Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Malware impossible to delete.

(In Progress)
(!)

Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
05-Oct-2011, 02:04 PM #1
Malware impossible to delete.
I have scanned my machine several times with avast already, and every single time, i get a list of remaining viruses. And everytime i attempt to use the option: "Repair" Avast refuses to do so for some reason.

I Then proceed to "Delete". However, during the day, avast STILL keeps giving me the common " Threat has been detected "

For some reason, the listing of the system32/svc host or some sort.. keeps showing up.


I'm running out of options.

Here is the log from HiJackThis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:03, on 05-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\WTouch\WTouchService.exe
C:\Programas\WTouch\WTouchUser.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Razer\DeathAdder\razerhid.exe
C:\Programas\DivX\DivX Update\DivXUpdate.exe
C:\Programas\AVAST Software\Avast\avastUI.exe
C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe
C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Programas\TortoiseSVN\bin\TSVNCache.exe
C:\Programas\Razer\DeathAdder\razertra.exe
C:\Programas\Steam\steam.exe
C:\Programas\Razer\DeathAdder\razerofa.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programas\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Skype\Phone\Skype.exe
C:\Programas\LogMeIn Hamachi\hamachi-2.exe
C:\Programas\Java\jre7\bin\jqs.exe
C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Programas\Skype\Plugin Manager\skypePM.exe
C:\Programas\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: Shell=Explorer.exe C:\Documents and Settings\John The God\Application Data\Microsoft\Windows Update.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DeathAdder] C:\Programas\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programas\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast] "C:\Programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Google Updater] "C:\Programas\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programas\Ficheiros comuns\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Steam] "C:\Programas\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [igndlm.exe] C:\Programas\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Aim] "C:\Programas\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programas\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Programas\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ManyCam] "C:\Programas\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [Java Update] C:\Documents and Settings\John The God\Definições locais\Temp\\Tmp2324.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EADM] "C:\Programas\Electronic Arts\EADM\EADMUI.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Programas\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Xfire.lnk = C:\Programas\Xfire\Xfire.exe
O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Programas\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Programas\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programas\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirements...qlabdetect.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/st...r_1.0.53.2.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...i_4.4.21.0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço Google Update (gupdate1c9bb5b76927ea0) (gupdate1c9bb5b76927ea0) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programas\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Programas\WTouch\WTouchService.exe

--
End of file - 12422 bytes
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
05-Oct-2011, 02:10 PM #2
You're using an old version(2.0.2) of HiJackThis.

Uninstall it and then do the following:

Go here and click the green "Download latest version" link to download and save HiJackThis 2.0.4.

After it's been downloaded and saved, close all open windows first, then double-click the saved file to install it.

Allow it to install in its default location - C:\Program Files.

After it's been installed, start it and then click "Do a system scan and save a log file".

When the scan is finished in less than 30 seconds, a log file will appear.

Save that log file.

Return here to your thread, then copy-and-paste the entire log file here.

------------------------------------------------------

You need to get rid of the buildup of temp files in that computer.

Do the following:

Click Start - Run, then type in

%temp%

and then click OK.

Click Start - Run, then type in

c:\windows\temp

and then click OK.

Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

After you're done, empty the Recycle Bin and then restart the computer.

------------------------------------------------------

Last edited by flavallee; 05-Oct-2011 at 02:16 PM..
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
05-Oct-2011, 06:35 PM #3
Here is the log file taken with the latest version:




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:34:36, on 05-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\WTouch\WTouchService.exe
C:\Programas\WTouch\WTouchUser.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Programas\Razer\DeathAdder\razerhid.exe
C:\Programas\DivX\DivX Update\DivXUpdate.exe
C:\Programas\AVAST Software\Avast\avastUI.exe
C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe
C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Programas\Steam\steam.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programas\Pando Networks\Media Booster\PMB.exe
C:\Programas\Razer\DeathAdder\razertra.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Razer\DeathAdder\razerofa.exe
C:\Programas\Skype\Phone\Skype.exe
C:\Programas\TortoiseSVN\bin\TSVNCache.exe
C:\Programas\LogMeIn Hamachi\hamachi-2.exe
C:\Programas\Google\Update\1.3.21.71\GoogleCrashHandler.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programas\Java\jre7\bin\jqs.exe
C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Programas\Skype\Plugin Manager\skypePM.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programas\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: Shell=Explorer.exe C:\Documents and Settings\John The God\Application Data\Microsoft\Windows Update.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DeathAdder] C:\Programas\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programas\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast] "C:\Programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Google Updater] "C:\Programas\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programas\Ficheiros comuns\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Steam] "C:\Programas\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [igndlm.exe] C:\Programas\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Aim] "C:\Programas\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programas\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Programas\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ManyCam] "C:\Programas\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [Java Update] C:\Documents and Settings\John The God\Definições locais\Temp\\Tmp2324.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EADM] "C:\Programas\Electronic Arts\EADM\EADMUI.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Programas\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Xfire.lnk = C:\Programas\Xfire\Xfire.exe
O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Programas\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Programas\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programas\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirements...qlabdetect.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/st...r_1.0.53.2.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...i_4.4.21.0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço Google Update (gupdate1c9bb5b76927ea0) (gupdate1c9bb5b76927ea0) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programas\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Programas\WTouch\WTouchService.exe

--
End of file - 13166 bytes






I Will now proceed to remove the Temporary files then.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
05-Oct-2011, 06:49 PM #4
Start HiJackThis, but don't run a scan.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

--------------------------------------------------------
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
05-Oct-2011, 06:55 PM #5
Here it is, oh and btw the "Actualização de segurança do Windows" thing means: Windows Security Update. Rough translation lol.


Actualização de Segurança para o Windows Media Player (KB2378111)
Actualização de Segurança para o Windows Media Player (KB952069)
Actualização de Segurança para o Windows Media Player (KB954155)
Actualização de Segurança para o Windows Media Player (KB968816)
Actualização de Segurança para o Windows Media Player (KB973540)
Actualização de Segurança para o Windows Media Player (KB973540)
Actualização de Segurança para o Windows Media Player (KB975558)
Actualização de Segurança para o Windows Media Player (KB978695)
Actualização de Segurança para o Windows Media Player (KB979402)
Actualização de segurança para Windows Internet Explorer 7 (KB2183461)
Actualização de segurança para Windows Internet Explorer 7 (KB2360131)
Actualização de segurança para Windows Internet Explorer 7 (KB2416400)
Actualização de segurança para Windows Internet Explorer 7 (KB2482017)
Actualização de segurança para Windows Internet Explorer 7 (KB2530548)
Actualização de segurança para Windows Internet Explorer 7 (KB2544521)
Actualização de segurança para Windows Internet Explorer 7 (KB2559049)
Actualização de segurança para Windows Internet Explorer 7 (KB938127)
Actualização de segurança para Windows Internet Explorer 7 (KB938127-v2)
Actualização de segurança para Windows Internet Explorer 7 (KB956390)
Actualização de segurança para Windows Internet Explorer 7 (KB958215)
Actualização de segurança para Windows Internet Explorer 7 (KB960714)
Actualização de segurança para Windows Internet Explorer 7 (KB961260)
Actualização de segurança para Windows Internet Explorer 7 (KB963027)
Actualização de segurança para Windows Internet Explorer 7 (KB969897)
Actualização de segurança para Windows Internet Explorer 7 (KB972260)
Actualização de segurança para Windows Internet Explorer 7 (KB974455)
Actualização de segurança para Windows Internet Explorer 7 (KB976325)
Actualização de segurança para Windows Internet Explorer 7 (KB978207)
Actualização de segurança para Windows Internet Explorer 7 (KB982381)
Actualização de segurança para Windows XP (KB2079403)
Actualização de segurança para Windows XP (KB2115168)
Actualização de segurança para Windows XP (KB2121546)
Actualização de segurança para Windows XP (KB2160329)
Actualização de segurança para Windows XP (KB2229593)
Actualização de segurança para Windows XP (KB2259922)
Actualização de segurança para Windows XP (KB2279986)
Actualização de segurança para Windows XP (KB2286198)
Actualização de segurança para Windows XP (KB2296011)
Actualização de segurança para Windows XP (KB2296199)
Actualização de segurança para Windows XP (KB2347290)
Actualização de segurança para Windows XP (KB2360937)
Actualização de segurança para Windows XP (KB2387149)
Actualização de segurança para Windows XP (KB2393802)
Actualização de segurança para Windows XP (KB2412687)
Actualização de segurança para Windows XP (KB2419632)
Actualização de segurança para Windows XP (KB2423089)
Actualização de segurança para Windows XP (KB2436673)
Actualização de segurança para Windows XP (KB2440591)
Actualização de segurança para Windows XP (KB2443105)
Actualização de segurança para Windows XP (KB2476490)
Actualização de segurança para Windows XP (KB2476687)
Actualização de segurança para Windows XP (KB2478960)
Actualização de segurança para Windows XP (KB2478971)
Actualização de segurança para Windows XP (KB2479628)
Actualização de segurança para Windows XP (KB2479943)
Actualização de segurança para Windows XP (KB2481109)
Actualização de segurança para Windows XP (KB2483185)
Actualização de segurança para Windows XP (KB2485376)
Actualização de segurança para Windows XP (KB2485663)
Actualização de segurança para Windows XP (KB2503665)
Actualização de segurança para Windows XP (KB2506212)
Actualização de segurança para Windows XP (KB2507618)
Actualização de segurança para Windows XP (KB2507938)
Actualização de segurança para Windows XP (KB2508272)
Actualização de segurança para Windows XP (KB2508429)
Actualização de segurança para Windows XP (KB2509553)
Actualização de segurança para Windows XP (KB2510581)
Actualização de segurança para Windows XP (KB2524375)
Actualização de segurança para Windows XP (KB2535512)
Actualização de segurança para Windows XP (KB2536276)
Actualização de segurança para Windows XP (KB2536276-v2)
Actualização de segurança para Windows XP (KB2544893)
Actualização de segurança para Windows XP (KB2555917)
Actualização de segurança para Windows XP (KB2562937)
Actualização de segurança para Windows XP (KB2566454)
Actualização de segurança para Windows XP (KB2567680)
Actualização de segurança para Windows XP (KB2570222)
Actualização de segurança para Windows XP (KB2570947)
Actualização de segurança para Windows XP (KB923561)
Actualização de segurança para Windows XP (KB938464)
Actualização de Segurança para Windows XP (KB941569)
Actualização de segurança para Windows XP (KB946648)
Actualização de segurança para Windows XP (KB950762)
Actualização de segurança para Windows XP (KB950974)
Actualização de segurança para Windows XP (KB951066)
Actualização de segurança para Windows XP (KB951376-v2)
Actualização de segurança para Windows XP (KB951698)
Actualização de segurança para Windows XP (KB951748)
Actualização de segurança para Windows XP (KB952004)
Actualização de segurança para Windows XP (KB952954)
Actualização de segurança para Windows XP (KB953838)
Actualização de segurança para Windows XP (KB953839)
Actualização de segurança para Windows XP (KB954211)
Actualização de segurança para Windows XP (KB954600)
Actualização de segurança para Windows XP (KB955069)
Actualização de segurança para Windows XP (KB956390)
Actualização de segurança para Windows XP (KB956391)
Actualização de segurança para Windows XP (KB956572)
Actualização de segurança para Windows XP (KB956744)
Actualização de segurança para Windows XP (KB956802)
Actualização de segurança para Windows XP (KB956803)
Actualização de segurança para Windows XP (KB956841)
Actualização de segurança para Windows XP (KB956844)
Actualização de segurança para Windows XP (KB957095)
Actualização de segurança para Windows XP (KB957097)
Actualização de segurança para Windows XP (KB958644)
Actualização de segurança para Windows XP (KB958687)
Actualização de segurança para Windows XP (KB958690)
Actualização de segurança para Windows XP (KB958869)
Actualização de segurança para Windows XP (KB959426)
Actualização de segurança para Windows XP (KB960225)
Actualização de segurança para Windows XP (KB960715)
Actualização de segurança para Windows XP (KB960803)
Actualização de segurança para Windows XP (KB960859)
Actualização de segurança para Windows XP (KB961371)
Actualização de segurança para Windows XP (KB961373)
Actualização de segurança para Windows XP (KB961501)
Actualização de segurança para Windows XP (KB968537)
Actualização de segurança para Windows XP (KB969059)
Actualização de segurança para Windows XP (KB969898)
Actualização de segurança para Windows XP (KB969947)
Actualização de segurança para Windows XP (KB970238)
Actualização de segurança para Windows XP (KB970430)
Actualização de segurança para Windows XP (KB971468)
Actualização de segurança para Windows XP (KB971486)
Actualização de segurança para Windows XP (KB971557)
Actualização de segurança para Windows XP (KB971633)
Actualização de segurança para Windows XP (KB971657)
Actualização de segurança para Windows XP (KB971961)
Actualização de segurança para Windows XP (KB972270)
Actualização de segurança para Windows XP (KB973346)
Actualização de segurança para Windows XP (KB973354)
Actualização de segurança para Windows XP (KB973507)
Actualização de segurança para Windows XP (KB973525)
Actualização de segurança para Windows XP (KB973869)
Actualização de segurança para Windows XP (KB973904)
Actualização de segurança para Windows XP (KB974112)
Actualização de segurança para Windows XP (KB974318)
Actualização de segurança para Windows XP (KB974392)
Actualização de segurança para Windows XP (KB974571)
Actualização de segurança para Windows XP (KB975025)
Actualização de segurança para Windows XP (KB975467)
Actualização de segurança para Windows XP (KB975560)
Actualização de segurança para Windows XP (KB975561)
Actualização de segurança para Windows XP (KB975562)
Actualização de segurança para Windows XP (KB975713)
Actualização de segurança para Windows XP (KB977165)
Actualização de segurança para Windows XP (KB977816)
Actualização de segurança para Windows XP (KB977914)
Actualização de segurança para Windows XP (KB978037)
Actualização de segurança para Windows XP (KB978251)
Actualização de segurança para Windows XP (KB978262)
Actualização de segurança para Windows XP (KB978338)
Actualização de segurança para Windows XP (KB978542)
Actualização de segurança para Windows XP (KB978601)
Actualização de segurança para Windows XP (KB978706)
Actualização de segurança para Windows XP (KB979309)
Actualização de segurança para Windows XP (KB979482)
Actualização de segurança para Windows XP (KB979559)
Actualização de segurança para Windows XP (KB979683)
Actualização de segurança para Windows XP (KB979687)
Actualização de segurança para Windows XP (KB980195)
Actualização de segurança para Windows XP (KB980218)
Actualização de segurança para Windows XP (KB980232)
Actualização de segurança para Windows XP (KB980436)
Actualização de segurança para Windows XP (KB981322)
Actualização de segurança para Windows XP (KB981349)
Actualização de segurança para Windows XP (KB981852)
Actualização de segurança para Windows XP (KB981957)
Actualização de segurança para Windows XP (KB981997)
Actualização de segurança para Windows XP (KB982132)
Actualização de segurança para Windows XP (KB982214)
Actualização de segurança para Windows XP (KB982665)
Actualização de segurança para Windows XP (KB982802)
Actualização para Windows Internet Explorer 7 (KB976749)
Actualização para Windows Internet Explorer 7 (KB980182)
Actualização para Windows XP (KB2141007)
Actualização para Windows XP (KB2345886)
Actualização para Windows XP (KB2467659)
Actualização para Windows XP (KB2541763)
Actualização para Windows XP (KB2607712)
Actualização para Windows XP (KB2616676)
Actualização para Windows XP (KB951072-v2)
Actualização para Windows XP (KB951978)
Actualização para Windows XP (KB955759)
Actualização para Windows XP (KB955839)
Actualização para Windows XP (KB961503)
Actualização para Windows XP (KB967715)
Actualização para Windows XP (KB968389)
Actualização para Windows XP (KB971029)
Actualização para Windows XP (KB971737)
Actualização para Windows XP (KB973687)
Actualização para Windows XP (KB973815)
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Community Help
Adobe Community Help
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe Illustrator CS4
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Age of Chivalry
AIM 7
AMD APP SDK Runtime
Any to Icon
Apple Application Support
Apple Software Update
ArtRage 2
Ask Toolbar
Assistente de Início de Sessão do Windows Live
ATI AVIVO Codecs
ATI HYDRAVISION
ATI Parental Control & Encoder
Auslogics Disk Defrag
Autodesk Backburner 2008.1
Autodesk FBX Plugin 2009.4 - 3ds Max 2010
AV Voice Changer Software DIAMOND 6.0
avast! Free Antivirus
Bamboo
BitTorrent
Burn4Free CD & DVD 4.9.0.0
Call of Duty Modern Warfare 2
Catalyst Control Center - Branding
CCleaner
Cheat Engine 6.0
Click to Call with Skype
Connect
Counter-Strike: Source
Counter-Strike: Source
Counter-Strike: Source Beta
CPUID HWMonitor 1.17
Data Doctor Password Recovery - Evaluation
Day of Defeat: Source
dBpowerAMP Music Converter
DivX Setup
Download Manager 2.3.10
Download Updater (AOL LLC)
Dream Of Mirror Online
Driver Robot
DVD Flick 1.3.0.7
DVD Suite
EA Download Manager
ESET Online Scanner v3
Ferramenta de Carregamento do Windows Live
Foxit Reader
Fraps (remove only)
Game Cam XPress 2.5.0
GameSpy Comrade
Garry's Mod
GoldWave v5.57
Google Chrome
Google Earth
Google Update Helper
Google Updater
GTK+ 2.10.13 runtime environment
GtkRadiant 1.5.0
Guild Wars
Half-Life
Half-Life 2
Half-Life 2: Deathmatch
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix para Windows XP (KB2158563)
Hotfix para Windows XP (KB2443685)
Hotfix para Windows XP (KB2570791)
Hotfix para Windows XP (KB942288-v3)
Hotfix para Windows XP (KB952287)
Hotfix para Windows XP (KB961118)
Hotfix para Windows XP (KB970653-v3)
Hotfix para Windows XP (KB976098-v2)
Hotfix para Windows XP (KB979306)
Hotfix para Windows XP (KB981793)
HyperCam 2
HyperCam Toolbar
IconChanger
ImageConverter Plus 8.0
Japanese Language Support
Java(TM) 7
Java(TM) SE Development Kit 7
Junk Mail filter update
kuler
LightScribe System Software 1.14.25.1
LightScribeTemplateLabeler
Logitech Desktop Messenger
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
LogMeIn Hamachi
LogMeIn Hamachi
Malwarebytes' Anti-Malware
ManyCam 2.6.30 (remove only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTG
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTG
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack - ptg
Microsoft .NET Framework 3.5 Language Pack - PTG
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mirror's Edge™
Mozilla Firefox (3.6.3)
MSVCRT
MSVCRT Redists
MSXML 4.0
MSXML 4.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Mumble 1.2.3
Need For Speed™ World
neroxml
NoVirusThanks Uploader 2.4.3.1
NVIDIA PhysX v8.10.17
Pando Media Booster
Password Decryptor 1.0
PDF Settings CS4
Photoshop Camera Raw
Portal
Portal 2
PowerISO
PunkBuster Services
Q3Map2 Toolz
Quake III Team Arena
Quake III Arena
Quake Live Internet Explorer Plugin
QuickTime
Razer DeathAdder(TM) Mouse
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Segoe UI
Simple Port Forwarding
Skype™ 5.1
SMCWUSB-G 802.11g Wireless USB 2.0 Adapter
Source SDK Base
Steam
Suite Shared Configuration CS4
System Requirements Lab
System Requirements Lab
System Requirements Lab
System Requirements Lab CYRI
TeamViewer 5
The Lord of the Rings FREE Trial
TortoiseSVN 1.6.15.21042 (32 bit)
TotalImageConverter
Tweak UI
Ultra AVI Converter 5.6.0801
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Urban Terror 4.1
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
Vegas Pro 10.0
Ventrilo Client
Vicon boujou 5.0
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 1.0.1
VSO Image Resizer 2.2.2.1
VSO Image Resizer 4.0.1.5
WebTablet Netscape Plugin
Windows Driver Package - Cypress (CyUsb) USB
Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
WinRAR archiver
Wolfenstein - Enemy Territory
Xbox 360 Controller for Windows
Xfire (remove only)
XML Paper Specification Shared Components Language Pack 1.0
YouTube Downloader 3.3
Zombie Panic Source
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
05-Oct-2011, 07:22 PM #6
Malwarebytes Anti-Malware(unknown version) needs to be updated to version 1.51.2.1300

http://www.malwarebytes.org/products/malwarebytes_free

-------------------------------------------------------

SUPERAntiSpyware 5.0.0.1128 needs to be downloaded and installed.

http://www.superantispyware.com/download.html

-------------------------------------------------------

After the above has been done and the computer restarted, do the following in the order that they're listed.

Note: Don't use the computer while each scan is in progress.

-------------------------------------------------------

Start Malwarebytes Anti-Malware.

Click "Updates(tab) - Check for Updates".

When the definition files have updated, click "OK".

Click "Scanner(tab) - Perform quick scan - Scan".

If infections or problems are found during the scan, the number of them will be highlighted in red.

When the scan is finished, click "Show Results".

Make sure that EVERYTHING is selected, then click "Remove Selected".

If you're prompted to restart to finish the removal process, click "Yes".

Start Malwarebytes Anti-Malware again.

Click "Logs"(tab).

Highlight the scan log entry, then click "Open".

When the scan log appears in Notepad, copy-and-paste it here.

-------------------------------------------------------

Start SUPERAntiSpyware.

Click "Check for Updates".

When the definition files have updated, click "Close".

Select the "Quick Scan" option, then click "Scan your Computer".

If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

When the scan is finished and the scan summary window appears, click "Continue".

Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

Click "OK - Finish".

If you're prompted to restart to finish the removal process, do so.

Start SUPERAntiSpyware again.

Click "View Scan Logs".

Highlight the scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

-------------------------------------------------------

Start HiJackThis, then click "Do a system scan and save a log file".

Save the new log that appears, then submit it here.

-------------------------------------------------------
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
05-Oct-2011, 07:23 PM #7
Did you have any trouble with deleting the contents of those 2 temp folders?

--------------------------------------------------------
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
05-Oct-2011, 08:29 PM #8
Quote:
Originally Posted by flavallee View Post
Did you have any trouble with deleting the contents of those 2 temp folders?

--------------------------------------------------------
As a matter of fact, yes. In One of the temp folders however, About every 2 or 3 seconds. Files kept appearing out of nowhere. No matter how many i deleted. On the other temp folder, everything was pretty much deleted. Apart from some always giving me the "This.... cannot be deleted, because it is being used by another program" etc etc.

But overall. i got rid of pretty much all of it.


