Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
Nrpg2010

Virus de redirecionamento do google

Posts recomendados

Boa Tarde,

eu fui infectado com o virus que redireciona os links do google.

No entanto já executei algumas ferramentas para tentar remove-lo, ao que parece consegui com sucesso, mas gostava que vocês me verificassem os logs, para ver se na realidade o removi, e se tenho mais algum problema.

Obrigado pela vossa ajuda!

DDS (Ver_10-03-17.01) - NTFSx86

Run by nuno pombo at 19:04:45,48 on 30-09-2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Enterprise 6.1.7600.0.1252.351.2070.18.2046.909 [GMT 1:00]

SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\AVG\AVG9\avgfws9.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG9\avgam.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files\Apoint\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\nuno pombo\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.watchtower.org/t/index.html

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

uURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

mURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: HistoryTriggerBHO Class: {21a88cb9-84d2-4020-a2d1-b25a21034884} - c:\program files\lg electronics\lg pc suite iv\linkair\LinkAirBrowserHelper.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Programa Auxiliar de Início de Sessão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount

uRun: [LG LinkAir] c:\program files\lg electronics\lg pc suite iv\linkair\LinkAir.exe

uRun: [Google Update] "c:\users\nuno pombo\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Apoint] c:\program files\apoint\Apoint.exe

mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"

mRun: [sONY VGP-UPR1 (Display Adapter)] "c:\program files\displaylink core software\DisplayLinkUI.exe"

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [b2C_AGENT] c:\programdata\lgmobileax\b2c_client\B2CNotiAgent.exe

StartupFolder: c:\users\nunopo~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\inicia~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: LG Air Sync Options - c:\program files\lg electronics\lg pc suite iv\linkair\IEContextMenu.dll/209

IE: R-Click Save as Mobile Image - c:\program files\lg electronics\lg pc suite iv\linkair\IEContextMenu.dll/206

IE: R-Click Save as Mobile Memo - c:\program files\lg electronics\lg pc suite iv\linkair\IEContextMenu.dll/208

IE: R-Click Save as Mobile Text file - c:\program files\lg electronics\lg pc suite iv\linkair\IEContextMenu.dll/210

IE: R-Click Set as Mobile Wallpaper - c:\program files\lg electronics\lg pc suite iv\linkair\IEContextMenu.dll/205

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: VESWinlogon - VESWinlogon.dll

AppInit_DLLs: c:\windows\system32\avgrsstx.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\nunopo~1\appdata\roaming\mozilla\firefox\profiles\hw97kfbd.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Yahoo! Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: c:\users\nuno pombo\appdata\roaming\mozilla\firefox\profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll

FF - component: c:\users\nuno pombo\appdata\roaming\mozilla\firefox\profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSwx.sys [2010-6-26 25168]

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-6-26 52872]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-6-26 24856]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-26 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-26 29584]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-26 243024]

R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-26 308136]

R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-6-26 2331544]

R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-26 5897808]

R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2010-4-19 5096808]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-9-9 1153368]

R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]

R3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSDriver.sys [2010-6-26 122448]

R3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSFilter.sys [2010-6-26 30288]

R3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSShim.sys [2010-6-26 20560]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-4-28 28464]

R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]

R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]

R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]

R3 netw5v32;Controlador de Placa de Ligação WiFi Intel® Sem Fios 5000 Series para Windows Vista de 32 Bits;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]

R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-28 75008]

R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-28 43904]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-6 812544]

R3 yukonw7;Controlador Miniport NDIS6.2 para Controlador Ethernet Marvell Yukon;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Serviço Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-29 136176]

S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2010-3-30 14336]

S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2010-3-30 20864]

S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2010-3-30 19968]

S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2010-3-30 24960]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-6-26 430152]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-4-29 54632]

S3 fsssvc;Serviço Segurança Familiar do Windows Live;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-5-4 101248]

S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\vstazl3.sys [2009-7-13 207360]

S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\vstdpv3.sys [2009-7-13 980992]

S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\vstcnxt3.sys [2009-7-13 661504]

S3 StorSvc;Serviço de Armazenamento;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2010-12-20 480624]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2010-4-28 83312]

S3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-21 1343400]

=============== Created Last 30 ================

2010-12-20 12:07:59 0 d-----w- c:\program files\common files\Sony Shared

2010-12-20 12:07:38 0 d-sh--w- c:\windows\Installer

2010-12-20 12:07:37 0 d-----w- c:\program files\Sony

2010-12-20 10:39:07 2072178 ----a-w- c:\windows\system32\PerfStringBackup.INI

2010-12-20 10:38:55 0 d-----w- c:\windows\system32\wbem\Performance

2010-12-20 10:34:17 0 d-sh--we c:\programdata\Modelos

2010-12-20 10:34:17 0 d-sh--we c:\programdata\Menu Iniciar

2010-12-20 10:34:17 0 d-sh--we c:\programdata\Favoritos

2010-12-20 10:34:17 0 d-sh--we c:\programdata\Documentos

2010-12-20 10:34:17 0 d-sh--we c:\programdata\Ambiente de trabalho

2010-12-20 10:34:17 0 d-sh--we c:\program files\Ficheiros comuns

2010-12-20 10:34:17 0 d-sh--we c:\program files\common files\Sistema

2010-12-20 10:16:00 0 d-----w- c:\windows\Panther

2010-09-30 00:30:05 325575988 ----a-w- c:\windows\MEMORY.DMP

2010-09-29 23:55:11 0 d-sh--w- C:\$RECYCLE.BIN

2010-09-29 23:39:42 98816 ----a-w- c:\windows\sed.exe

2010-09-29 23:39:42 77312 ----a-w- c:\windows\MBR.exe

2010-09-29 23:39:42 256512 ----a-w- c:\windows\PEV.exe

2010-09-29 23:39:42 161792 ----a-w- c:\windows\SWREG.exe

2010-09-29 23:06:50 0 d-----w- C:\VundoFix Backups

2010-09-29 22:14:23 0 d-----w- c:\program files\Trend Micro

2010-09-29 22:08:14 0 d-----w- c:\program files\CCleaner

2010-09-29 07:02:42 190976 ----a-w- c:\windows\system32\drivers\ks.sys

2010-09-29 07:02:42 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2010-09-28 20:51:54 0 d-----w- C:\$AVG

2010-09-28 20:51:21 2048 ----a-w- c:\windows\system32\tzres.dll

2010-09-16 11:23:13 0 d-----w- c:\users\nunopo~1\appdata\roaming\ACD Systems

2010-09-16 11:21:29 0 d-----w- c:\programdata\ACD Systems

2010-09-16 11:21:26 0 d-----w- c:\program files\common files\ACD Systems

2010-09-16 11:21:26 0 d-----w- c:\program files\ACD Systems

2010-09-16 10:00:08 316928 ----a-w- c:\windows\system32\spoolsv.exe

2010-09-11 17:04:37 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-09-11 17:01:07 0 d-----w- c:\programdata\Lavasoft

2010-09-09 21:49:05 0 d-----w- c:\programdata\AntiSpyInfo

2010-09-09 20:56:16 0 d-----w- c:\programdata\Spybot - Search & Destroy

2010-09-09 20:56:16 0 d-----w- c:\program files\Spybot - Search & Destroy

2010-09-08 23:27:33 0 d-----w- c:\program files\LG Electronics

2010-09-08 23:20:29 0 d-----w- C:\GT540

2010-09-08 23:15:19 53248 ----a-w- c:\windows\system32\CommonDL.dll

2010-09-08 23:15:19 44544 ----a-w- c:\windows\system32\msxml4a.dll

2010-09-08 23:15:19 2413 ----a-w- c:\windows\system32\lgAxconfig.ini

2010-09-08 23:15:12 0 d-----w- c:\programdata\LGMOBILEAX

2010-08-31 20:53:42 0 d-----w- c:\program files\Free PDF to Word Doc Converter

==================== Find3M ====================

2010-09-26 12:47:57 77940 ----a-w- c:\windows\system32\perfc014.dat

2010-09-26 12:47:57 682246 ----a-w- c:\windows\system32\prfh0816.dat

2010-09-26 12:47:57 451490 ----a-w- c:\windows\system32\perfh014.dat

2010-09-26 12:47:57 134596 ----a-w- c:\windows\system32\prfc0816.dat

2010-09-19 19:08:02 70538 ----a-w- c:\users\nunopo~1\appdata\roaming\nvModes.dat

2010-08-20 21:40:48 697328 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-08-04 22:04:31 0 ---h--w- c:\programdata\PKP_DLdu.DAT

2010-08-04 21:52:05 0 ---h--w- c:\programdata\PKP_DLdw.DAT

2010-07-30 21:32:08 106496 ----a-w- c:\windows\system32\ATL71.DLL

2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll

2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll

2010-07-03 21:32:11 23191 ----a-w- c:\windows\hpqins15.dat

2010-04-30 08:39:05 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat

2010-04-30 08:39:05 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat

2010-04-30 08:39:05 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat

2010-04-30 08:39:05 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat

2010-04-30 08:32:06 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat

2010-04-30 08:32:06 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat

2010-04-30 08:32:06 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat

2010-04-30 08:32:06 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat

2009-07-14 08:28:59 40548 ----a-w- c:\windows\inf\perflib\0816\perfd.dat

2009-07-14 08:28:59 40548 ----a-w- c:\windows\inf\perflib\0816\perfc.dat

2009-07-14 08:28:59 336656 ----a-w- c:\windows\inf\perflib\0816\perfi.dat

2009-07-14 08:28:59 336656 ----a-w- c:\windows\inf\perflib\0816\perfh.dat

2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini

2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat

2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 19:09:20,00 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Enterprise

Boot Device: \Device\HarddiskVolume1

Install Date: 20-12-2010 10:34:22

System Uptime: 30-09-2010 19:02:06 (0 hours ago)

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz | N/A | 2001/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 167,073 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP148: 01-09-2010 00:00:01 - Ponto de Verificação Agendado

RP149: 06-09-2010 00:35:43 - Windows Update

RP150: 09-09-2010 00:27:11 - Instalado LG USB Modem Driver

RP151: 16-09-2010 12:20:26 - Installed ACDSee 10 Photo Manager.

RP152: 17-09-2010 10:38:35 - Windows Update

RP154: 17-09-2010 12:26:42 - Installed Connect Service

RP156: 20-09-2010 21:12:27 - Avg Update

RP158: 20-09-2010 21:13:58 - Avg Update

RP159: 29-09-2010 08:01:47 - Windows Update

RP161: 29-09-2010 20:10:34 - Avg Update

RP162: 29-09-2010 23:14:07 - Installed HiJackThis

==== Installed Programs ======================

32 Bit HP CIO Components Installer

ACDSee 10 Photo Manager

Actualização do Microsoft Office Excel 2007 Help (KB963678)

Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)

Actualização do Microsoft Office Word 2007 Help (KB963665)

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Premiere Elements 8.0

Adobe Premiere Elements 8.0 Templates

Adobe Reader 9.3.4 - Português

AIO_CDA_ProductContext

AIO_CDA_Software

AIO_Scan

Alps Pointing-device for VAIO

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Panorama Maker 5

Arquivo do WinRAR

Assistente de Início de Sessão do Windows Live ID

AVG 9.0

Bonjour

BS.Player FREE

BS_Player Toolbar

BufferChm

C3100

c3100_Help

CCleaner

Copy

CutePDF Writer 2.8

Destinations

DeviceDiscovery

DisplayLink Core Software

DisplayLink Graphics

DocProc

Fax

Ferramenta de Carregamento do Windows Live

ffdshow v1.1.3425 [2010-05-08]

Free PDF to Word Doc Converter v1.1

Galeria de Fotografias do Windows Live

GOM Player

Google Chrome

Google Earth

Google Update Helper

GPBaseService2

GTK+ Runtime 2.6.9 rev a (remove only)

HDAUDIO SoftV92 Data Fax Modem with SmartCP

HiJackThis

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart All-In-One Driver Software 13.0 Rel. A

