ComboFix Log...HELP

NatePD · 10-04-2009, 07:08 PM

Well ever since I was away for the weekend and my sister used my pc, it began being all slow and weird, but avast and adaware didn't find anything wrong with it....my computer would start wrong and sometimes nothing would work...it was impossible. And in my desesperation I found about combofix and ran it...though now I know I shouldnt have run it alone like this. But even though, I hope someone can help me.

ComboFix 09-10-04.01 - Nanalie 04/10/2009 21:14:00.1.2 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.55.1046.18.2046.1321 [GMT -3:00]
Executando de: C:\Users\Nanalie\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091004-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1351 [VPS 091004-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\$RECYCLE.BIN\S-1-5-21-1798221935-2953275419-3654546263-500
C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-1000
C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-1002
C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-500
C:\$RECYCLE.BIN\S-1-5-21-918056312-2952985149-2686913973-500
C:\Program Files\ActivationManager
C:\Program Files\ActivationManager\Uninstall.exe
C:\Users\Nanalie\AppData\Roaming\Desktopicon
C:\Users\Nanalie\AppData\Roaming\Desktopicon\eBayShortcuts.exe
C:\Users\Nanalie\AppData\Roaming\Desktopicon\mc.ico
C:\WINDOWS\Installer\1aa40f0.msi
C:\WINDOWS\Installer\fbac57.msi
C:\WINDOWS\Installer\fbacb2.msi
C:\Windows\system32\hjgruicxpiaebr.dat
C:\Windows\system32\hjgruighntekql.dat
C:\Windows\UA000079.DLL
D:\resycled

A cópia de C:\Windows\System32\drivers\atapi.sys foi encontrada e desinfectada
Kitty ate it :)
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_HJGRUIWYRQTARW
-------\Service_hjgruiwyrqtarw

(((((((((((((((( Arquivos/Ficheiros criados de 2009-09-05 to 2009-10-05 ))))))))))))))))))))))))))))
.

2009-10-05 00:23:19 . 2009-10-05 00:30:06 0 d-----w- C:\Users\Nanalie\AppData\Local\temp
2009-10-04 18:04:12 . 2009-10-04 18:04:12 0 d-----w- C:\Program Files\freshney.org
2009-10-04 01:49:39 . 2009-10-04 01:49:39 0 d-----w- C:\download
2009-10-04 01:34:36 . 2009-10-04 01:40:40 0 d-----w- C:\Program Files\TABLET
2009-10-04 00:20:04 . 2009-10-04 21:16:04 0 d-----w- C:\Users\Nanalie\PS CS4
2009-10-02 03:04:36 . 2009-10-02 21:40:34 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Software Informer
2009-10-02 03:04:35 . 2009-10-02 03:04:36 0 d-----w- C:\Program Files\Software Informer
2009-10-01 19:56:02 . 2009-10-01 19:56:02 0 d-----w- C:\Windows\system32\CSIDL_PERSONAL
2009-10-01 19:52:40 . 2009-10-01 21:14:14 0 d-----w- C:\Users\Nanalie\AppData\Local\uTIPu
2009-10-01 19:50:00 . 2009-10-03 00:32:38 0 d-----w- C:\Program Files\uTIPu
2009-10-01 03:14:41 . 2009-10-01 03:14:42 0 d-----w- C:\Program Files\Adobe Media Player
2009-09-29 18

34 . 2009-07-18 12:16:59 1159680 ----a-w- C:\Windows\system32\urlmon(254).dll
2009-09-29 18

33 . 2009-07-18 12:17:15 827392 ----a-w- C:\Windows\system32\wininet(259).dll
2009-09-29 18

32 . 2009-07-18 12:10:33 268288 ----a-w- C:\Windows\system32\iertutil(225).dll
2009-09-28 20:24:29 . 2009-09-28 20:24:29 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Conceptworld
2009-09-28 20:24:12 . 2009-09-28 20:24:12 0 d-----w- C:\Program Files\Conceptworld
2009-09-28 19:35:20 . 2009-06-03 23:56:18 675152 ----a-w- C:\Windows\system32\gpprefcl.dll
2009-09-27 14:04:05 . 2009-10-01 16:15:49 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Download Manager
2009-09-22 20:30:01 . 2009-08-29 03:41:42 1686528 ----a-w- C:\Windows\system32\gameux.dll
2009-09-22 20:30:00 . 2009-08-29 03:40:31 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2009-09-22 20:29:58 . 2009-08-28 23:31:54 4247552 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-22 20:05:44 . 2008-08-28 03:24:50 425472 ----a-w- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-22 20:05:44 . 2008-08-28 03:22:04 712704 ----a-w- C:\Windows\system32\WindowsCodecs.dll
2009-09-22 20:05:44 . 2008-08-28 03:22:04 347648 ----a-w- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-22 20:01:27 . 2008-10-22 03:43:51 95232 ----a-w- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-22 20:01:27 . 2008-10-22 03:43:51 241152 ----a-w- C:\Windows\system32\PortableDeviceApi.dll
2009-09-22 20:01:27 . 2008-10-22 03:43:51 160768 ----a-w- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-22 19:56:35 . 2008-10-21 05:16:20 1645568 ----a-w- C:\Windows\system32\connect.dll
2009-09-20 19:50:36 . 2009-09-20 19:50:36 0 d-----w- C:\ProgramData\SUPERAntiSpyware.com
2009-09-20 19:49:35 . 2009-10-04 15:01:53 0 d-----w- C:\Program Files\SUPERAntiSpyware
2009-09-20 19:49:35 . 2009-10-04 13:50:12 0 d-----w- C:\Users\Nanalie\AppData\Roaming\SUPERAntiSpyware.com
2009-09-18 21:48:18 . 2009-09-18 21:48:22 0 d-----w- C:\Program Files\CCleaner
2009-09-18 21:39:47 . 2009-09-18 21:39:47 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Yahoo!
2009-09-18 21:39:45 . 2009-09-18 21:39:51 0 d-----w- C:\Program Files\Yahoo!
2009-09-18 21:39:40 . 2009-09-18 22:55:23 0 d-----w- C:\Users\Nanalie\AppData\Roaming\IObit
2009-09-18 21:39:40 . 2009-09-18 22:55:22 0 d-----w- C:\Program Files\IObit
2009-09-18 13:40:38 . 2009-09-18 13:40:38 0 d-----w- C:\Program Files\VS Revo Group
2009-09-17 21:07:50 . 2009-09-17 21:07:50 0 d-----w- C:\Users\Nanalie\AppData\Roaming\FBAIR.596FB312AB4AF14A42BA76B7E8A07B54AC2BED3A.1
2009-09-17 20:54:38 . 2009-09-17 20:54:38 0 d-----w- C:\Program Files\Firebird
2009-09-17 20:54:27 . 2009-09-17 20:54:27 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Witty
2009-09-17 20:50:32 . 2009-09-17 20:50:32 0 d-----w- C:\Users\Nanalie\AppData\Local\thirteen23
2009-09-17 20:47:31 . 2009-10-02 03:20:43 0 d-----w- C:\Users\Nanalie\AppData\Local\Deployment
2009-09-17 20:47:31 . 2009-09-17 20:47:31 0 d-----w- C:\Users\Nanalie\AppData\Local\Apps
2009-09-16 15:37:11 . 2009-09-22 18:34:31 0 d-----w- C:\Users\Nanalie\AppData\Roaming\**** Dream Creation
2009-09-15 23:40:16 . 2009-09-16 00:37:57 0 d-----w- C:\Users\Nanalie\AppData\Roaming\DeskSlide
2009-09-10 21:49:52 . 2009-09-10 21:50:17 0 d-----w- C:\Program Files\Safari
2009-09-10 21:24:56 . 2009-09-11 22:51:53 0 d-----w- C:\Program Files\Opera
2009-09-08 21:52:02 . 2009-08-15 21:30:53 816640 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-09-08 21:52:01 . 2009-08-16 00:32:09 214104 ----a-w- C:\Windows\system32\drivers\netio.sys
2009-09-08 21:52:00 . 2009-08-15 23:58:19 167424 ----a-w- C:\Windows\system32\tcpipcfg.dll
2009-09-08 21:52:00 . 2009-08-15 23:54:25 416768 ----a-w- C:\Windows\system32\IKEEXT.DLL
2009-09-08 21:52:00 . 2009-08-15 23:54:01 543232 ----a-w- C:\Windows\system32\FWPUCLNT.DLL
2009-09-08 21:52:00 . 2009-08-15 23:53:03 317440 ----a-w- C:\Windows\system32\BFE.DLL
2009-09-08 21:52:00 . 2009-08-15 21:29:52 85504 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS
2009-09-08 21:52:00 . 2009-08-14 16:40:56 103936 ----a-w- C:\Windows\system32\netiohlp.dll
2009-09-08 21:51:59 . 2009-08-15 21:30:09 22016 ----a-w- C:\Windows\system32\netiougc.exe
2009-09-08 21:51:59 . 2009-08-14 16:40:52 15360 ----a-w- C:\Windows\system32\netevent.dll
2009-09-08 21:51:59 . 2009-08-14 14:25:18 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:16 17920 ----a-w- C:\Windows\system32\ROUTE.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:15 11264 ----a-w- C:\Windows\system32\MRINFO.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:14 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:10 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:10 19968 ----a-w- C:\Windows\system32\ARP.EXE
2009-09-08 21:51:59 . 2009-08-14 14:25:10 10240 ----a-w- C:\Windows\system32\finger.exe
2009-09-08 21:50:09 . 2009-07-11 19:24:52 289280 ----a-w- C:\Windows\system32\wlanmsm.dll
2009-09-08 21:50:08 . 2009-07-11 19:26:52 123904 ----a-w- C:\Windows\system32\L2SecHC.dll
2009-09-08 21:50:08 . 2009-07-11 19:24:52 502784 ----a-w- C:\Windows\system32\wlansvc.dll
2009-09-08 21:50:08 . 2009-07-11 19:24:52 299520 ----a-w- C:\Windows\system32\wlansec.dll
2009-09-08 21:50:08 . 2009-07-11 19:24:51 67584 ----a-w- C:\Windows\system32\wlanhlp.dll
2009-09-08 21:50:08 . 2009-07-11 19:24:51 47104 ----a-w- C:\Windows\system32\wlanapi.dll
2009-09-08 21:50:01 . 2009-06-10 12:07:29 2855424 ----a-w- C:\Windows\system32\mf.dll
2009-09-08 21:50:00 . 2009-06-10 12:07:32 98816 ----a-w- C:\Windows\system32\mfps.dll
2009-09-08 21:50:00 . 2009-06-10 10:14:32 52736 ----a-w- C:\Windows\system32\rrinstaller.exe
2009-09-08 21:49:59 . 2009-06-10 10:15:18 24576 ----a-w- C:\Windows\system32\mfpmp.exe
2009-09-08 21:49:59 . 2009-06-10 08:50:12 2048 ----a-w- C:\Windows\system32\mferror.dll