I Shall now proceed to do the steps in your previous post.
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
05-Oct-2011, 10:29 PM #9
Here is the MBAM Scan Log:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7882

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

06-10-2011 2:28:59
mbam-log-2011-10-06 (02-28-59).txt

Scan type: Quick scan
Objects scanned: 183400
Time elapsed: 9 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Java Update (Trojan.Agent.Gen) -> Value: Java Update -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen.A) -> Bad: (Explorer.exe C:\Documents and Settings\John The God\Application Data\Microsoft\Windows Update.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:
c:\programas\mozilla firefox\extensions\{f270f1af-34d6-41cb-a9f5-8200ef7db41f} (Adware.Zwunzi) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)





Here is The SUPERAnti-Spyware Scan Log:






SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/06/2011 at 02:46 AM

Application Version : 5.0.1128

Core Rules Database Version : 7763
Trace Rules Database Version: 5575

Scan type : Quick Scan
Total Scan Time : 00:04:48

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 702
Memory threats detected : 0
Registry items scanned : 32303
Registry threats detected : 20
File items scanned : 6880
File threats detected : 271

Adware.HBHelper
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID

Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Trojan.Agent/Gen-SSHNAS
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS\0000#DeviceDesc

Adware.Tracking Cookie
C:\Documents and Settings\John The God\Cookies\YB588512.txt [ /atwola.com ]
C:\Documents and Settings\John The God\Cookies\RO5KFVU8.txt [ /dc.tremormedia.com ]
C:\Documents and Settings\John The God\Cookies\ZO21S2X8.txt [ /doubleclick.net ]
C:\Documents and Settings\John The God\Cookies\4TECNPSJ.txt [ /advertising.com ]
C:\Documents and Settings\John The God\Cookies\3NDAB3ED.txt [ /anrtx.tacoda.net ]
C:\Documents and Settings\John The God\Cookies\28Q9DH1F.txt [ /cdn.at.atwola.com ]
C:\Documents and Settings\John The God\Cookies\19PYN6QG.txt [ /ar.atwola.com ]
C:\Documents and Settings\John The God\Cookies\I0BTYLN4.txt [ /media.quakelive.com ]
C:\Documents and Settings\John The God\Cookies\3762MFY0.txt [ /at.atwola.com ]
C:\Documents and Settings\John The God\Cookies\N302D93H.txt [ /tacoda.at.atwola.com ]
C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\Cookies\john_the_god@www.google[2].txt [ Cookie:john the god@www.google.com/accounts ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fourseasonshotels.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffichaus.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.zeusclicks.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.3dstats.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.anrtx.tacoda.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.digitalmedianet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
forums.digitalmedianet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
forums.digitalmedianet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
forums.digitalmedianet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.digitalmedianet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.mmoguru.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hentaitoplist.org [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cn.clickable.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.userporn.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.userporn.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.userporn.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.pornhub.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
2.s04.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s04.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.zeusclicks.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.star-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.star-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.star-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.star-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.star-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adnetxchange.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver2.exgfnetwork.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.adultrevads.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eaeacom.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hentaicounter.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fortunecity.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fortunecity.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fortunecity.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fortunecity.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
imagevenue.advertserve.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
imagevenue.advertserve.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpansion.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chitika.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd1.netshelter.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
zbox.zanox.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\DOCUMENTS AND SETTINGS\JOHN THE GOD\DEFINIçõES LOCAIS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]




And here is the HiJackThis Scan Log:






Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:28:23, on 06-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\WTouch\WTouchService.exe
C:\Programas\WTouch\WTouchUser.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\TortoiseSVN\bin\TSVNCache.exe
C:\Programas\SUPERAntiSpyware\SASCORE.EXE
C:\Programas\Razer\DeathAdder\razerhid.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Programas\DivX\DivX Update\DivXUpdate.exe
C:\Programas\Logitech\Logitech WebCam Software\LWS.exe
C:\Programas\AVAST Software\Avast\avastUI.exe
C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe
C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Programas\LogMeIn Hamachi\hamachi-2.exe
C:\Programas\Razer\DeathAdder\razertra.exe
C:\Programas\Razer\DeathAdder\razerofa.exe
C:\Programas\Steam\steam.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\Programas\Google\Update\1.3.21.71\GoogleCrashHandler.exe
C:\Programas\Pando Networks\Media Booster\PMB.exe
C:\Programas\Java\jre7\bin\jqs.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programas\Ficheiros comuns\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Skype\Phone\Skype.exe
C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programas\Xfire\Xfire.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Programas\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Google\Chrome\Application\chrome.exe
C:\Programas\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DeathAdder] C:\Programas\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programas\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast] "C:\Programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Google Updater] "C:\Programas\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programas\Ficheiros comuns\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Steam] "C:\Programas\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [igndlm.exe] C:\Programas\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Aim] "C:\Programas\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programas\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Programas\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ManyCam] "C:\Programas\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EADM] "C:\Programas\Electronic Arts\EADM\EADMUI.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Programas\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Xfire.lnk = C:\Programas\Xfire\Xfire.exe
O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Programas\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Programas\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programas\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirements...qlabdetect.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/st...r_1.0.53.2.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...i_4.4.21.0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programas\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço Google Update (gupdate1c9bb5b76927ea0) (gupdate1c9bb5b76927ea0) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programas\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Programas\WTouch\WTouchService.exe

--
End of file - 13561 bytes
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
06-Oct-2011, 10:11 AM #10
Did you make sure that EVERYTHING was selected and removed that was found in the SUPERAntiSpyware scan?

Its scan log doesn't show what action you took like the Malwarebytes Anti-Malware scan log does, so I need to ask.

--------------------------------------------------------------

Let's get that bloated startup load trimmed down.

Some of them don't need to auto-load and run in the background at all, and some of them can be manually started when needed.

Follow the below instructions carefully and completely.

After you're done and have restarted the computer, submit a new HiJackThis log.

--------------------------------------------------------------

Click Start - Run, then type in MSCONFIG and then click OK - "Startup" tab.

Remove the checkmark in these startup entries:

QuickTime Task - or - qttask

DivXUpdate

All entries that have "Adobe" or "Acrobat" or "Reader" in the name

IMJPMIG8.1 - or - IMJPMIG

IMEKRMIG6.1 - or - IMEKRMIG

MSPY2002 - or - ImScInst

PHIME2002ASync - or - TINTSETP

PHIME2002A - or - TINTSETP

SwitchBoard

SunJavaUpdateSched - or - jusched - or - Java(TM) - -

Google Updater - or - GoogleUpdater

Steam - or - steam

swg - or - GoogleToolbarNotifier

igndlm.exe - or - DLM

DAEMON Tools Pro Agent - or - DTAgent

EADM - or - EADMUI

Comrade.exe - or - Comrade

Xfire

After you're done, click Apply - OK/Close - Exit Without Restart.