HP Photosmart Essential 3.5

HP Smart Web Printing 4.60

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Intel® TV Wizard

iTunes

Java 6 Update 15

JDownloader

Junk Mail filter update

Kanguru

LG Android Platform Drivers

LG Bluetooth Drivers

LG PC Suite IV

LG USB Modem Drivers

MarketResearch

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Portugal)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

Microsoft Office Groove MUI (Portuguese (Portugal)) 2007

Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007

Microsoft Office Live Add-in 1.4

Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Portuguese (Portugal)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Portugal)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007

Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

Microsoft Office Word MUI (Portuguese (Portugal)) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox (3.6.3)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Network

NVIDIA Display Control Panel

NVIDIA Drivers

OCR Software by I.R.I.S. 13.0

Pacote de controladores do Windows - Ricoh R5U870 (UVC) (06/18/2007 6.1004.211.0)

PVSonyDll

QuickTime

SAMSUNG Intelli-studio

Scan

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB2288953)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Segurança Familiar do Windows Live

Shop for HP Supplies

SmartSound Quicktracks for Premiere Elements 8.0

SmartWebPrinting

Software WIDCOMM Bluetooth 6.1.0.1203

SolutionCenter

SONY VGP-UPR1 (Display Adapter)

SONY VGP-UPR1 (Display Adapter) Utility

Sony Video Shared Library

Spybot - Search & Destroy

Status

System Requirements Lab

Toolbox

TrayApp

UltraStar Deluxe

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Outlook 2007 Junk Email Filter (kb2291599)

VAIO Camera Capture Utility

VAIO Content Metadata Intelligent Analyzing Manager

VAIO Content Metadata XML Interface Library

VAIO Control Center

VAIO Event Service

VAIO Original Function Settings

VAIO Power Management

VAIO Update 5

Veetle TV 0.9.17

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Vuze

Watchtower Library 2009 - Português

WebReg

Windows Installer Clean Up

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Sync

Windows Live Writer

Wireless Switch Setting Utility

==== End Of File ===========================

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2010-09-30 19:00:53

Windows 6.1.7600

Running: gmer.exe; Driver: C:\Users\NUNOPO~1\AppData\Local\Temp\uglyaaow.sys

---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82039AF8

INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82039104

INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820393F4

INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820222D8

INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82021898

INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820391DC

INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82039958

INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820396F8

INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82039F2C

INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8203A1A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82099599 1 Byte [06]

.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 820BDF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74252494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74235624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742356E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7425250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74248573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74244D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742450CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742451A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742466D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742482CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74248819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7424907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7424E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1084] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74244C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000053 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bfb8bf89f

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bfb8bf89f@8c541dddb0b7 0xBD 0xA0 0xD4 0x2B ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001bfb8bf89f (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

ComboFix 10-09-29.01 - nuno pombo 01-10-2010 22:45:37.2.2 - x86

Microsoft Windows 7 Enterprise 6.1.7600.0.1252.351.2070.18.2046.1132 [GMT 1:00]

Executando de: c:\users\nuno pombo\Desktop\ComboFix.exe

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-09-01 to 2010-10-01 ))))))))))))))))))))))))))))

.

2010-12-20 12:26 . 2010-12-20 12:26 -------- d-----w- c:\users\nuno pombo\AppData\Local\WindowsUpdate

2010-12-20 12:25 . 2010-07-25 10:17 -------- d-----w- c:\users\nuno pombo\AppData\Local\Diagnostics

2010-12-20 12:07 . 2010-04-28 20:21 -------- d-----w- c:\program files\Common Files\Sony Shared

2010-12-20 12:07 . 2010-09-29 22:14 -------- d-sh--w- c:\windows\Installer

2010-12-20 12:07 . 2010-09-17 11:27 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-12-20 12:07 . 2010-06-10 13:25 -------- d-----w- c:\program files\Sony

2010-12-20 12:07 . 2010-12-20 12:07 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\InstallShield

2010-12-20 11:52 . 2010-12-20 11:52 -------- d-----w- c:\windows\system32\Macromed

2010-12-20 11:26 . 2010-06-22 20:39 110288 ----a-w- c:\users\nuno pombo\AppData\Local\GDIPFONTCACHEV1.DAT

2010-12-20 10:38 . 2010-09-26 12:47 -------- d-----w- c:\windows\system32\wbem\Performance

2010-12-20 10:16 . 2010-12-20 10:34 -------- d-----w- c:\windows\Panther

2010-10-01 21:53 . 2010-10-01 21:53 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-10-01 21:53 . 2010-10-01 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-10-01 21:43 . 2010-10-01 21:44 -------- d-----w- C:\32788R22FWJFW

2010-09-30 18:52 . 2010-09-30 18:52 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\HPAppData

2010-09-29 23:06 . 2010-09-29 23:06 -------- d-----w- C:\VundoFix Backups

2010-09-29 22:14 . 2010-09-29 22:14 388096 ----a-r- c:\users\nuno pombo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-09-29 22:14 . 2010-09-29 22:14 -------- d-----w- c:\program files\Trend Micro

2010-09-29 22:08 . 2010-09-29 22:08 -------- d-----w- c:\program files\CCleaner

2010-09-29 07:02 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2010-09-29 07:02 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys

2010-09-28 20:51 . 2010-09-28 20:51 -------- d-----w- C:\$AVG

2010-09-28 20:51 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll

2010-09-16 11:23 . 2010-09-16 11:23 -------- d-----w- c:\users\nuno pombo\AppData\Local\ACD Systems

2010-09-16 11:23 . 2010-09-16 11:23 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\programdata\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\program files\Common Files\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\program files\ACD Systems

2010-09-16 10:00 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe

2010-09-11 17:04 . 2010-09-11 17:04 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-09-11 17:01 . 2010-09-11 17:01 -------- d-----w- c:\users\nuno pombo\AppData\Local\Sunbelt Software

2010-09-11 17:01 . 2010-09-28 19:42 -------- d-----w- c:\programdata\Lavasoft

2010-09-11 16:33 . 2010-09-11 16:33 8475584 ----a-w- c:\users\nuno pombo\AppData\Roaming\Azureus\tmp\AZU8075857266610791146.tmp\Vuze_4.5.0.4b_win32.exe

2010-09-09 20:56 . 2010-09-29 22:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2010-09-09 20:56 . 2010-09-09 20:56 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-09-08 23:29 . 2010-09-08 23:29 -------- d-----w- c:\users\nuno pombo\AppData\Local\LG Electronics

2010-09-08 23:27 . 2010-09-08 23:29 -------- d-----w- c:\program files\LG Electronics

2010-09-08 23:20 . 2010-09-08 23:25 -------- d-----w- C:\GT540

2010-09-08 23:15 . 2010-09-01 23:40 391096 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

2010-09-08 23:15 . 2010-08-20 07:03 100280 ----a-w- c:\programdata\LGMOBILEAX\LGMLauncher.exe

2010-09-08 23:15 . 2010-05-20 05:49 206784 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe

2010-09-08 23:15 . 2006-05-04 07:33 53248 ----a-w- c:\windows\system32\CommonDL.dll

2010-09-08 23:15 . 2005-10-04 00:39 44544 ----a-w- c:\windows\system32\msxml4a.dll

2010-09-08 23:15 . 2010-09-01 23:40 1066936 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGUserCSTool.exe

2010-09-08 23:15 . 2010-08-30 01:28 528384 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll

2010-09-08 23:15 . 2010-08-19 08:49 106496 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDL.dll

2010-09-08 23:15 . 2010-03-16 07:31 24576 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll

2010-09-08 23:15 . 2010-09-08 23:15 -------- d-----w- c:\programdata\LGMOBILEAX

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Modelos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Menu Iniciar

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Favoritos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Documentos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Ambiente de trabalho

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\program files\Ficheiros comuns

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\program files\Common Files\Sistema

2010-09-30 00:05 . 2010-06-26 11:02 -------- d-----w- c:\programdata\AVG Security Toolbar

2010-09-29 22:13 . 2010-04-30 08:01 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\Azureus

2010-09-29 07:06 . 2010-04-29 20:53 -------- d-----w- c:\program files\Microsoft Silverlight

2010-09-26 12:47 . 2010-04-30 08:33 77940 ----a-w- c:\windows\system32\perfc014.dat

2010-09-26 12:47 . 2010-04-30 08:33 451490 ----a-w- c:\windows\system32\perfh014.dat

2010-09-26 12:47 . 2009-07-14 08:29 682246 ----a-w- c:\windows\system32\prfh0816.dat

2010-09-26 12:47 . 2009-07-14 08:29 134596 ----a-w- c:\windows\system32\prfc0816.dat

2010-09-25 06:10 . 2010-07-29 08:04 -------- d-----w- c:\program files\Google

2010-09-24 21:21 . 2010-04-29 21:25 -------- d-----w- c:\program files\JDownloader

2010-09-19 19:08 . 2010-04-28 19:22 70538 ----a-w- c:\users\nuno pombo\AppData\Roaming\nvModes.dat

2010-09-17 11:27 . 2010-07-30 21:31 -------- d--h--w- c:\programdata\ArcSoft

2010-09-17 11:26 . 2010-08-07 23:00 2564863 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe

2010-09-17 09:43 . 2010-04-28 11:39 -------- d-----w- c:\programdata\Microsoft Help

2010-09-09 21:52 . 2010-09-09 21:49 -------- d-----w- c:\programdata\AntiSpyInfo

2010-08-31 20:53 . 2010-08-31 20:53 -------- d-----w- c:\program files\Free PDF to Word Doc Converter

2010-08-20 21:43 . 2010-08-20 21:43 -------- d-----w- c:\program files\Alcohol Soft

2010-08-20 21:40 . 2010-08-20 21:40 697328 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-08-06 22:33 . 2010-08-04 22:16 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\Intelli-studio

2010-08-04 22:15 . 2010-08-04 22:15 -------- d-----w- c:\program files\SAMSUNG

2010-08-04 22:09 . 2010-07-30 21:32 -------- d-----w- c:\program files\Common Files\Nikon

2010-08-04 22:04 . 2010-07-30 21:32 -------- d-----w- c:\program files\Nikon

2010-08-04 22:04 . 2010-07-30 21:32 0 ---h--w- c:\programdata\PKP_DLdu.DAT

2010-08-04 21:52 . 2010-07-30 21:33 0 ---h--w- c:\programdata\PKP_DLdw.DAT

2010-07-30 21:32 . 2003-03-19 11:05 106496 ----a-w- c:\windows\system32\ATL71.DLL

2010-07-29 06:30 . 2010-08-10 19:03 197632 ----a-w- c:\windows\system32\ir32_32.dll

2010-07-29 06:30 . 2010-08-10 19:03 82944 ----a-w- c:\windows\system32\iccvid.dll

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-09-27 2102600]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]

2010-09-08 23:39 35688 ----a-w- c:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2010-09-27 11:32 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

2009-12-31 10:53 2349080 ----a-w- c:\program files\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-09-27 2102600]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-09-27 2102600]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]

"LG LinkAir"="c:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2436968]

"Google Update"="c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-29 136176]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2010-04-28 118784]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-06-11 317560]

"SONY VGP-UPR1 (Display Adapter)"="c:\program files\DisplayLink Core Software\DisplayLinkUI.exe" [2010-04-19 783720]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2009-05-26 92704]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-26 8530464]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-26 88608]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-09-29 2067808]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2010-09-01 391096]

c:\users\nuno pombo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Inicia‡Æo R*pida do Microsoft Office OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-6-22 739880]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-07-24 18:26 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Serviço Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 136176]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-03-30 14336]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-03-30 20864]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-03-30 19968]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-03-30 24960]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-09-27 431432]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 101248]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]

R3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-20 697328]

S0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSwx.sys [2010-06-26 25168]

S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-06-26 52872]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-06-26 24856]

S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-06-26 216400]

S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-26 243024]

S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-26 308136]

S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-09-20 2331544]

S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2010-04-19 5096808]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [2010-06-26 122448]

S3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [2010-06-26 30288]

S3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [2010-06-26 20560]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-28 28464]

S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]

S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]