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-05 00:24:03 . 2008-01-21 10:45:13 12 ----a-w- C:\Windows\bthservsdp.dat
2009-10-04 23:59:26 . 2008-10-15 21:00:16 0 d-----w- C:\Users\Nanalie\AppData\Roaming\BrOffice.org2
2009-10-04 21:28:08 . 2008-09-27 18:32:35 102960 ----a-w- C:\Users\Nanalie\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-04 21:11:11 . 2008-02-20 18:53:21 0 d-----w- C:\Program Files\Common Files\Adobe
2009-10-04 13:50:13 . 2009-06-07 16:19:00 0 d-----w- C:\Users\Nanalie\AppData\Roaming\uTorrent
2009-10-04 13:50:12 . 2009-09-02 18:28:30 0 d-----w- C:\Program Files\Microsoft GIF Animator
2009-10-04 13:50:12 . 2009-08-22 19:59:47 0 d-----w- C:\Program Files\Perfect Uninstaller
2009-10-04 13:50:12 . 2009-06-07 16:03:54 0 d-----w- C:\Users\Nanalie\AppData\Roaming\DNA
2009-10-04 13:50:12 . 2008-07-23 21:32:01 0 d-----w- C:\ProgramData\Tablet
2009-10-04 13:50:12 . 2008-01-21 10:57:56 0 d-----w- C:\Program Files\Microsoft Works
2009-09-28 00:23:34 . 2009-04-29 00:07:21 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Winamp
2009-09-27 16:08:51 . 2009-09-02 17:39:30 0 d-----w- C:\Program Files\Dexpot
2009-09-26 15:59:35 . 2009-02-27 23:12:26 0 d-----w- C:\Program Files\Paint.NET
2009-09-23 03:02:39 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-09-22 18:37:17 . 2009-09-01 20:27:27 0 dc-h--w- C:\ProgramData\{62902F53-D725-44F9-B385-979CC0E00E8A}
2009-09-22 03:19:27 . 2009-09-03 17:27:38 0 d-----w- C:\Users\Nanalie\AppData\Roaming\EssentialPIM
2009-09-19 17:20:27 . 2008-02-19 19

33 0 d-----w- C:\Program Files\Common Files\Symantec Shared
2009-09-19 17:20:10 . 2008-02-19 16:40:41 0 d-----w- C:\Program Files\Norton Security Scan
2009-09-17 21:12:09 . 2009-06-30 20:04:01 0 d-----w- C:\Program Files\Common Files\Adobe AIR
2009-09-10 21:50:33 . 2008-10-05 22:09:54 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Apple Computer
2009-09-09 15:45:31 . 2008-10-02 23:22:35 8484 ----a-w- C:\Users\Nanalie\AppData\Local\d3d9caps.dat
2009-09-08 22:19:53 . 2006-11-06 01:33:41 87084 ----a-w- C:\Windows\system32\prfc0416.dat
2009-09-08 22:19:53 . 2006-11-06 01:33:41 509896 ----a-w- C:\Windows\system32\prfh0416.dat
2009-09-05 06

