 22:25:31 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Iceni
[2010-03-30 14:43:02 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Nikon
[2011-04-09 02:07:58 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Reviversoft
[2010-08-09 20:17:53 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Samsung
[2010-07-29 21:48:23 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Teleca
[2008-05-25 18:49:08 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Toshiba
[2010-04-19 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Uniblue
[2009-12-20 20:53:50 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\VistaCodecs
[2009-01-03 16:38:21 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\VSRevoGroup
[2011-02-07 02:58:01 | 000,000,000 | ---D | M] -- C:\Users\Paula Andrade\AppData\Roaming\Windows Live Writer
[2011-04-18 20:25:55 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011-03-20 05:35:40 | 000,000,458 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{76757496-0F36-4228-BD15-54FCD1F5BDDB}.job

========== Purity Check ==========



< End of report >
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby artolassss » April 20th, 2011, 2:21 pm

Hi askey127,

I only can work normally in safe mode. In normal way I can't reboot, turn off, open a browser, etc.

I'm thinking to format the PC and install the Windows 7. Can be any problem (malware, spyware, virus) if I copy files from the pc to an external disc?

The double accent presists ´´ ~~ ^^ `` but in safe mode I can write rightly: ´ ^ ~ `.

Thanks,
artolassss
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby askey127 » April 21st, 2011, 7:40 am

artolassss,
I am not finding malware which could be directly responsible for the poor behavior.
This may mean that some of the system files themsolves have become corrupted as a result of the previous infections, and are not running properly.
There are "file infectors" out there that can behave that way, and the only recourse is to Reformat and Re-Install the Operating System, since the corrupted files are all but impossible to find..

Windows 7 would probably work OK on a previous Vista machine, and it's more pleasant to use.
You can save any of the material in the My Documents folder, preferably to CD's, DVD's, or a portable hard drive.
I would not save the Application Data folder under your username.
After a new system is installed, the entire My Documents archive can be scanned by the antivirus before copying pieces back to the new machine.

I think we have done all we can do here.
If you choose to reformat, repeat after me, "I will not ever use any P2P applications..."
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Double accent

Unread postby artolassss » April 21st, 2011, 7:59 am

I never used P2P application!!! Was a cousin of mine who did it long time ago.

I will Reformat and Re-Install the Operating System is the best option.

"I would not save the Application Data folder under your username." What means that? Could you explain to me?


Thanks for everything,
artolasss
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby askey127 » April 21st, 2011, 10:27 am

When you choose what documents to save for re-use with a new system, there is a folder here:
C:\Users\Paula Andrade\AppData\
Don't try to save what's in it.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Double accent

Unread postby artolassss » April 21st, 2011, 1:36 pm

Ok. Thank you very much for all your help. Really!
artolassss
Regular Member
 
Posts: 16
Joined: April 9th, 2011, 12:11 pm

Re: Double accent

Unread postby askey127 » April 21st, 2011, 8:04 pm

We have provided all the assistance we can on this topic.
Since it has been determined the best resolution of this issue requires a complete restore or installation, this topic will now be closed.

You can help support this site from this link:
Donations For Malware Removal
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 223 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware