Ir ao conteúdo
  • Cadastre-se
bombocadoce

Acento duplo (nada funciona)

Recommended Posts

Boas,

Gostaria de pedir ajuda para um problema irritante que muitos devem conhecer: o acento duplo. :(

~~^^´´`` ...

Enfim, ja tentei imensas soluçoes deste e de outros foruns mas nenhum programa resolveu o problema.

Obrigada desde ja! :lol:

Aqui esta o DDS:

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Joana at 22:06:05,84 on 24-04-2011

Internet Explorer: 8.0.6001.19048 BrowserJavaVersion: 1.6.0_23

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.351.2070.18.3069.1453 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AnyUtils\Any Wallpaper\AnyWallpaper.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SupportAppPT\ztemon_cd.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\Joana\Desktop\FixBugb.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Joana\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682

uDefault_Page_URL = hxxp://www.sapo.pt

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;

mSearchAssistant = about:blank

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {CCADEC52-D8E5-4DE4-9FA4-EADE0828890B} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [{DF030F23-4FA6-D1D6-75C7-D439E7BB3B44}] c:\users\joana\zoga\iqwyb.exe

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/pt.special-uninstallation-feedback-appf?lic=NFVIMlctM1NYM0UtR0hHWDktQUZISjMtUFcyUU4tWjlLSDQ"&"inst=NzctNjAwNDkzMDE0LUZMMTArMS1MSUMrMQ"&"prod=90"&"ver=10.0.1321

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-explorer: NoResolveTrack = 1 (0x1)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\joana\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\joana\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm

IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?PT

IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\joana\appdata\roaming\mozilla\firefox\profiles\y3o775ul.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.pt

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\joana\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-5 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-11 307288]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-11 19544]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-9-11 53592]

R2 Automatic CDROM Monitor;Automatic CDROM Monitor;c:\windows\system32\supportapppt\ztemon_cd.exe [2010-9-18 86016]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-11 42184]

R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]

R2 FontCache;Serviço de Cache de Tipos de Letra do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-7-3 7168]

RUnknown SASDIFSV;SASDIFSV; [x]

RUnknown SASKUTIL;SASKUTIL; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PavPrSrv;Panda Process Protection Service;"c:\program files\common files\panda software\pavshld\pavprsrv.exe" --> c:\program files\common files\panda software\pavshld\pavprsrv.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-04-24 14:40:24 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-04-24 14:40:02 -------- d-----w- C:\VundoFix Backups

2011-04-24 13:26:20 -------- d--h--w- C:\$AVG

2011-04-24 12:41:08 -------- d-----w- c:\users\joana\appdata\roaming\AVG10

2011-04-24 12:27:25 -------- d--h--w- c:\progra~2\Common Files

2011-04-24 12:25:48 -------- d-----w- c:\progra~2\AVG10

2011-04-24 12:25:03 -------- d-----w- c:\program files\AVG

2011-04-24 12:15:51 -------- d-----w- c:\progra~2\MFAData

2011-04-24 11:18:17 -------- d-s---w- C:\ComboFix

2011-04-24 11:03:08 -------- d-----w- c:\users\joana\appdata\roaming\Malwarebytes

2011-04-24 11:03:04 -------- d-----w- c:\progra~2\Malwarebytes

2011-04-24 11:02:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-04-24 09:43:45 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-04-24 09:43:45 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-04-23 17:00:00 -------- d-----w- c:\users\joana\appdata\local\{1935C5B4-41A3-4AE6-BDF3-378DB7C5F618}

2011-04-22 15:06:06 -------- d-----w- c:\progra~2\KingsIsle Entertainment

2011-04-22 09:11:05 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{79acb16d-54b8-4f48-8b08-8a12d7b10f43}\mpengine.dll

2011-04-16 15:29:25 -------- d-----w- c:\program files\VirtualVillagers_at

2011-04-16 15:10:53 -------- d-----w- c:\progra~2\Big Fish Games

2011-04-16 15:10:16 -------- d-----w- C:\BigFishGamesCache

2011-04-15 08:41:17 -------- d-----w- c:\progra~2\EA Core

2011-04-15 08:26:01 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-04-15 08:26:00 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-04-15 08:24:51 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-04-15 08:24:51 322560 ----a-w- c:\windows\system32\sbe.dll

2011-04-15 08:24:51 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-04-15 08:24:50 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-04-15 08:24:42 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-04-15 08:24:17 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-04-15 08:24:16 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-04-13 11:05:22 -------- d-----w- c:\users\joana\appdata\local\{C25632EA-918F-40DB-8662-127408F94A1F}