53 . 2008-01-21 10:46:24 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-09-03 17:39:21 . 2009-09-03 17:38:21 0 d-----w- C:\Program Files\ATnotes
2009-09-02 18:20:50 . 2009-04-13 22:50:09 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Any Video Converter
2009-09-02 17:39:39 . 2009-09-02 17:39:35 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Dexpot
2009-09-02 17:21:19 . 2009-09-01 20:27:44 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Stardock
2009-09-02 15:51:51 . 2009-09-01 20:27:13 0 d-----w- C:\ProgramData\Stardock
2009-09-01 21:20:09 . 2009-09-01 21:20:08 0 dc-h--w- C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-09-01 20:28:22 . 2009-09-01 20:27:12 0 d-----w- C:\Program Files\Stardock
2009-09-01 20:10:05 . 2009-09-01 20:10:05 0 d-----w- C:\Program Files\ClocX
2009-08-24 19:47:18 . 2009-08-24 19:47:16 0 d-----w- C:\Program Files\MSN Messenger
2009-08-24 19:34:35 . 2008-02-18 00:05:18 0 d-----w- C:\ProgramData\WLInstaller
2009-08-24 19:28:23 . 2009-08-24 19:28:07 0 d-----w- C:\ProgramData\WindowsLiveInstaller
2009-08-24 19:27:47 . 2009-07-28 00:17:27 0 d-----w- C:\Program Files\Windows Live
2009-08-22 22:20:56 . 2009-08-22 22:20:56 446976 ----a-w- C:\Windows\system32\ShellMPD.dll
2009-08-22 21:47:46 . 2009-08-22 21:42:27 0 d-----w- C:\Users\Nanalie\AppData\Roaming\MSNShell
2009-08-17 16:10:20 . 2009-05-27 21:08:36 1279456 ----a-w- C:\Windows\system32\aswBoot.exe
2009-08-17 16:05:52 . 2009-05-27 21:08:59 114768 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2009-08-17 16:05:37 . 2009-05-27 21:08:59 20560 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:05:24 . 2009-05-27 21:08:36 53328 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2009-08-17 16:04:40 . 2009-05-27 21:09:07 51376 ----a-w- C:\Windows\system32\drivers\aswTdi.sys
2009-08-17 16:04:29 . 2009-05-27 21:09:08 23152 ----a-w- C:\Windows\system32\drivers\aswRdr.sys
2009-08-17 16:02:50 . 2009-05-27 21:09:02 97480 ----a-w- C:\Windows\system32\AvastSS.scr
2009-08-15 16:11:54 . 2009-07-17 02:14:18 0 d-----w- C:\Users\Nanalie\AppData\Roaming\gtk-2.0
2009-08-09 01:52:10 . 2009-08-09 01:52:10 0 d-----w- C:\Program Files\Common Files\INCA Shared
2009-07-29 05:46:12 . 2009-02-20 13:29:25 410984 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-17 14:52:41 . 2009-08-12 04:22:42 71680 ----a-w- C:\Windows\system32\atl.dll
2009-07-15 14:43:37 . 2009-08-12 04:23:55 4096 ----a-w- C:\Windows\system32\dxmasf.dll
2009-07-15 14:42:54 . 2009-08-12 04:23:58 7680 ----a-w- C:\Windows\system32\spwmp.dll
2009-07-15 12:53:41 . 2009-08-12 04:23:55 8147968 ----a-w- C:\Windows\system32\wmploc.DLL
2009-07-14 13:02:21 . 2009-08-12 04:24:01 313344 ----a-w- C:\Windows\system32\wmpdxm.dll
2008-12-15 23:15:51 . 2008-12-15 23:15:57 122880 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
1999-07-07 00:00:00 . 1999-07-07 00:00:00 6 --sh--r- C:\Windows\@@desktop.dat
2008-10-27 20:49:12 . 2008-02-25 23:34:20 168 --sh--r- C:\Windows\System32\6F13F32106.sys
2008-11-18 21:40:01 . 2008-02-25 20:08:48 3766 --sha-w- C:\Windows\System32\KGyGaAvL.sys
2008-01-21 18:28:05 . 2008-01-21 18:20:08 8192 --sha-w- C:\Windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 15:54:34 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-21 10:55:59 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 12:36:17 201728]
"Google Update"="C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-29 02:22:00 133104]
"NoteZilla"="C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe" [2008-11-11 15:05:48 1717024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 16:07:23 81000]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 18:21:50 1006264]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-29 05:46:15 148888]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdcBase.exe" [2007-05-31 11:21:28 648072]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2009-04-10 17:29:08 37888]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 17:12:32 341488]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22:16 221184]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-05-26 20:18:30 413696]
"PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 19:23:38 118784]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-07-13 17:03:10 292128]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37:04 81920]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 13:35:42 221184]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 00:52:38 49152]
"CmCardRun"="C:\Windows\system32\CmWatch.exe" [2003-09-16 19:50:58 229376]
"BigDog303"="C:\Windows\VM303_STI.EXE" [2005-10-25 15:56:00 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 01:16:38 39792]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2007-05-11 13:26:44 4452352]
"atwtusb"="atwtusb.exe" - C:\Windows\System32\atwtusb.exe [2007-05-15 19:21:26 323232]

C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BrOffice.org 2.3.lnk - C:\Program Files\BrOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]

C:\Users\Nanalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BrOffice.org 2.3.lnk - C:\Program Files\BrOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "C:\Program Files\Stardock\Object Desktop\Fences\FencesMenu.dll" [2009-08-31 20:11:32 120168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{59C5DF5B-9DD9-451C-BA3B-DF92EFA754A4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{42D9EB46-E519-48AF-A350-374F32FBF210}"= Profile=Private|C:\Program Files\Skype\Phone\Skype.exe:Skype
"{744D539C-D626-4A93-A1C1-A419479DB16B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A49D19B5-8141-4CA7-8E1F-EC480CFA7EC9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{17D76C26-C7E8-4545-9053-6C863EF3B096}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5B6B2D59-1A9B-4970-B213-45CA333EAA1F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{AE50C640-52D3-4F82-83CF-0666CF655AC6}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D7F792A2-DEA3-46C8-AD5C-940E407AF553}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{50AA46EF-989C-49B7-8477-E1E573684644}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{EBED6E90-62DF-4E6A-A6F4-79552220F4C8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{488BF3D2-A2E2-43AE-ADF3-1E9213905452}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FFCD464B-F02E-4E60-AD1E-0171549D9C8F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E803E6E8-DCF3-4B46-8719-19967259FBF1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6FEC660F-CBF2-45B2-B312-A89622806C05}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DDA4AA3C-F3B2-4799-A5FF-031309E81FE9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8DD03839-5728-4FC7-88FB-73C1EF86FB89}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{18785E65-2B2B-427B-87FB-42B181B0CFCF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{496F10DD-3816-4053-9C2F-71F67C6A32B8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2BF29D3B-DF11-4AE8-8355-23403BE7CC75}"= Disabled:UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{75CB5290-2816-42F1-8B35-55ADA2C18A6D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F6BCFB3B-6265-4970-88EB-08A5F6435C9B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{34EB44F0-05DF-4AFB-9B30-0C796CFF63BB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{1AEC05F4-3EE9-45E4-9034-AE9718AA3E75}C:\\program files\\windows sidebar\\sidebar.exe"= Disabled:UDP:C:\program files\windows sidebar\sidebar.exe:Barra Lateral do Windows
"UDP Query User{A0A3CB3E-2279-4B4F-9FBB-FAB7A684AFF5}C:\\program files\\windows sidebar\\sidebar.exe"= Disabled:TCP:C:\program files\windows sidebar\sidebar.exe:Barra Lateral do Windows
"TCP Query User{454C2ED7-EDDA-4F45-A1DC-04250FC9DDAA}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{19366E03-50B6-4764-B099-10568A3019CA}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{1260E378-68A2-4465-996F-FF512A810718}"= Disabled:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9FB1256B-A650-4D6F-923C-7BD2F84ACA70}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{038245F8-5A0A-4B07-A5B5-BC0D274EBF53}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{31CF89DD-7BFD-49F1-963B-B4A49A826B53}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{667C8677-DE7C-4D0E-93D0-3653A9FA0BEF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{114AD95E-145D-4951-ACA0-55001E4F4584}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5BF9860C-FD6F-4367-9888-7DECB2EBD5A2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{72BB20DE-9548-4856-87AF-0F1EB5E5BDAE}"= UDP:C:\Program Files\iMesh Applications\iMesh\iMesh.exe:iMesh
"{F45E3252-DAE5-4E81-BB1B-63F16DD11CA4}"= TCP:C:\Program Files\iMesh Applications\iMesh\iMesh.exe:iMesh
"TCP Query User{10E6C961-33CA-4EB9-BFC4-2E9D16185D32}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{C1BBF514-E18C-4507-8F00-80E8A6DB1DC7}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"{089BADDF-DBEB-4C86-BA9F-8D09698EDF83}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{7609F2A4-2EAE-41F5-8AA9-F191D2FEA823}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{2C973E53-4CC0-47A4-9B9E-7ED32CFC6AD7}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{16F512EC-7EE8-45B9-AC72-25883CFDB80B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F9C5AAB2-8376-4979-8B63-93889E3DD541}"= UDP:C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{7DDFB4BF-0F2A-478E-948F-4B0D8A6B8994}"= TCP:C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{B872562D-472A-439E-B8CF-2A2C14FA7ABC}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{8DEDDB1E-1EF1-447F-8AD2-DF486F1037CA}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{DB3B797D-0A00-434A-96F6-D6F5C4A63DF5}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)
"{207325C1-2666-4445-9971-081A4D985919}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)
"TCP Query User{C58C8A66-7427-47C1-98BE-10286047635B}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{BB8AE02D-8B69-41C9-9CFE-F6A05315B32F}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{89F1CC76-B36C-4784-AA07-06F7F051EBFB}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= UDP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe
"UDP Query User{D04FDF48-E282-490C-AB1F-799F7EAA6F6F}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= TCP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe
"TCP Query User{36000AB7-B24F-4DE2-AF4F-6EDF4F99DA60}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= UDP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe
"UDP Query User{CB0941BD-17B8-4F05-BCD6-CA72E280A9E3}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= TCP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe
"{D1EAA0C5-3E17-4AC6-8401-32642507E9F9}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{FEB14C45-D0DE-4FFA-9ECE-C28421FB8102}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{C8A4C870-B50B-44F4-B4CF-6B5CC74260B2}C:\\program files\\voxox\\voxox.exe"= UDP:C:\program files\voxox\voxox.exe:VoxOx
"UDP Query User{473841BC-7F7E-4B1C-ABA5-067BE6E72AF8}C:\\program files\\voxox\\voxox.exe"= TCP:C:\program files\voxox\voxox.exe:VoxOx
"TCP Query User{63EED006-D866-493D-8622-A77302833A0E}C:\\users\\nanalie\\amsnportable\\app\\amsn\\bin\\wish.exe"= UDP:C:\users\nanalie\amsnportable\app\amsn\bin\wish.exe:wish.exe
"UDP Query User{D58010D7-3302-4043-942A-9DBFB25B379D}C:\\users\\nanalie\\amsnportable\\app\\amsn\\bin\\wish.exe"= TCP:C:\users\nanalie\amsnportable\app\amsn\bin\wish.exe:wish.exe
"TCP Query User{03CEFC07-6FEF-4096-A3B1-2636B8537985}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{5D89F38D-79AA-429D-9991-4B1607964E9E}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{6D2379BF-6F24-422B-8F9A-661D85C3F3A8}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{9F01192F-CE46-4924-AAFB-AE8C919A216B}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{56A6BFBB-C67A-4875-8CAC-D92D258D6703}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{B14C3D70-BD2B-4850-ACBC-A1917C824ABF}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"{7A55C386-F0D6-464B-834C-2BFDE6CEE2D8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F063BAFF-1919-46FF-90A6-A4D22DFC6E95}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{C49420FC-E7A9-45E5-A1ED-53471D92853F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0229E45B-B58B-440D-AE8D-3A2E2A793696}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [15/07/2009 19:43:12 64160]
R1 aswSP;avast! Self Protection;C:\Windows\System32\drivers\aswSP.sys [27/05/2009 18:08:59 114768]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [27/05/2009 18:08:59 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [27/05/2009 18:08:36 53328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [03/07/2009 11:49:06 1028432]
S1 aiptektp;Pen Pad;C:\Windows\System32\drivers\aiptektp.sys [23/07/2008 17:36:18 22528]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\Windows\System32\drivers\A3AB.sys [11/05/2006 12:11:00 472096]
S3 A5AGU;D-Link USB Wireless Network Adapter Service;C:\Windows\System32\drivers\A5AGU.sys [16/02/2008 14:23:58 347648]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [27/07/2009 21:51:08 55280]
S3 fsssvc;Windows Live Proteção para a Família;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08:58 533360]
S3 GoogleDesktopManager-061008-081103;Gerenciador do Google Desktop 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [21/01/2008 07:56:00 29744]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 UMSSSTOR;C-Media Storage;C:\Windows\System32\drivers\Umss.SYS [13/07/2004 11:40:22 48512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {65E6362A-B878-4A7B-86DA-D16F8DBD75C7} /qb
.
Conteúdo da pasta 'Tarefas Agendadas'

2009-09-28 C:\Windows\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49:06 . 2009-09-21 22:44:59]

2009-10-05 C:\Windows\Tasks\AWC Startup.job
- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-09-18 21:39:41 . 2009-06-30 12:55:40]

2009-09-30 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892075926-3169812270-890497218-1001Core.job
- C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-29 02:22:01 . 2008-09-29 02:22:00]

2009-10-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892075926-3169812270-890497218-1001UA.job
- C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-29 02:22:01 . 2008-09-29 02:22:00]

2009-10-04 C:\Windows\Tasks\Norton Security Scan.job
- C:\Program Files\Norton Security Scan\Nss.exe [2008-01-09 07:08:46 . 2008-01-09 07:08:46]
.
.
------- Scan Suplementar -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.18\AMVConverter\grab.html
IE: Baixar link usando &BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: Baixar todos os links usando BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: Baixar todos os vídeos usando BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
IE: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: {{A103A693-F92C-4A81-8F7F-6C80799EFF3D} - C:\Program Files\Tomato\TubeDownload\TDIEDoc.html
Trusted Zone: ****online.com\www
Trusted Zone: myspace.com\www
Trusted Zone: orkut.com\www
FF - ProfilePath - C:\Users\Nanalie\AppData\Roaming\Mozilla\Firefox\Profiles\pk62lomq.default\
FF - component: C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Users\Nanalie\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: C:\Users\Nanalie\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.
- - - - ORFÃOS REMOVIDOS - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)

NatePD · 10-07-2009, 03:55 PM

Bump, please.

Ried · 10-08-2009, 06:53 AM

Hello NatePD,

In the future, I suggest you heed the the Disclaimer ComboFix first displays, and that you had to click 'OK' to, in order to run the tool.

What issues remain after running ComboFix?

NatePD · 10-09-2009, 06:51 PM

Well actually, the serious problems I was having stopped though my computer is still a bit slow. But I'm really happy, and I just thought that maybe there could be found anything else or something by posting the log? I don't know. Sorry for any inconvenience in posting here.

Oh! Though I'm having now that I think of it a weird problem with my antivirus avast. I can't seem to be able to open it gives me an unkown error and something related to its skin/theme. Saying it's not complete and wasn't loaded properly. I really don't know what to do about that... I think it happened when I updated ad-aware or something...my memory seems to fail me though.

Ried · 10-09-2009, 09:25 PM

I didn't see any remaining malware in the ComboFix log which is why I asked.

As far as Avast goes, I'm not trying to blow you off, but you'd really do best asking at their forum since it is their software. I do use Avast myself, but have never experienced what you've described.

NatePD · 10-10-2009, 08:25 AM

AH okay. Thanks for everything!

Ried · 10-10-2009, 09:36 AM

You're welcome. Make sure you carry out these final steps.

The following procedure will implement some cleanup procedures. It will also reset your System Restore by flushing out previous restore points (which contain the infections) and create a new restore point.

Click Start > Run and copy/paste, or type the following bolded text into the Run box and click OK:

ComboFix /u

--------------------------------------------------------------------

Should you wish to contribute to the ongoing development of ComboFix, donations are being accepted via PayPal.

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

Green to go
Yellow for caution
Red to stop

WOT has an addon available for both Firefox and IE.

SpywareBlaster 4.0 to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items.

It will block any bad ActiveX from running in Internet Explorer and Firefox if it's listed in their database (which you should update frequently). To view their database and list of restricted sites, launch the program and click on each of the tabs on the main display page.

- Scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer

- Update, and scan with your onboard Anti Malware and Anti Virus programs regularly. Without regular updates you will not be protected when new malicious programs are released.

- Most importantly, Think Prevention

Take care.