S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]

S3 netw5v32;Controlador de Placa de Ligação WiFi Intel® Sem Fios 5000 Series para Windows Vista de 32 Bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]

S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2010-04-28 75008]

S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2010-04-28 43904]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]

S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2010-04-28 812544]

S3 yukonw7;Controlador Miniport NDIS6.2 para Controlador Ethernet Marvell Yukon;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 08:04]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 08:04]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2330805794-1148715945-3464930399-1000Core.job

- c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 08:04]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2330805794-1148715945-3464930399-1000UA.job

- c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 08:04]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.watchtower.org/t/index.html

uInternet Settings,ProxyOverride = *.local

IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000

IE: LG Air Sync Options - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209

IE: R-Click Save as Mobile Image - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206

IE: R-Click Save as Mobile Memo - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208

IE: R-Click Save as Mobile Text file - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210

IE: R-Click Set as Mobile Wallpaper - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

FF - ProfilePath - c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Yahoo! Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13

FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll

FF - component: c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll

.

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.032"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.amr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ani"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.arw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bay"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bwf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cel"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cr2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.crw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cs1"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cur"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dcr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dcx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dib"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.djv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.djvu"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dng"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.emf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.eps"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.erf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.flc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fli"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fpx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.gif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.hdr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.icl"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.icn"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ico"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.iff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ilbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.int"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.inta"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.iw4"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.j2c"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.j2k"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jfif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jp2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpe"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpeg"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpg"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpk"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.kar"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.lbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m15"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m1a"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m2a"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m75"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mos"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mpv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mrw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.nef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.orf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pcd"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pct"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pcx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pgm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pic"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pics"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pict"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pix"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.png"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ppm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.psd"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.psp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pspimage"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.qcp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.qtpf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.raf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ras"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.raw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rgb"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rgba"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rle"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rsb"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sdv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sfil"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sgi"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smi"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smil"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sml"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sr2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.srf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.swa"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tga"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.thm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tiff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ttc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ttf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ulw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10o"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10p"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10pf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.vfw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wbmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wmf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xpm"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000008b

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(1188)

c:\windows\system32\btmmhook.dll

.

Tempo para conclusão: 2010-10-01 22:55:28

ComboFix-quarantined-files.txt 2010-10-01 21:55

ComboFix2.txt 2010-09-30 00:01

Pré-execução: 179.694.108.672 bytes livres

Pós execução: 179.641.049.088 bytes livres

- - End Of File - - BAB5EF1F1AF241CA503413A9C4B6AB29

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por que o ComboFix foi executado duas vezes? Está recebendo ajuda em outro fórum?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não,

eu antes de descobrir o vosso forum, pesquisei na net sobre o virus, e o combofix apareceu nas pesquisas como uma possivel forma de resolver.

Então eu fiz o download e executei.

Mas li que o combofix, nem sempre apaga tudo de forma automática e que era preciso ajuda especializada para saber ler o log. Eu não tenho esse conhecimento, e foi ai que eu descobri o vosso forum e registei-me, tanto que o meu primeiro post foi logo um LOG do combofix, só que foi apagado por não seguir os padrões delineados para colocar post.

Então fiz como vocês indicam, colocar os LOG's do DDS e do GMER.

Você depois solicitou o do combofix, e como eu já tinha eliminado o outro tive que o executar novamente, não sei se fiz bem :(

Compartilhar este post


Link para o post
Compartilhar em outros sites

Procure e poste o arquivo C:\Qoobox\ComboFix2.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Eu não encontro o ficheiro solicitado.

Esse LOG que coloquei do COMBOFIX foi da segunda execução do programa,

pois eu próprio apaguei o da primeira.

Quer que eu execute novamente COMBOFIX?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Procure dentro da pasta Qoobox o arquivo Quarantine.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Peço desculpa por esta confusão toda....:confused:

Dentro da pasta Qoobox encontrei o ficheiro ComboFix2.txt

ao qual vou colocar aqui,mas não encontrei o Quarentine.txt, encontrei o ComboFix-quarantined-files.txt que vou postar também.

COMBOFIX2.TXT

ComboFix 10-09-29.01 - nuno pombo 30-09-2010 0:42.1.2 - x86

Microsoft Windows 7 Enterprise 6.1.7600.0.1252.351.2070.18.2046.1073 [GMT 1:00]

Executando de: c:\users\nuno pombo\Desktop\ComboFix.exe

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Public\Documents\Server\admin.txt

c:\users\Public\Documents\Server\server.dat

c:\windows\system32\system

A cópia de c:\windows\explorer.exe foi encontrada e desinfectada

Cópia restaurada de - c:\combofix\HarddiskVolumeShadowCopy8_!Windows!explorer.exe

A cópia de c:\windows\System32\wininit.exe foi encontrada e desinfectada

Cópia restaurada de - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

A cópia de c:\windows\explorer.exe foi encontrada e desinfectada

Cópia restaurada de - c:\combofix\HarddiskVolumeShadowCopy8_!Windows!explorer.exe

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-28 to 2010-09-29 ))))))))))))))))))))))))))))

.

2010-12-20 12:26 . 2010-12-20 12:26 -------- d-----w- c:\users\nuno pombo\AppData\Local\WindowsUpdate

2010-12-20 12:25 . 2010-07-25 10:17 -------- d-----w- c:\users\nuno pombo\AppData\Local\Diagnostics

2010-12-20 12:07 . 2010-04-28 20:21 -------- d-----w- c:\program files\Common Files\Sony Shared

2010-12-20 12:07 . 2010-09-29 22:14 -------- d-sh--w- c:\windows\Installer

2010-12-20 12:07 . 2010-09-17 11:27 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-12-20 12:07 . 2010-06-10 13:25 -------- d-----w- c:\program files\Sony

2010-12-20 12:07 . 2010-12-20 12:07 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\InstallShield

2010-12-20 11:52 . 2010-12-20 11:52 -------- d-----w- c:\windows\system32\Macromed

2010-12-20 11:26 . 2010-06-22 20:39 110288 ----a-w- c:\users\nuno pombo\AppData\Local\GDIPFONTCACHEV1.DAT

2010-12-20 10:38 . 2010-09-26 12:47 -------- d-----w- c:\windows\system32\wbem\Performance

2010-12-20 10:16 . 2010-12-20 10:34 -------- d-----w- c:\windows\Panther

2010-09-29 23:52 . 2010-09-29 23:52 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-09-29 23:35 . 2010-09-29 23:39 -------- d-----w- C:\32788R22FWJFW

2010-09-29 23:06 . 2010-09-29 23:06 -------- d-----w- C:\VundoFix Backups

2010-09-29 22:14 . 2010-09-29 22:14 388096 ----a-r- c:\users\nuno pombo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-09-29 22:14 . 2010-09-29 22:14 -------- d-----w- c:\program files\Trend Micro

2010-09-29 22:08 . 2010-09-29 22:08 -------- d-----w- c:\program files\CCleaner

2010-09-29 07:02 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2010-09-29 07:02 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys

2010-09-28 20:51 . 2010-09-28 20:51 -------- d-----w- C:\$AVG

2010-09-28 20:51 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll

2010-09-16 11:23 . 2010-09-16 11:23 -------- d-----w- c:\users\nuno pombo\AppData\Local\ACD Systems

2010-09-16 11:23 . 2010-09-16 11:23 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\programdata\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\program files\Common Files\ACD Systems

2010-09-16 11:21 . 2010-09-16 11:21 -------- d-----w- c:\program files\ACD Systems

2010-09-16 10:00 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe

2010-09-11 17:04 . 2010-09-11 17:04 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-09-11 17:01 . 2010-09-11 17:01 -------- d-----w- c:\users\nuno pombo\AppData\Local\Sunbelt Software

2010-09-11 17:01 . 2010-09-28 19:42 -------- d-----w- c:\programdata\Lavasoft

2010-09-11 16:33 . 2010-09-11 16:33 8475584 ----a-w- c:\users\nuno pombo\AppData\Roaming\Azureus\tmp\AZU8075857266610791146.tmp\Vuze_4.5.0.4b_win32.exe

2010-09-09 20:56 . 2010-09-29 22:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2010-09-09 20:56 . 2010-09-09 20:56 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-09-08 23:29 . 2010-09-08 23:29 -------- d-----w- c:\users\nuno pombo\AppData\Local\LG Electronics

2010-09-08 23:27 . 2010-09-08 23:29 -------- d-----w- c:\program files\LG Electronics

2010-09-08 23:20 . 2010-09-08 23:25 -------- d-----w- C:\GT540

2010-09-08 23:15 . 2010-09-01 23:40 391096 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

2010-09-08 23:15 . 2010-08-20 07:03 100280 ----a-w- c:\programdata\LGMOBILEAX\LGMLauncher.exe

2010-09-08 23:15 . 2010-05-20 05:49 206784 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe

2010-09-08 23:15 . 2006-05-04 07:33 53248 ----a-w- c:\windows\system32\CommonDL.dll

2010-09-08 23:15 . 2005-10-04 00:39 44544 ----a-w- c:\windows\system32\msxml4a.dll

2010-09-08 23:15 . 2010-09-01 23:40 1066936 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGUserCSTool.exe

2010-09-08 23:15 . 2010-08-30 01:28 528384 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll

2010-09-08 23:15 . 2010-08-19 08:49 106496 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDL.dll

2010-09-08 23:15 . 2010-03-16 07:31 24576 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll

2010-09-08 23:15 . 2010-09-08 23:15 -------- d-----w- c:\programdata\LGMOBILEAX

2010-08-31 20:53 . 2010-08-31 20:53 -------- d-----w- c:\program files\Free PDF to Word Doc Converter

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Modelos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Menu Iniciar

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Favoritos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Documentos

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\programdata\Ambiente de trabalho

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\program files\Ficheiros comuns

2010-12-20 10:34 . 2010-12-20 10:34 -------- d-sh--we c:\program files\Common Files\Sistema

2010-09-29 22:13 . 2010-04-30 08:01 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\Azureus

2010-09-29 07:06 . 2010-04-29 20:53 -------- d-----w- c:\program files\Microsoft Silverlight

2010-09-26 12:47 . 2010-04-30 08:33 77940 ----a-w- c:\windows\system32\perfc014.dat

2010-09-26 12:47 . 2010-04-30 08:33 451490 ----a-w- c:\windows\system32\perfh014.dat

2010-09-26 12:47 . 2009-07-14 08:29 682246 ----a-w- c:\windows\system32\prfh0816.dat

2010-09-26 12:47 . 2009-07-14 08:29 134596 ----a-w- c:\windows\system32\prfc0816.dat

2010-09-25 06:10 . 2010-07-29 08:04 -------- d-----w- c:\program files\Google

2010-09-24 21:21 . 2010-04-29 21:25 -------- d-----w- c:\program files\JDownloader

2010-09-19 19:08 . 2010-04-28 19:22 70538 ----a-w- c:\users\nuno pombo\AppData\Roaming\nvModes.dat

2010-09-17 11:27 . 2010-07-30 21:31 -------- d--h--w- c:\programdata\ArcSoft

2010-09-17 11:26 . 2010-08-07 23:00 2564863 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe

2010-09-17 09:43 . 2010-04-28 11:39 -------- d-----w- c:\programdata\Microsoft Help

2010-09-09 21:52 . 2010-09-09 21:49 -------- d-----w- c:\programdata\AntiSpyInfo

2010-08-20 21:43 . 2010-08-20 21:43 -------- d-----w- c:\program files\Alcohol Soft

2010-08-20 21:40 . 2010-08-20 21:40 697328 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-08-06 22:33 . 2010-08-04 22:16 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\Intelli-studio

2010-08-04 22:15 . 2010-08-04 22:15 -------- d-----w- c:\program files\SAMSUNG

2010-08-04 22:09 . 2010-07-30 21:32 -------- d-----w- c:\program files\Common Files\Nikon

2010-08-04 22:04 . 2010-07-30 21:32 -------- d-----w- c:\program files\Nikon

2010-08-04 22:04 . 2010-07-30 21:32 0 ---h--w- c:\programdata\PKP_DLdu.DAT

2010-08-04 21:52 . 2010-07-30 21:33 0 ---h--w- c:\programdata\PKP_DLdw.DAT

2010-08-02 09:12 . 2010-06-26 16:37 -------- d-----w- c:\users\nuno pombo\AppData\Roaming\ultrastardx

2010-07-30 21:32 . 2003-03-19 11:05 106496 ----a-w- c:\windows\system32\ATL71.DLL

2010-07-29 06:30 . 2010-08-10 19:03 197632 ----a-w- c:\windows\system32\ir32_32.dll

2010-07-29 06:30 . 2010-08-10 19:03 82944 ----a-w- c:\windows\system32\iccvid.dll

2010-07-03 21:32 . 2010-07-03 21:31 23191 ----a-w- c:\windows\hpqins15.dat

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]

2010-09-08 23:39 35688 ----a-w- c:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2010-04-19 09:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

2009-12-31 10:53 2349080 ----a-w- c:\program files\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]

"LG LinkAir"="c:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2436968]

"Google Update"="c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-29 136176]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2010-04-28 118784]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-06-11 317560]

"SONY VGP-UPR1 (Display Adapter)"="c:\program files\DisplayLink Core Software\DisplayLinkUI.exe" [2010-04-19 783720]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2009-05-26 92704]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-26 8530464]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-26 88608]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-09-29 2067808]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2010-09-01 391096]

c:\users\nuno pombo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Inicia‡Æo R*pida do Microsoft Office OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-6-22 739880]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-07-24 18:26 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Serviço Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 136176]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-03-30 14336]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-03-30 20864]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-03-30 19968]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-03-30 24960]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 101248]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]

R3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-20 697328]

S0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSwx.sys [2010-06-26 25168]

S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-06-26 52872]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-06-26 24856]

S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-06-26 216400]

S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-26 243024]

S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-26 308136]

S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-09-20 2331544]

S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2010-04-19 5096808]

S3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [2010-06-26 122448]

S3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [2010-06-26 30288]

S3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [2010-06-26 20560]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-28 28464]

S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]

S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]

S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]

S3 netw5v32;Controlador de Placa de Ligação WiFi Intel® Sem Fios 5000 Series para Windows Vista de 32 Bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]

S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2010-04-28 75008]

S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2010-04-28 43904]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]

S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2010-04-28 812544]

S3 yukonw7;Controlador Miniport NDIS6.2 para Controlador Ethernet Marvell Yukon;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 08:04]

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-29 08:04]

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2330805794-1148715945-3464930399-1000Core.job

- c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 08:04]

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2330805794-1148715945-3464930399-1000UA.job

- c:\users\nuno pombo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 08:04]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.watchtower.org/t/index.html

uInternet Settings,ProxyOverride = *.local

IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000

IE: LG Air Sync Options - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209

IE: R-Click Save as Mobile Image - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206

IE: R-Click Save as Mobile Memo - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208

IE: R-Click Save as Mobile Text file - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210

IE: R-Click Set as Mobile Wallpaper - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

FF - ProfilePath - c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Yahoo! Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13

FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll

FF - component: c:\users\nuno pombo\AppData\Roaming\Mozilla\Firefox\Profiles\hw97kfbd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Veetle\Player\npvlc.dll

FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll

FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

.

- - - - ORFÃOS REMOVIDOS - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.032"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.amr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ani"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.arw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bay"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.bwf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cel"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cr2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.crw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cs1"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.cur"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dcr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dcx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dib"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.djv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.djvu"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.dng"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.emf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.eps"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.erf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.flc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fli"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.fpx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.gif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.hdr"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.icl"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.icn"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ico"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.iff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ilbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.int"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.inta"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.iw4"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.j2c"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.j2k"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jfif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jp2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpe"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpeg"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpg"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpk"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.jpx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.kar"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.lbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m15"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m1a"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m2a"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.m75"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mos"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mpv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.mrw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.nef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.orf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pcd"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pct"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pcx"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pef"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pgm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pic"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pics"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pict"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pix"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.png"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ppm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.psd"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.psp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.pspimage"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.qcp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.qtpf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.raf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ras"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.raw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rgb"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rgba"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rle"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.rsb"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sdv"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sfil"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sgi"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smi"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.smil"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sml"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.sr2"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.srf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.swa"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tga"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.thm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.tiff"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ttc"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ttf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.ulw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10o"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10p"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.v10pf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.vfw"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wbmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.wmf"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xbm"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xif"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xmp"

[HKEY_USERS\S-1-5-21-2330805794-1148715945-3464930399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee 10.0.xpm"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000008b

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(2396)

c:\windows\system32\btncopy.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\program files\DisplayLink Core Software\DisplayLinkUserAgent.exe

c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\program files\Sony\VAIO Event Service\VESMgr.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\DRIVERS\xaudio.exe

c:\program files\AVG\AVG9\avgam.exe

c:\program files\AVG\AVG9\avgnsx.exe

c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe

c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe

c:\program files\AVG\AVG9\avgrsx.exe

c:\program files\AVG\AVG9\avgchsvx.exe

c:\program files\AVG\AVG9\avgcsrvx.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Sony\VAIO Event Service\VESMgrSub.exe

c:\program files\Sony\VAIO Power Management\SPMgr.exe

c:\windows\system32\WUDFHost.exe

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\conhost.exe

c:\program files\AVG\AVG9\avgcsrvx.exe

c:\windows\system32\sppsvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-09-30 01:01:16 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-09-30 00:01

Pré-execução: 179.981.398.016 bytes livres

Pós execução: 179.636.350.976 bytes livres

- - End Of File - - 2D80783B7E26894CC512CAD060E9A6FD

FICHEIRO ComboFix-quarantined-files.TXT

2010-09-30 00:00:17 . 2010-09-30 00:00:17 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat

2010-09-29 23:48:09 . 2010-10-01 21:51:01 8,772 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

2010-09-29 23:35:01 . 2010-10-01 21:45:37 175 ----a-w- C:\Qoobox\Quarantine\catchme.log

2010-09-26 21:43:14 . 2010-09-26 21:43:18 54,784 ----a-w- C:\Qoobox\Quarantine\C\Users\Public\Documents\Server\server.dat.vir

2010-07-03 09:40:40 . 2010-07-03 09:40:40 20 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\SYSTEM.vir

2010-04-28 11:32:34 . 2009-10-31 05:45:39 2,614,272 ----a-w- C:\Qoobox\Quarantine\C\Windows\explorer.exe.vir

2009-07-13 23:36:49 . 2009-07-14 01:14:45 96,256 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\wininit.exe.vir

2009-07-13 23:24:44 . 2009-07-14 01:16:17 2 ----a-w- C:\Qoobox\Quarantine\C\Users\Public\Documents\Server\admin.txt.vir

Obrigado pela vossa ajuda

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia atentamente toda a instrução abaixo antes de executar o programa.