2011-04-10 20:30:21 -------- d-----w- c:\program files\RocketDock

2011-04-10 20:23:51 35332 ----a-w- c:\windows\system32\uninst.exe

2011-04-10 20:23:51 1350656 ----a-w- c:\windows\system32\Screen Antics.scr

2011-04-10 20:23:09 -------- d-----w- c:\program files\LIVEUPDATE

2011-04-10 20:23:09 -------- d-----w- c:\program files\Aqua Dock

2011-04-10 11:41:07 -------- d-----w- c:\users\joana\appdata\local\{98EFF7FF-0E44-40C5-BF27-2DE542B2F458}

2011-04-09 21:20:28 -------- d-----w- c:\users\joana\appdata\local\AnyUtils

2011-04-09 21:20:26 -------- d-----w- c:\program files\AnyUtils

2011-04-09 20:13:22 -------- d-----w- c:\users\joana\appdata\local\{9D3EE474-CB48-4F30-BB8F-E36FF96B8CE0}

2011-04-09 15:04:28 -------- d-----w- c:\users\joana\appdata\local\WpfDock

2011-04-09 14:57:59 -------- d-----w- c:\users\joana\appdata\roaming\BatteryBar

2011-04-08 18:49:41 -------- d-----w- c:\users\joana\appdata\local\{B1805E4C-E602-4528-96C0-4E878463534C}

2011-04-05 20:38:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-04-05 13:02:16 -------- d-----w- c:\windows\pss

2011-04-03 13:19:31 -------- d-----w- c:\users\joana\appdata\roaming\EuroTalk

2011-03-29 21:19:36 -------- d-----w- c:\users\joana\appdata\local\PackageAware

2011-03-26 22:31:07 -------- d-sh--w- C:\found.000

2011-03-25 22:11:57 -------- d-----w- c:\users\joana\appdata\local\{B8A84787-3859-45BE-9435-E99D7E9A6FC6}

.

==================== Find3M ====================

.

2011-04-18 17:25:12 40112 ----a-w- c:\windows\avastSS.scr

2011-03-13 10:20:41 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-03-13 10:11:04 138056 ----a-w- c:\users\joana\appdata\roaming\PnkBstrK.sys

2011-03-13 10:10:49 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys

2011-03-02 15:44:27 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-02-22 14:13:01 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33:12 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-02-22 13:33:09 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-02-22 06:21:28 916480 ----a-w- c:\windows\system32\wininet.dll

2011-02-22 06:17:08 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-02-22 06:16:53 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-02-22 06:16:40 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-02-22 06:16:40 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-02-22 05:20:39 385024 ----a-w- c:\windows\system32\html.iec

2011-02-22 04:43:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-02-22 04:42:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-02-17 06:23:50 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-02-06 11:50:40 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 17:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 22:06:50,69 ===============

Aqui esta o Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 17-04-2009 17:19:50

System Uptime: 24-04-2011 20:13:26 (2 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | CPU | 2000/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 116 GiB total, 25,918 GiB free.

D: is FIXED (NTFS) - 1 GiB total, 1,213 GiB free.

E: is FIXED (NTFS) - 115 GiB total, 109,31 GiB free.

F: is CDROM (UDF)

G: is CDROM (UDF)

H: is CDROM (CDFS)

I: is CDROM ()

J: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Placa Microsoft ISATAP

Device ID: ROOT\*ISATAP\0004

Manufacturer: Microsoft

Name: Placa Microsoft ISATAP #4

PNP Device ID: ROOT\*ISATAP\0004

Service: tunnel

.

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}

Description: AU7PHWJM IDE Controller

Device ID: PCI\VEN_1095&DEV_0242&SUBSYS_09178954&REV_01\4&5D18F2DF&0

Manufacturer: (Standard mass storage controllers)

Name: AU7PHWJM IDE Controller

PNP Device ID: PCI\VEN_1095&DEV_0242&SUBSYS_09178954&REV_01\4&5D18F2DF&0

Service: assj97v5

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Actualização do Microsoft Office Excel 2007 Help (KB963678)

Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)

Actualização do Microsoft Office Word 2007 Help (KB963665)

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X - Português

Adobe Shockwave Player 11.5

Any Wallpaper 1.1.1

Apple Software Update

Aqua Dock

Arquivo do WinRAR

µTorrent

avast! Free Antivirus

banda larga tmn

Bluetooth Stack for Windows by Toshiba

Camera Assistant Software for Toshiba

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Dutch

CCC Help English

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Portuguese

CCC Help Spanish

CCC Help Swedish

CCleaner

D3DX10

DVD MovieFactory for TOSHIBA

EA Download Manager

Free YouTube Download version 2.10.31

Galeria de Fotografias do Windows Live

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Foto e Imagem 2.0 - All-in-One