Click Start - Run, then type in SERVICES.MSC and then click OK.

Double-click on these servicie entries, one at a time, to open their properties window:

FLEXnet Licensing Service

Google Update

Google Update

Google Software Updater

Java Quick Starter

nProtect GameGuard Service

PnkBstrA

Adobe SwitchBoard


If the "Startup Type" is set on Automatic, change it to Manual, then click Apply - OK.

After you're done, close the services window and then restart the computer.

When the small System Configuration Utility window appears, ignore its message about being in diagnostic/selective startup mode.

Do NOT change it to normal startup mode!!!

Put a checkmark in the lower left of that window, then click OK to close it.

--------------------------------------------------------------
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
06-Oct-2011, 12:05 PM #11
Here is the log from HiJack This:



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:12, on 06-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\WTouch\WTouchService.exe
C:\Programas\WTouch\WTouchUser.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\SUPERAntiSpyware\SASCORE.EXE
C:\Programas\LogMeIn Hamachi\hamachi-2.exe
C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
C:\Programas\Google\Update\1.3.21.71\GoogleCrashHandler.exe
C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\TortoiseSVN\bin\TSVNCache.exe
C:\Programas\Razer\DeathAdder\razerhid.exe
C:\Programas\AVAST Software\Avast\avastUI.exe
C:\Programas\Razer\DeathAdder\razertra.exe
C:\Programas\Razer\DeathAdder\razerofa.exe
C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programas\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Skype\Phone\Skype.exe
C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programas\Skype\Plugin Manager\skypePM.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programas\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=66019
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programas\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programas\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DeathAdder] C:\Programas\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programas\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast] "C:\Programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programas\Ficheiros comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programas\Ficheiros comuns\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Aim] "C:\Programas\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programas\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Programas\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Programas\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Programas\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programas\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirements...qlabdetect.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/st...r_1.0.53.2.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...i_4.4.21.0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programas\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço Google Update (gupdate1c9bb5b76927ea0) (gupdate1c9bb5b76927ea0) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Programas\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programas\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Programas\WTouch\WTouchService.exe

--
End of file - 11558 bytes
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,397 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
06-Oct-2011, 01:58 PM #12
Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully
Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

Download ComboFix from Here or Hereto your Desktop.
As you download it rename it to username123.exe


**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on renamed combofix.exe & follow the prompts.
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

Please tell us if it has cured the problems or if there are any outstanding issues
__________________
Derek Microsoft MVP/Windows - Security | Thespykiller | How to protect yourself and other Security Advice
Find out all about the European Wild Hedgehog, what you can do to save it from extinction Hedgehog Rescue
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 57,361 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
06-Oct-2011, 04:49 PM #13
Avectius:

Follow dvk01's instructions from here on. I can jump back in later.

--------------------------------------------------------
Avectius's Avatar
Avectius Avectius is offline
Member with 205 posts.
THREAD STARTER
 
Join Date: Nov 2008
06-Oct-2011, 08:19 PM #14
Here is the log from combo fix:



ComboFix 11-10-06.03 - John The God 06-10-2011 23:48:31.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.351.2070.18.2047.1202 [GMT 1:00]
Executando de: c:\documents and settings\John The God\Ambiente de trabalho\username123.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall Pro *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\John The God\Modelos\Pain_Logger_PrivateEdition_Ftp_Log 1 On JOHNTHEGOD 's ComputerAt13-02-2011---22-01-04.txt
c:\documents and settings\John The God\Modelos\Pain_Logger_PrivateEdition_Ftp_Log 1 On JOHNTHEGOD 's ComputerAt15-02-2011---12-45-34.txt
C:\install.exe
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\system32\Dump
c:\windows\system32\Dump\MiniDump.dmp
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2011-09-06 to 2011-10-06 ))))))))))))))))))))))))))))
.
.
2011-10-06 00:40 . 2011-10-06 00:40 -------- d-----w- c:\documents and settings\John The God\Application Data\SUPERAntiSpyware.com
2011-10-06 00:40 . 2011-10-06 00:40 -------- d-----w- c:\programas\SUPERAntiSpyware
2011-10-06 00:40 . 2011-10-06 00:40 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-10-06 00:33 . 2011-10-06 00:33 -------- d-----w- c:\programas\Malwarebytes' Anti-Malware
2011-10-06 00:33 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-05 22:34 . 2011-10-05 22:34 388096 ----a-r- c:\documents and settings\John The God\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-13 21:58 . 2011-09-13 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\YouTube Downloader
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2004-08-04 12:00 603136 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-09 16:52 . 2011-02-09 16:52 40445 ----a-w- c:\programas\uninstall.exe
2010-09-11 21:30 . 2010-09-11 21:02 1673739382 ----a-w- c:\programas\Dragonica_Setup.exe
2010-06-15 01:54 . 2010-06-15 01:54 153008 ----a-w- c:\programas\fraps64.dll
2010-06-15 01:54 . 2010-06-15 01:54 206768 ----a-w- c:\programas\fraps32.dll
2010-06-15 01:54 . 2010-06-15 01:54 74672 ----a-w- c:\programas\fraps64.dat
2010-06-15 01:54 . 2010-06-15 01:54 2320304 ----a-w- c:\programas\fraps.exe
2010-06-15 01:46 . 2010-06-15 01:46 163840 ----a-w- c:\programas\frapslcd.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\programas\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 08:55 87304 ----a-w- c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\programas\Ficheiros comuns\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392]
"msnmsgr"="c:\programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"Aim"="c:\programas\AIM\aim.exe" [2010-09-16 4425048]
"Pando Media Booster"="c:\programas\Pando Networks\Media Booster\PMB.exe" [2010-09-11 2969496]
"ManyCam"="c:\programas\ManyCam\Bin\ManyCam.exe" [2010-12-21 1739848]
"Skype"="c:\programas\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"SUPERAntiSpyware"="c:\programas\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-14 4611456]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\programas\Ficheiros comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"DeathAdder"="c:\programas\Razer\DeathAdder\razerhid.exe" [2007-09-07 159744]
"LogitechQuickCamRibbon"="c:\programas\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"PWRISOVM.EXE"="c:\programas\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"avast"="c:\programas\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"AdobeAAMUpdater-1.0"="c:\programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-04-18 500208]
"AdobeCS5ServiceManager"="c:\programas\Ficheiros comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"StartCCC"="c:\programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"LogMeIn Hamachi Ui"="c:\programas\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-04 1955208]
"Malwarebytes' Anti-Malware"="c:\programas\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\documents and settings\All Users\Menu Iniciar\Programas\Arranque\
SMCWUSB-G 802.11g Wireless USB Utility.lnk - c:\programas\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-1-18 442368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programas\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\programas\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCO RE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoa dGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^John The God^Menu Iniciar^Programas^Arranque^Xfire.lnk]
path=c:\documents and settings\John The God\Menu Iniciar\Programas\Arranque\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2011-03-17 14:54 1204640 ----a-w- c:\programas\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\programas\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2011-04-03 06:10 11857920 ----a-w- c:\programas\Electronic Arts\EADM\EADMUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Updater]
2011-09-30 00:16 161336 ----a-w- c:\programas\Google\Google Updater\GoogleUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\programas\Download Manager\DLM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2011-03-30 01:15 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-04 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-09-22 02:35 1242448 ----a-w- c:\programas\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-05-04 12:59 252136 ----a-w- c:\programas\Ficheiros comuns\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-12 10:42 39408 ----a-w- c:\programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programas\\UrbanTerror\\ioUrbanTerror.exe"=
"c:\\Programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programas\\Xfire\\Xfire.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Programas\\Steam\\SteamApps\\xlr8r_3\\source sdk base\\hl2.exe"=
"c:\\Programas\\Ficheiros comuns\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programas\\Steam\\Steam.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Programas\\BitTorrent\\bittorrent.exe"=
"c:\\Programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Programas\\AIM\\aim.exe"=
"c:\\Programas\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Programas\\UrbanTerror\\ioUrTded.exe"=
"c:\\Programas\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Programas\\Autodesk\\Backburner\\manager.exe"=
"c:\\Programas\\Autodesk\\Backburner\\server.exe"=
"c:\\Programas\\Activision\\Modern Warfare 2\\iw4mp.dat"=
"c:\\Programas\\Activision\\Modern Warfare 2\\iw4sp.exe"=
"c:\\Programas\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programas\\Quake III Arena\\quake3.exe"=
"c:\\Documents and Settings\\John The God\\Os meus documentos\\Downloads\\Borderlands 1.3.0\\borderlands\\Binaries\\Borderlands.exe"=
"c:\\Documents and Settings\\John The God\\Games\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Documents and Settings\\John The God\\Games\\Unreal Tournament 3\\Binaries\\UnrealFrontend.exe"=
"c:\\Documents and Settings\\John The God\\Games\\Unreal Tournament 3\\Binaries\\UnrealConsole.exe"=
"c:\\Programas\\Electronic Arts\\Mirror's Edge™\\Binaries\\MirrorsEdge.exe"=
"c:\\Programas\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programas\\Steam\\steamapps\\xlr8r_3\\zombie panic! source\\hl2.exe"=
"c:\\Programas\\Ventrilo\\Ventrilo.exe"=
"c:\\Programas\\Skype\\Phone\\Skype.exe"=
"c:\\Programas\\Steam\\steamapps\\xlr8r_3\\counter-strike source\\hl2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"58308:TCP"= 58308:TCP:Pando Media Booster
"58308:UDP"= 58308:UDP:Pando Media Booster
"1150:TCP"= 1150:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12-10-2010 16:33 697328]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16-03-2011 13:51 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16-03-2011 13:51 301528]