10-04-2009, 07:08 PM	#1 (permalink)
NatePD Registered User Join Date: Oct 2009 Posts: 5 OS: Windows Vista Business	ComboFix Log...HELP Well ever since I was away for the weekend and my sister used my pc, it began being all slow and weird, but avast and adaware didn't find anything wrong with it....my computer would start wrong and sometimes nothing would work...it was impossible. And in my desesperation I found about combofix and ran it...though now I know I shouldnt have run it alone like this. But even though, I hope someone can help me. ComboFix 09-10-04.01 - Nanalie 04/10/2009 21:14:00.1.2 - NTFSx86 Microsoft® Windows Vista™ Business 6.0.6000.0.1252.55.1046.18.2046.1321 [GMT -3:00] Executando de: C:\Users\Nanalie\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 091004-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: avast! antivirus 4.8.1351 [VPS 091004-0] disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Lavasoft Ad-Watch Live! disabled (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\$RECYCLE.BIN\S-1-5-21-1798221935-2953275419-3654546263-500 C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-1000 C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-1002 C:\$RECYCLE.BIN\S-1-5-21-3892075926-3169812270-890497218-500 C:\$RECYCLE.BIN\S-1-5-21-918056312-2952985149-2686913973-500 C:\Program Files\ActivationManager C:\Program Files\ActivationManager\Uninstall.exe C:\Users\Nanalie\AppData\Roaming\Desktopicon C:\Users\Nanalie\AppData\Roaming\Desktopicon\eBayShortcuts.exe C:\Users\Nanalie\AppData\Roaming\Desktopicon\mc.ico C:\WINDOWS\Installer\1aa40f0.msi C:\WINDOWS\Installer\fbac57.msi C:\WINDOWS\Installer\fbacb2.msi C:\Windows\system32\hjgruicxpiaebr.dat C:\Windows\system32\hjgruighntekql.dat C:\Windows\UA000079.DLL D:\resycled A cópia de C:\Windows\System32\drivers\atapi.sys foi encontrada e desinfectada Kitty ate it :) . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_HJGRUIWYRQTARW -------\Service_hjgruiwyrqtarw (((((((((((((((( Arquivos/Ficheiros criados de 2009-09-05 to 2009-10-05 )))))))))))))))))))))))))))) . 2009-10-05 00:23:19 . 2009-10-05 00:30:06 0 d-----w- C:\Users\Nanalie\AppData\Local\temp 2009-10-04 18:04:12 . 2009-10-04 18:04:12 0 d-----w- C:\Program Files\freshney.org 2009-10-04 01:49:39 . 2009-10-04 01:49:39 0 d-----w- C:\download 2009-10-04 01:34:36 . 2009-10-04 01:40:40 0 d-----w- C:\Program Files\TABLET 2009-10-04 00:20:04 . 2009-10-04 21:16:04 0 d-----w- C:\Users\Nanalie\PS CS4 2009-10-02 03:04:36 . 2009-10-02 21:40:34 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Software Informer 2009-10-02 03:04:35 . 2009-10-02 03:04:36 0 d-----w- C:\Program Files\Software Informer 2009-10-01 19:56:02 . 2009-10-01 19:56:02 0 d-----w- C:\Windows\system32\CSIDL_PERSONAL 2009-10-01 19:52:40 . 2009-10-01 21:14:14 0 d-----w- C:\Users\Nanalie\AppData\Local\uTIPu 2009-10-01 19:50:00 . 2009-10-03 00:32:38 0 d-----w- C:\Program Files\uTIPu 2009-10-01 03:14:41 . 2009-10-01 03:14:42 0 d-----w- C:\Program Files\Adobe Media Player 2009-09-29 1834 . 2009-07-18 12:16:59 1159680 ----a-w- C:\Windows\system32\urlmon(254).dll 2009-09-29 1833 . 2009-07-18 12:17:15 827392 ----a-w- C:\Windows\system32\wininet(259).dll 2009-09-29 1832 . 2009-07-18 12:10:33 268288 ----a-w- C:\Windows\system32\iertutil(225).dll 2009-09-28 20:24:29 . 2009-09-28 20:24:29 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Conceptworld 2009-09-28 20:24:12 . 2009-09-28 20:24:12 0 d-----w- C:\Program Files\Conceptworld 2009-09-28 19:35:20 . 2009-06-03 23:56:18 675152 ----a-w- C:\Windows\system32\gpprefcl.dll 2009-09-27 14:04:05 . 2009-10-01 16:15:49 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Download Manager 2009-09-22 20:30:01 . 2009-08-29 03:41:42 1686528 ----a-w- C:\Windows\system32\gameux.dll 2009-09-22 20:30:00 . 2009-08-29 03:40:31 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll 2009-09-22 20:29:58 . 2009-08-28 23:31:54 4247552 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll 2009-09-22 20:05:44 . 2008-08-28 03:24:50 425472 ----a-w- C:\Windows\system32\PhotoMetadataHandler.dll 2009-09-22 20:05:44 . 2008-08-28 03:22:04 712704 ----a-w- C:\Windows\system32\WindowsCodecs.dll 2009-09-22 20:05:44 . 2008-08-28 03:22:04 347648 ----a-w- C:\Windows\system32\WindowsCodecsExt.dll 2009-09-22 20:01:27 . 2008-10-22 03:43:51 95232 ----a-w- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-09-22 20:01:27 . 2008-10-22 03:43:51 241152 ----a-w- C:\Windows\system32\PortableDeviceApi.dll 2009-09-22 20:01:27 . 2008-10-22 03:43:51 160768 ----a-w- C:\Windows\system32\PortableDeviceTypes.dll 2009-09-22 19:56:35 . 2008-10-21 05:16:20 1645568 ----a-w- C:\Windows\system32\connect.dll 2009-09-20 19:50:36 . 2009-09-20 19:50:36 0 d-----w- C:\ProgramData\SUPERAntiSpyware.com 2009-09-20 19:49:35 . 2009-10-04 15:01:53 0 d-----w- C:\Program Files\SUPERAntiSpyware 2009-09-20 19:49:35 . 2009-10-04 13:50:12 0 d-----w- C:\Users\Nanalie\AppData\Roaming\SUPERAntiSpyware.com 2009-09-18 21:48:18 . 2009-09-18 21:48:22 0 d-----w- C:\Program Files\CCleaner 2009-09-18 21:39:47 . 2009-09-18 21:39:47 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Yahoo! 2009-09-18 21:39:45 . 2009-09-18 21:39:51 0 d-----w- C:\Program Files\Yahoo! 2009-09-18 21:39:40 . 2009-09-18 22:55:23 0 d-----w- C:\Users\Nanalie\AppData\Roaming\IObit 2009-09-18 21:39:40 . 2009-09-18 22:55:22 0 d-----w- C:\Program Files\IObit 2009-09-18 13:40:38 . 2009-09-18 13:40:38 0 d-----w- C:\Program Files\VS Revo Group 2009-09-17 21:07:50 . 2009-09-17 21:07:50 0 d-----w- C:\Users\Nanalie\AppData\Roaming\FBAIR.596FB312AB4AF14A42BA76B7E8A07B54AC2BED3A.1 2009-09-17 20:54:38 . 2009-09-17 20:54:38 0 d-----w- C:\Program Files\Firebird 2009-09-17 20:54:27 . 2009-09-17 20:54:27 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Witty 2009-09-17 20:50:32 . 2009-09-17 20:50:32 0 d-----w- C:\Users\Nanalie\AppData\Local\thirteen23 2009-09-17 20:47:31 . 2009-10-02 03:20:43 0 d-----w- C:\Users\Nanalie\AppData\Local\Deployment 2009-09-17 20:47:31 . 2009-09-17 20:47:31 0 d-----w- C:\Users\Nanalie\AppData\Local\Apps 2009-09-16 15:37:11 . 2009-09-22 18:34:31 0 d-----w- C:\Users\Nanalie\AppData\Roaming\**** Dream Creation 2009-09-15 23:40:16 . 2009-09-16 00:37:57 0 d-----w- C:\Users\Nanalie\AppData\Roaming\DeskSlide 2009-09-10 21:49:52 . 2009-09-10 21:50:17 0 d-----w- C:\Program Files\Safari 2009-09-10 21:24:56 . 2009-09-11 22:51:53 0 d-----w- C:\Program Files\Opera 2009-09-08 21:52:02 . 2009-08-15 21:30:53 816640 ----a-w- C:\Windows\system32\drivers\tcpip.sys 2009-09-08 21:52:01 . 2009-08-16 00:32:09 214104 ----a-w- C:\Windows\system32\drivers\netio.sys 2009-09-08 21:52:00 . 2009-08-15 23:58:19 167424 ----a-w- C:\Windows\system32\tcpipcfg.dll 2009-09-08 21:52:00 . 2009-08-15 23:54:25 416768 ----a-w- C:\Windows\system32\IKEEXT.DLL 2009-09-08 21:52:00 . 2009-08-15 23:54:01 543232 ----a-w- C:\Windows\system32\FWPUCLNT.DLL 2009-09-08 21:52:00 . 2009-08-15 23:53:03 317440 ----a-w- C:\Windows\system32\BFE.DLL 2009-09-08 21:52:00 . 2009-08-15 21:29:52 85504 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS 2009-09-08 21:52:00 . 2009-08-14 16:40:56 103936 ----a-w- C:\Windows\system32\netiohlp.dll 2009-09-08 21:51:59 . 2009-08-15 21:30:09 22016 ----a-w- C:\Windows\system32\netiougc.exe 2009-09-08 21:51:59 . 2009-08-14 16:40:52 15360 ----a-w- C:\Windows\system32\netevent.dll 2009-09-08 21:51:59 . 2009-08-14 14:25:18 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:16 17920 ----a-w- C:\Windows\system32\ROUTE.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:15 11264 ----a-w- C:\Windows\system32\MRINFO.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:14 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:10 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:10 19968 ----a-w- C:\Windows\system32\ARP.EXE 2009-09-08 21:51:59 . 2009-08-14 14:25:10 10240 ----a-w- C:\Windows\system32\finger.exe 2009-09-08 21:50:09 . 2009-07-11 19:24:52 289280 ----a-w- C:\Windows\system32\wlanmsm.dll 2009-09-08 21:50:08 . 2009-07-11 19:26:52 123904 ----a-w- C:\Windows\system32\L2SecHC.dll 2009-09-08 21:50:08 . 2009-07-11 19:24:52 502784 ----a-w- C:\Windows\system32\wlansvc.dll 2009-09-08 21:50:08 . 2009-07-11 19:24:52 299520 ----a-w- C:\Windows\system32\wlansec.dll 2009-09-08 21:50:08 . 2009-07-11 19:24:51 67584 ----a-w- C:\Windows\system32\wlanhlp.dll 2009-09-08 21:50:08 . 2009-07-11 19:24:51 47104 ----a-w- C:\Windows\system32\wlanapi.dll 2009-09-08 21:50:01 . 2009-06-10 12:07:29 2855424 ----a-w- C:\Windows\system32\mf.dll 2009-09-08 21:50:00 . 2009-06-10 12:07:32 98816 ----a-w- C:\Windows\system32\mfps.dll 2009-09-08 21:50:00 . 2009-06-10 10:14:32 52736 ----a-w- C:\Windows\system32\rrinstaller.exe 2009-09-08 21:49:59 . 2009-06-10 10:15:18 24576 ----a-w- C:\Windows\system32\mfpmp.exe 2009-09-08 21:49:59 . 2009-06-10 08:50:12 2048 ----a-w- C:\Windows\system32\mferror.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-05 00:24:03 . 2008-01-21 10:45:13 12 ----a-w- C:\Windows\bthservsdp.dat 2009-10-04 23:59:26 . 2008-10-15 21:00:16 0 d-----w- C:\Users\Nanalie\AppData\Roaming\BrOffice.org2 2009-10-04 21:28:08 . 