Faça download do Kaspersky Removal Tool e salve em seu desktop.

  • Instale o programa normalmente, seguindo todas as instruções.
  • Uma pasta chamada Virus Removal Tool será criada no desktop.
  • Na tela do programa clique nas opções:
    • Meu computador
    • Hidden Startup objects
    • Disk boot sectors
    • System Memory

    [*]Clique no botão Start Scan.[*]Seja paciente, o scan é demorado![*]Conforme for scaneando provavelmente abrirá algumas janelas pequenas ao lado do relógio, não clique em nada.[*]Também há uma possibilidade de abrir uma janela maior contendo as seguintes opções:

    • Desinfection (quando possível)
    • Delete
    • Skip
  • Quando aparecer, marque primero a opção abaixo Apply to all objects e depois clique numa das opções acima.
  • Após completar tudo, clique no botão Reports, na janela que abrir nas opções acima deixe:
    • Autoscan
    • Group by result
    • All Events

    [*]Expanda Autoscan clicando no sinal ao lado de +[*]Expanda Result: Detected.[*]Clique com o botão direito do mouse e escolha Select all, e depois escolha Copy.[*]Atenção, ao fazer isso parece que o PC travou, mas não, aguarde uns minutos para liberar a memória.[*]Abra o Bloco de Notas e cole (ctrl + v)[*]Dê um nome para o arquivo e salve numa pasta de sua preferência.[*]Feche o resultado clicando no botão Exit.[*]Ao fazer isso será questionado se quer desinstalar a ferramenta, clique em Sim.[*]Reinicie o computador quando for pedido.[*]Poste o conteúdo desse arquivo em sua próxima resposta.

OBSERVAÇÃO1:

Atente para as janelas durante o scan elas possuem cores diferentes dependendo do risco. Portanto,
  • verde
    :
    baixo risco
  • amarelo
    :
    médio risco
  • vermelho
    :
    alto risco

Antes de tomar qualquer medida verifique com cuidado o caminho/nome do arquivo para ver é de seu conhecimento, caso seja clique em
Skip
.

OBSERVAÇÃO2:

Se no resultado final do scan apenas tiver
Result:
OK
, não precisa gerar um relatório, apenas informe deste.

OBSERVAÇÃO3:

Durante o scan pode ser que o Kaspersky acuse a seguinte pasta com vírus:
c:\
QooBox
. Caso isto aconteça escolha a opção
Skip
, pois a mesma pertence ao
ComboFix
e será removida quando o mesmo for desinstalado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Autoscan: completed 5 hours ago (events: 575394, objects: 572524, time: 04:00:44)

Result: OK (events: 570246)

Result: Detected (events: 14)

07-10-2010 22:55:27 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1dd6a40c-58f6467c/vmain.class

07-10-2010 22:55:34 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30feb821-5e2f7068/vmain.class

07-10-2010 22:55:34 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/AdgredY.class

07-10-2010 22:55:48 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/DyesyasZ.class

07-10-2010 22:55:49 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/LoaderX.class

07-10-2010 22:55:59 C:\Documents and Settings\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\e649f74-4eec4ee5/vmain.class

08-10-2010 00:46:48 C:\Qoobox\Quarantine\C\Windows\explorer.exe.vir

08-10-2010 00:46:48 C:\Qoobox\Quarantine\C\Windows\System32\wininit.exe.vir

08-10-2010 00:54:18 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1dd6a40c-58f6467c/vmain.class

08-10-2010 00:54:21 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30feb821-5e2f7068/vmain.class

08-10-2010 00:54:22 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/AdgredY.class

08-10-2010 00:54:22 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/DyesyasZ.class

08-10-2010 00:54:22 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72a5bf64-2e622c02/dev/s/LoaderX.class

08-10-2010 00:54:24 C:\Users\nuno pombo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\e649f74-4eec4ee5/vmain.class

Result: Archive (events: 4279)

Result: Packed (events: 737)

Result: Untreated (events: 14)

Result: Not processed (events: 12)

Result: Password protected (events: 90)

Result: Task started (events: 1)

Result: Task completed (events: 1)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Como tem estado o computador?

Compartilhar este post


Link para o post
Compartilhar em outros sites

O computador tem estado estavel,

pelo menos o google já não redirecciona os links.

Agora não sei se tenho algo mais.....

Compartilhar este post


Link para o post
Compartilhar em outros sites

Parabéns, seu log está limpo.

De agora em diante fique ALERTA!

Para finalizar faça o seguinte:

Vá em Iniciar > Executar e digite ComboFix /Uninstall . Isso desinstalará o ComboFix de sua máquina.

Faça download do OTCleanIt by OldTimer

  • Salve no seu desktop (área/ambiente de trabalho).
  • Duplo-clique no icone do OTC.
  • Clique no botão "Cleanup" 8gehxg0.gif
  • Permita que o seu computador seja reiniciado.

Sugiro que rode o CCleaner para fazer uma limpeza em sua máquina. Faça o download dele aqui CCleaner

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Erros >> Procurar erros >> Corrigir Erros

Sugiro também que consulte este artigo: Proteja seu PC

Mais algum problema com o computador?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Vou fazer isso!

Muito Obrigado pela vossa ajuda!!!

Sempre que necessitar, vou recorrer à vossa ajuda!!!!

Cumprimentos!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!