R1 SASDIFSV;SASDIFSV;c:\programas\SUPERAntiSpyware\sasdifsv.sys [22-07-2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\programas\SUPERAntiSpyware\SASKUTIL.SYS [12-07-2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\programas\SUPERAntiSpyware\SASCore.exe [12-08-2011 0:38 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16-03-2011 13:51 19544]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [02-03-2011 15:31 21992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\programas\LogMeIn Hamachi\hamachi-2.exe [04-08-2011 14:34 1361288]
R2 MBAMService;MBAMService;c:\programas\Malwarebytes' Anti-Malware\mbamservice.exe [06-10-2011 1:33 366152]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [21-03-2010 20:32 4408616]
R2 WTouchService;WTouch Service;c:\programas\WTouch\WTouchService.exe [21-03-2010 20:34 112936]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [05-12-2009 20:53 22784]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [06-10-2011 1:33 22216]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [14-05-2010 22:58 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-03-2010 14:16 130384]
S2 gupdate1c9bb5b76927ea0;Serviço Google Update (gupdate1c9bb5b76927ea0);c:\programas\Google\Update\GoogleUpdate.exe [12-04-2009 11:43 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [06-03-2011 21:26 1691480]
S3 gupdatem;Serviço Google Update (gupdatem);c:\programas\Google\Update\GoogleUpdate.exe [12-04-2009 11:43 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.s ys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [22-11-2008 13:53 34384]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [09-09-2008 18:48 408064]
S3 SwitchBoard;Adobe SwitchBoard;c:\programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe [19-02-2010 13:37 517096]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [27-06-2010 19:27 15656]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v040 0.exe [18-03-2010 14:16 753504]
S3 XDva273;XDva273;\??\c:\windows\system32\XDva273.sys --> c:\windows\system32\XDva273.sys [?]
S3 XDva280;XDva280;\??\c:\windows\system32\XDva280.sys --> c:\windows\system32\XDva280.sys [?]
S3 XDva281;XDva281;\??\c:\windows\system32\XDva281.sys --> c:\windows\system32\XDva281.sys [?]
S3 XDva344;XDva344;\??\c:\windows\system32\XDva344.sys --> c:\windows\system32\XDva344.sys [?]
S3 XDva365;XDva365;\??\c:\windows\system32\XDva365.sys --> c:\windows\system32\XDva365.sys [?]
S3 XDva375;XDva375;\??\c:\windows\system32\XDva375.sys --> c:\windows\system32\XDva375.sys [?]
S3 XDva385;XDva385;\??\c:\windows\system32\XDva385.sys --> c:\windows\system32\XDva385.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 13:11 451872 ----a-w- c:\programas\Ficheiros comuns\LightScribe\LSRunOnce.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2011-10-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-JOHNTHEGOD-John The God.job
- c:\programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-04-18 04:52]
.
2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-10-02 c:\windows\Tasks\Driver Robot.job
- c:\programas\Driver Robot\Driver Robot.lnk [2010-08-14 22:31]
.
2011-10-06 c:\windows\Tasks\Google Software Updater.job
- c:\programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-12 00:16]
.
2011-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programas\Google\Update\GoogleUpdate.exe [2009-04-12 10:42]
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programas\Google\Update\GoogleUpdate.exe [2009-04-12 10:42]
.
2011-10-07 c:\windows\Tasks\User_Feed_Synchronization-{F643B1D3-7673-4BA8-9315-4D762C2E60F8}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]
.
2010-10-13 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-03 21:18]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.pt/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyServer = http=
IE: Add to AMV Convert Tool... - c:\programas\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\programas\MP3 Player Utilities 4.00\MediaManager\grab.html
Trusted Zone: internet
TCP: DhcpNameServer = 212.113.164.6 212.113.164.5
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\John The God\Application Data\Mozilla\Firefox\Profiles\q6j0rgrq.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.crawler.com/?tbid=66019
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORFÃOS REMOVIDOS - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-DAEMON Tools Pro Agent - c:\programas\DAEMON Tools Pro\DTAgent.exe
MSConfigStartUp-pRSWuweqyJ - c:\documents and settings\John The God\Definições locais\Temp\\Minecraftslide.exe
MSConfigStartUp-QuickTime Task - c:\programas\QuickTime\qttask.exe
MSConfigStartUp-ZvJXEVIMlZXRjgDZxEzLOdyzKTOrHauNIwdlmkpaUbFSRhlofF - c:\documents and settings\John The God\Modelos\CallOfDutyBlackOpss.exe
AddRemove-AV Voice Changer Software DIAMOND 6.0 - c:\progra~1\AVVCS6~1.0D~\UNWISE.EXE
AddRemove-Burn4Free CD & DVD_is1 - c:\programas\Burn4Free\unins000.exe
AddRemove-Dream Of Mirror Online - c:\aeriagames\DOMO\Uninst.exe
AddRemove-Half-Life - c:\programas\Dark Ares\Half-Life\Uninstall.exe
AddRemove-PunkBusterSvc - c:\programas\EA Games\Battlefield Play4Free\pbsvc_p4f.exe
AddRemove-Wacom WebTabletPlugin for Netscape - c:\programas\TabletPlugins\npUninstall.exe
AddRemove-Wolfenstein - Enemy Territory - c:\progra~1\WOLFEN~1\Uninstall\Unwise.exe
AddRemove-{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1 - c:\programas\VSO\Image Resizer\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-07 00:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Procurando processos ocultos ...
.
Procurando entradas auto inicializáveis ocultas ...
.
Procurando ficheiros/arquivos ocultos ...
.
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-1708537768-1326574676-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:59,06,77,a3,64,42,02,01,7f,63,a3,71,6a,fd,70,33,10,72,12,22, e7,
43,cb,ff,13,a5,b9,66,f1,bc,54,a5,d4,d4,8d,f2,54,70,1d,0d,7d,9f,7d,51,e5,26, \
"rkeysecu"=hex:d6,62,4f,87,d6,36,9d,84,69,1c,4b,97,1c,80,eb,97
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'winlogon.exe'(904)
c:\programas\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1100)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\msi.dll
c:\programas\Ficheiros comuns\TortoiseOverlays\TortoiseOverlays.dll
c:\programas\TortoiseSVN\bin\TortoiseStub.dll
c:\programas\TortoiseSVN\bin\TortoiseSVN.dll
c:\programas\TortoiseSVN\bin\intl3_tsvn.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\programas\Ficheiros comuns\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programas\WTouch\WTouchUser.exe
c:\windows\system32\Ati2evxx.exe
c:\programas\AVAST Software\Avast\AvastSvc.exe
c:\programas\Google\Update\1.3.21.71\GoogleCrashHandler.exe
c:\programas\Ficheiros comuns\LightScribe\LSSrvc.exe
c:\programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programas\TortoiseSVN\bin\TSVNCache.exe
c:\programas\Razer\DeathAdder\razertra.exe
c:\programas\Razer\DeathAdder\razerofa.exe
c:\programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\programas\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Tempo para conclusão: 2011-10-07 01:10:18 - Máquina reiniciou
ComboFix-quarantined-files.txt 2011-10-07 00:10
ComboFix2.txt 2010-05-10 17:33
ComboFix3.txt 2008-12-28 14:27
ComboFix4.txt 2008-12-27 23:26
ComboFix5.txt 2011-10-06 22:43
.
Pré-execução: 39.956.455.424 bytes livres
Pós execução: 78.548.180.992 bytes livres
.
- - End Of File - - C9681CF17E4EE960EBF10113F8845471
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,397 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
09-Oct-2011, 05:01 AM #15
are you still gettinmg avast detecting anything & if so what

At a quick glance it is very possible that you have soem pirated games etc on there & Avast etc is detecting trojans in them

before we go any further

Please run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