2008-09-27 18:32:35 102960 ----a-w- C:\Users\Nanalie\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-04 21:11:11 . 2008-02-20 18:53:21 0 d-----w- C:\Program Files\Common Files\Adobe 2009-10-04 13:50:13 . 2009-06-07 16:19:00 0 d-----w- C:\Users\Nanalie\AppData\Roaming\uTorrent 2009-10-04 13:50:12 . 2009-09-02 18:28:30 0 d-----w- C:\Program Files\Microsoft GIF Animator 2009-10-04 13:50:12 . 2009-08-22 19:59:47 0 d-----w- C:\Program Files\Perfect Uninstaller 2009-10-04 13:50:12 . 2009-06-07 16:03:54 0 d-----w- C:\Users\Nanalie\AppData\Roaming\DNA 2009-10-04 13:50:12 . 2008-07-23 21:32:01 0 d-----w- C:\ProgramData\Tablet 2009-10-04 13:50:12 . 2008-01-21 10:57:56 0 d-----w- C:\Program Files\Microsoft Works 2009-09-28 00:23:34 . 2009-04-29 00:07:21 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Winamp 2009-09-27 16:08:51 . 2009-09-02 17:39:30 0 d-----w- C:\Program Files\Dexpot 2009-09-26 15:59:35 . 2009-02-27 23:12:26 0 d-----w- C:\Program Files\Paint.NET 2009-09-23 03:02:39 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail 2009-09-22 18:37:17 . 2009-09-01 20:27:27 0 dc-h--w- C:\ProgramData\{62902F53-D725-44F9-B385-979CC0E00E8A} 2009-09-22 03:19:27 . 2009-09-03 17:27:38 0 d-----w- C:\Users\Nanalie\AppData\Roaming\EssentialPIM 2009-09-19 17:20:27 . 2008-02-19 1933 0 d-----w- C:\Program Files\Common Files\Symantec Shared 2009-09-19 17:20:10 . 2008-02-19 16:40:41 0 d-----w- C:\Program Files\Norton Security Scan 2009-09-17 21:12:09 . 2009-06-30 20:04:01 0 d-----w- C:\Program Files\Common Files\Adobe AIR 2009-09-10 21:50:33 . 2008-10-05 22:09:54 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Apple Computer 2009-09-09 15:45:31 . 2008-10-02 23:22:35 8484 ----a-w- C:\Users\Nanalie\AppData\Local\d3d9caps.dat 2009-09-08 22:19:53 . 2006-11-06 01:33:41 87084 ----a-w- C:\Windows\system32\prfc0416.dat 2009-09-08 22:19:53 . 2006-11-06 01:33:41 509896 ----a-w- C:\Windows\system32\prfh0416.dat 2009-09-05 0653 . 2008-01-21 10:46:24 0 d--h--w- C:\Program Files\InstallShield Installation Information 2009-09-03 17:39:21 . 2009-09-03 17:38:21 0 d-----w- C:\Program Files\ATnotes 2009-09-02 18:20:50 . 2009-04-13 22:50:09 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Any Video Converter 2009-09-02 17:39:39 . 2009-09-02 17:39:35 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Dexpot 2009-09-02 17:21:19 . 2009-09-01 20:27:44 0 d-----w- C:\Users\Nanalie\AppData\Roaming\Stardock 2009-09-02 15:51:51 . 2009-09-01 20:27:13 0 d-----w- C:\ProgramData\Stardock 2009-09-01 21:20:09 . 2009-09-01 21:20:08 0 dc-h--w- C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31} 2009-09-01 20:28:22 . 2009-09-01 20:27:12 0 d-----w- C:\Program Files\Stardock 2009-09-01 20:10:05 . 2009-09-01 20:10:05 0 d-----w- C:\Program Files\ClocX 2009-08-24 19:47:18 . 2009-08-24 19:47:16 0 d-----w- C:\Program Files\MSN Messenger 2009-08-24 19:34:35 . 2008-02-18 00:05:18 0 d-----w- C:\ProgramData\WLInstaller 2009-08-24 19:28:23 . 2009-08-24 19:28:07 0 d-----w- C:\ProgramData\WindowsLiveInstaller 2009-08-24 19:27:47 . 2009-07-28 00:17:27 0 d-----w- C:\Program Files\Windows Live 2009-08-22 22:20:56 . 2009-08-22 22:20:56 446976 ----a-w- C:\Windows\system32\ShellMPD.dll 2009-08-22 21:47:46 . 2009-08-22 21:42:27 0 d-----w- C:\Users\Nanalie\AppData\Roaming\MSNShell 2009-08-17 16:10:20 . 2009-05-27 21:08:36 1279456 ----a-w- C:\Windows\system32\aswBoot.exe 2009-08-17 16:05:52 . 2009-05-27 21:08:59 114768 ----a-w- C:\Windows\system32\drivers\aswSP.sys 2009-08-17 16:05:37 . 2009-05-27 21:08:59 20560 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:05:24 . 2009-05-27 21:08:36 53328 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys 2009-08-17 16:04:40 . 2009-05-27 21:09:07 51376 ----a-w- C:\Windows\system32\drivers\aswTdi.sys 2009-08-17 16:04:29 . 2009-05-27 21:09:08 23152 ----a-w- C:\Windows\system32\drivers\aswRdr.sys 2009-08-17 16:02:50 . 2009-05-27 21:09:02 97480 ----a-w- C:\Windows\system32\AvastSS.scr 2009-08-15 16:11:54 . 2009-07-17 02:14:18 0 d-----w- C:\Users\Nanalie\AppData\Roaming\gtk-2.0 2009-08-09 01:52:10 . 2009-08-09 01:52:10 0 d-----w- C:\Program Files\Common Files\INCA Shared 2009-07-29 05:46:12 . 2009-02-20 13:29:25 410984 ----a-w- C:\Windows\system32\deploytk.dll 2009-07-17 14:52:41 . 2009-08-12 04:22:42 71680 ----a-w- C:\Windows\system32\atl.dll 2009-07-15 14:43:37 . 2009-08-12 04:23:55 4096 ----a-w- C:\Windows\system32\dxmasf.dll 2009-07-15 14:42:54 . 2009-08-12 04:23:58 7680 ----a-w- C:\Windows\system32\spwmp.dll 2009-07-15 12:53:41 . 2009-08-12 04:23:55 8147968 ----a-w- C:\Windows\system32\wmploc.DLL 2009-07-14 13:02:21 . 2009-08-12 04:24:01 313344 ----a-w- C:\Windows\system32\wmpdxm.dll 2008-12-15 23:15:51 . 2008-12-15 23:15:57 122880 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll 1999-07-07 00:00:00 . 1999-07-07 00:00:00 6 --sh--r- C:\Windows\@@desktop.dat 2008-10-27 20:49:12 . 2008-02-25 23:34:20 168 --sh--r- C:\Windows\System32\6F13F32106.sys 2008-11-18 21:40:01 . 2008-02-25 20:08:48 3766 --sha-w- C:\Windows\System32\KGyGaAvL.sys 2008-01-21 18:28:05 . 2008-01-21 18:20:08 8192 --sha-w- C:\Windows\Users\Default\NTUSER.DAT . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . Nota entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 15:54:34 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-21 10:55:59 68856] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 12:36:17 201728] "Google Update"="C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-29 02:22:00 133104] "NoteZilla"="C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe" [2008-11-11 15:05:48 1717024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 16:07:23 81000] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 18:21:50 1006264] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-29 05:46:15 148888] "Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdcBase.exe" [2007-05-31 11:21:28 648072] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2009-04-10 17:29:08 37888] "UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 17:12:32 341488] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22:16 221184] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-05-26 20:18:30 413696] "PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 19:23:38 118784] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-07-13 17:03:10 292128] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37:04 81920] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 13:35:42 221184] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 00:52:38 49152] "CmCardRun"="C:\Windows\system32\CmWatch.exe" [2003-09-16 19:50:58 229376] "BigDog303"="C:\Windows\VM303_STI.EXE" [2005-10-25 15:56:00 61440] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 01:16:38 39792] "RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2007-05-11 13:26:44 4452352] "atwtusb"="atwtusb.exe" - C:\Windows\System32\atwtusb.exe [2007-05-15 19:21:26 323232] C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BrOffice.org 2.3.lnk - C:\Program Files\BrOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] C:\Users\Nanalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BrOffice.org 2.3.lnk - C:\Program Files\BrOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "C:\Program Files\Stardock\Object Desktop\Fences\FencesMenu.dll" [2009-08-31 20:11:32 120168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{59C5DF5B-9DD9-451C-BA3B-DF92EFA754A4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{42D9EB46-E519-48AF-A350-374F32FBF210}"= Profile=Private\|C:\Program Files\Skype\Phone\Skype.exe:Skype "{744D539C-D626-4A93-A1C1-A419479DB16B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{A49D19B5-8141-4CA7-8E1F-EC480CFA7EC9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{17D76C26-C7E8-4545-9053-6C863EF3B096}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{5B6B2D59-1A9B-4970-B213-45CA333EAA1F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{AE50C640-52D3-4F82-83CF-0666CF655AC6}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{D7F792A2-DEA3-46C8-AD5C-940E407AF553}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{50AA46EF-989C-49B7-8477-E1E573684644}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{EBED6E90-62DF-4E6A-A6F4-79552220F4C8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{488BF3D2-A2E2-43AE-ADF3-1E9213905452}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{FFCD464B-F02E-4E60-AD1E-0171549D9C8F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{E803E6E8-DCF3-4B46-8719-19967259FBF1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{6FEC660F-CBF2-45B2-B312-A89622806C05}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{DDA4AA3C-F3B2-4799-A5FF-031309E81FE9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{8DD03839-5728-4FC7-88FB-73C1EF86FB89}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{18785E65-2B2B-427B-87FB-42B181B0CFCF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{496F10DD-3816-4053-9C2F-71F67C6A32B8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{2BF29D3B-DF11-4AE8-8355-23403BE7CC75}"= Disabled:UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent "{75CB5290-2816-42F1-8B35-55ADA2C18A6D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F6BCFB3B-6265-4970-88EB-08A5F6435C9B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{34EB44F0-05DF-4AFB-9B30-0C796CFF63BB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{1AEC05F4-3EE9-45E4-9034-AE9718AA3E75}C:\\program files\\windows sidebar\\sidebar.exe"= Disabled:UDP:C:\program files\windows sidebar\sidebar.exe:Barra Lateral do Windows "UDP Query User{A0A3CB3E-2279-4B4F-9FBB-FAB7A684AFF5}C:\\program files\\windows sidebar\\sidebar.exe"= Disabled:TCP:C:\program files\windows sidebar\sidebar.exe:Barra Lateral do Windows "TCP Query User{454C2ED7-EDDA-4F45-A1DC-04250FC9DDAA}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "UDP Query User{19366E03-50B6-4764-B099-10568A3019CA}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "{1260E378-68A2-4465-996F-FF512A810718}"= Disabled:C:\Program Files\Skype\Phone\Skype.exe:Skype "{9FB1256B-A650-4D6F-923C-7BD2F84ACA70}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{038245F8-5A0A-4B07-A5B5-BC0D274EBF53}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{31CF89DD-7BFD-49F1-963B-B4A49A826B53}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{667C8677-DE7C-4D0E-93D0-3653A9FA0BEF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{114AD95E-145D-4951-ACA0-55001E4F4584}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{5BF9860C-FD6F-4367-9888-7DECB2EBD5A2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{72BB20DE-9548-4856-87AF-0F1EB5E5BDAE}"= UDP:C:\Program Files\iMesh Applications\iMesh\iMesh.exe:iMesh "{F45E3252-DAE5-4E81-BB1B-63F16DD11CA4}"= TCP:C:\Program Files\iMesh Applications\iMesh\iMesh.exe:iMesh "TCP Query User{10E6C961-33CA-4EB9-BFC4-2E9D16185D32}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon "UDP Query User{C1BBF514-E18C-4507-8F00-80E8A6DB1DC7}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon "{089BADDF-DBEB-4C86-BA9F-8D09698EDF83}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0 "{7609F2A4-2EAE-41F5-8AA9-F191D2FEA823}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0 "{2C973E53-4CC0-47A4-9B9E-7ED32CFC6AD7}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{16F512EC-7EE8-45B9-AC72-25883CFDB80B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{F9C5AAB2-8376-4979-8B63-93889E3DD541}"= UDP:C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{7DDFB4BF-0F2A-478E-948F-4B0D8A6B8994}"= TCP:C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{B872562D-472A-439E-B8CF-2A2C14FA7ABC}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{8DEDDB1E-1EF1-447F-8AD2-DF486F1037CA}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{DB3B797D-0A00-434A-96F6-D6F5C4A63DF5}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In) "{207325C1-2666-4445-9971-081A4D985919}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{C58C8A66-7427-47C1-98BE-10286047635B}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{BB8AE02D-8B69-41C9-9CFE-F6A05315B32F}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{89F1CC76-B36C-4784-AA07-06F7F051EBFB}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= UDP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe "UDP Query User{D04FDF48-E282-490C-AB1F-799F7EAA6F6F}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= TCP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe "TCP Query User{36000AB7-B24F-4DE2-AF4F-6EDF4F99DA60}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= UDP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe "UDP Query User{CB0941BD-17B8-4F05-BCD6-CA72E280A9E3}C:\\users\\nanalie\\program files\\dna\\btdna.exe"= TCP:C:\users\nanalie\program files\dna\btdna.exe:btdna.exe "{D1EAA0C5-3E17-4AC6-8401-32642507E9F9}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{FEB14C45-D0DE-4FFA-9ECE-C28421FB8102}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "TCP Query User{C8A4C870-B50B-44F4-B4CF-6B5CC74260B2}C:\\program files\\voxox\\voxox.exe"= UDP:C:\program files\voxox\voxox.exe:VoxOx "UDP Query User{473841BC-7F7E-4B1C-ABA5-067BE6E72AF8}C:\\program files\\voxox\\voxox.exe"= TCP:C:\program files\voxox\voxox.exe:VoxOx "TCP Query User{63EED006-D866-493D-8622-A77302833A0E}C:\\users\\nanalie\\amsnportable\\app\\amsn\\bin\\wish.exe"= UDP:C:\users\nanalie\amsnportable\app\amsn\bin\wish.exe:wish.exe "UDP Query User{D58010D7-3302-4043-942A-9DBFB25B379D}C:\\users\\nanalie\\amsnportable\\app\\amsn\\bin\\wish.exe"= TCP:C:\users\nanalie\amsnportable\app\amsn\bin\wish.exe:wish.exe "TCP Query User{03CEFC07-6FEF-4096-A3B1-2636B8537985}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{5D89F38D-79AA-429D-9991-4B1607964E9E}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{6D2379BF-6F24-422B-8F9A-661D85C3F3A8}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver "UDP Query User{9F01192F-CE46-4924-AAFB-AE8C919A216B}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver "TCP Query User{56A6BFBB-C67A-4875-8CAC-D92D258D6703}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application "UDP Query User{B14C3D70-BD2B-4850-ACBC-A1917C824ABF}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application "{7A55C386-F0D6-464B-834C-2BFDE6CEE2D8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F063BAFF-1919-46FF-90A6-A4D22DFC6E95}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{C49420FC-E7A9-45E5-A1ED-53471D92853F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{0229E45B-B58B-440D-AE8D-3A2E2A793696}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [15/07/2009 19:43:12 64160] R1 aswSP;avast! Self Protection;C:\Windows\System32\drivers\aswSP.sys [27/05/2009 18:08:59 114768] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [27/05/2009 18:08:59 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [27/05/2009 18:08:36 53328] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [03/07/2009 11:49:06 1028432] S1 aiptektp;Pen Pad;C:\Windows\System32\drivers\aiptektp.sys [23/07/2008 17:36:18 22528] S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\Windows\System32\drivers\A3AB.sys [11/05/2006 12:11:00 472096] S3 A5AGU;D-Link USB Wireless Network Adapter Service;C:\Windows\System32\drivers\A5AGU.sys [16/02/2008 14:23:58 347648] S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [27/07/2009 21:51:08 55280] S3 fsssvc;Windows Live Proteção para a Família;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08:58 533360] S3 GoogleDesktopManager-061008-081103;Gerenciador do Google Desktop 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [21/01/2008 07:56:00 29744] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 UMSSSTOR;C-Media Storage;C:\Windows\System32\drivers\Umss.SYS [13/07/2004 11:40:22 48512] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {65E6362A-B878-4A7B-86DA-D16F8DBD75C7} /qb . Conteúdo da pasta 'Tarefas Agendadas' 2009-09-28 C:\Windows\Tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49:06 . 2009-09-21 22:44:59] 2009-10-05 C:\Windows\Tasks\AWC Startup.job - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-09-18 21:39:41 . 2009-06-30 12:55:40] 2009-09-30 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892075926-3169812270-890497218-1001Core.job - C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-29 02:22:01 . 2008-09-29 02:22:00] 2009-10-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892075926-3169812270-890497218-1001UA.job - C:\Users\Nanalie\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-29 02:22:01 . 2008-09-29 02:22:00] 2009-10-04 C:\Windows\Tasks\Norton Security Scan.job - C:\Program Files\Norton Security Scan\Nss.exe [2008-01-09 07:08:46 . 2008-01-09 07:08:46] . . ------- Scan Suplementar ------- . uInternet Settings,ProxyOverride = .local IE: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.18\AMVConverter\grab.html IE: Baixar link usando &BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm IE: Baixar todos os links usando BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm IE: Baixar todos os vídeos usando BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm IE: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html IE: {{A103A693-F92C-4A81-8F7F-6C80799EFF3D} - C:\Program Files\Tomato\TubeDownload\TDIEDoc.html Trusted Zone: ****online.com\www Trusted Zone: myspace.com\www Trusted Zone: orkut.com\www FF - ProfilePath - C:\Users\Nanalie\AppData\Roaming\Mozilla\Firefox\Profiles\pk62lomq.default\ FF - component: C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Users\Nanalie\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: C:\Users\Nanalie\Program Files\DNA\plugins\npbtdna.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - fales FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: browser.xul.error_pages.enabled - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 8191 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 8 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . - - - - ORFÃOS REMOVIDOS - - - - WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)

10-07-2009, 03:55 PM	#2 (permalink)
NatePD Registered User Join Date: Oct 2009 Posts: 5 OS: Windows Vista Business	Re: ComboFix Log...HELP Bump, please.

10-08-2009, 06:53 AM	#3 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 26,960 OS: WinXP and Vista	Re: ComboFix Log...HELP Hello NatePD, In the future, I suggest you heed the the Disclaimer ComboFix first displays, and that you had to click 'OK' to, in order to run the tool. What issues remain after running ComboFix? __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."

10-09-2009, 06:51 PM	#4 (permalink)
NatePD Registered User Join Date: Oct 2009 Posts: 5 OS: Windows Vista Business	Re: ComboFix Log...HELP Well actually, the serious problems I was having stopped though my computer is still a bit slow. But I'm really happy, and I just thought that maybe there could be found anything else or something by posting the log? I don't know. Sorry for any inconvenience in posting here. Oh! Though I'm having now that I think of it a weird problem with my antivirus avast. I can't seem to be able to open it gives me an unkown error and something related to its skin/theme. Saying it's not complete and wasn't loaded properly. I really don't know what to do about that... I think it happened when I updated ad-aware or something...my memory seems to fail me though. Last edited by NatePD; 10-09-2009 at 06:52 PM.

10-09-2009, 09:25 PM	#5 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 26,960 OS: WinXP and Vista	Re: ComboFix Log...HELP I didn't see any remaining malware in the ComboFix log which is why I asked. As far as Avast goes, I'm not trying to blow you off, but you'd really do best asking at their forum since it is their software. I do use Avast myself, but have never experienced what you've described. __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."

10-10-2009, 08:25 AM	#6 (permalink)
NatePD Registered User Join Date: Oct 2009 Posts: 5 OS: Windows Vista Business	Re: ComboFix Log...HELP AH okay. Thanks for everything!

10-10-2009, 09:36 AM	#7 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 26,960 OS: WinXP and Vista	Re: ComboFix Log...HELP You're welcome. Make sure you carry out these final steps. The following procedure will implement some cleanup procedures. It will also reset your System Restore by flushing out previous restore points (which contain the infections) and create a new restore point. Click Start > Run and copy/paste, or type the following bolded text into the Run box and click OK: ComboFix /u -------------------------------------------------------------------- Should you wish to contribute to the ongoing development of ComboFix, donations are being accepted via PayPal. To help protect your computer in the future I recommend that you get the following free programs if you do not already have them: WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites: Green to go Yellow for caution Red to stop WOT has an addon available for both Firefox and IE. SpywareBlaster 4.0 to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items. It will block any bad ActiveX from running in Internet Explorer and Firefox if it's listed in their database (which you should update frequently). To view their database and list of restricted sites, launch the program and click on each of the tabs on the main display page. - Scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer - Update, and scan with your onboard Anti Malware and Anti Virus programs regularly. Without regular updates you will not be protected when new malicious programs are released. How did I get infected in the first place? PC Safety and Security--What Do I Need? - Most importantly, Think Prevention Take care. __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."