HP Foto e Imagem 2.0 - All-in-One Drivers

Intel® Matrix Storage Manager

Java Auto Updater

Java 6 Update 23

Java 6 Update 6

Los Sims 2 Universitarios

Macromedia Flash Player 8

Manuais da TOSHIBA

Microsoft .NET Framework 3.5 Language Pack SP1 - ptg

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTG Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended PTG Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Portuguese (Portugal)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Portugal)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (Portuguese (Portugal)) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

Microsoft WSE 3.0 Runtime

Microsoft XML Parser

Mozilla Firefox 4.0 (x86 pt-BR)

MSVCRT

Os Sims 2 Aberto para Negócios

Os Sims 2 na Noite

Os Sims™ 2 Animais de Estimação

Os Sims™ 2 Tempos Livres

Os Sims™ 2 Viagens

Os Sims™ 3

Os Sims™ 3 Ambições Profissionais

Os Sims™ 3 Aventuras no Mundo

Os Sims™ 3 Design High Tech Acessórios

Os Sims™ 3 Pela Noite Dentro

Os Sims™ 3 Vida ao Ar Livre Acessórios

QuickTime

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02

RocketDock 1.3.5

SAPO Messenger

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2466156)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft Office Excel 2007 (KB2464583)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2464594)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Segoe UI

Silenciador Acústico da Unidade de CD/DVD

SimCity™ Societies

Skins

Synaptics Pointing Device Driver

The Sims 2

The Sims Medieval

The Sims™ 2 Seasons

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

Toshiba Online Product Information

TOSHIBA Recovery Disc Creator

TOSHIBA SD Memory Utilities

TOSHIBA Supervisor Password

Toshiba TEMPRO

TOSHIBA Value Added Package

TRDCReminder

TRORDCLauncher

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office Outlook 2007 (KB2509470)

Update for Outlook 2007 Junk Email Filter (KB2522999)

VirtualCloneDrive

WinAVI Video Converter

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

Wizard101

.

==== End Of File ===========================

O GMER ESTA NESTE LINK, POIS NAO CONSIGO INSERI-LO NO TOPICO. PEÇO DESCULPA PELO INCOMODO :o --> http://www.4shared.com/document/ma8rRVAY/gmertxt.html

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você possui dois antivírus instalado, escolha um e desinstale o outro.

Feito isso, poste novo log do DDS.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Você possui dois antivírus instalado, escolha um e desinstale o outro.

Feito isso, poste novo log do DDS.

Aqui esta o novo log do DDS:

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Joana at 10:12:39,86 on 27-04-2011

Internet Explorer: 8.0.6001.19048 BrowserJavaVersion: 1.6.0_23

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.351.2070.18.3069.1669 [GMT 1:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\AnyUtils\Any Wallpaper\AnyWallpaper.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SupportAppPT\ztemon_cd.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\wmiprvse.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Users\Joana\Desktop\dds.scr

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conime.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682

uDefault_Page_URL = hxxp://www.sapo.pt

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;

mSearchAssistant = about:blank

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {CCADEC52-D8E5-4DE4-9FA4-EADE0828890B} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [{DF030F23-4FA6-D1D6-75C7-D439E7BB3B44}] c:\users\joana\zoga\iqwyb.exe

uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

uRun: [Any Wallpaper] "c:\program files\anyutils\any wallpaper\AnyWallpaper.exe" "hide"

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-explorer: NoResolveTrack = 1 (0x1)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\joana\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\joana\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm

IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?PT

IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\joana\appdata\roaming\mozilla\firefox\profiles\y3o775ul.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.pt

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\joana\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-5 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-11 307288]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-11 19544]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-9-11 53592]

R2 Automatic CDROM Monitor;Automatic CDROM Monitor;c:\windows\system32\supportapppt\ztemon_cd.exe [2010-9-18 86016]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-11 42184]

R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]

R2 FontCache;Serviço de Cache de Tipos de Letra do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-7-3 7168]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PavPrSrv;Panda Process Protection Service;"c:\program files\common files\panda software\pavshld\pavprsrv.exe" --> c:\program files\common files\panda software\pavshld\pavprsrv.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-04-26 11:07:06 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{309d2c6f-07af-4ef0-9d8c-05ade486eabb}\mpengine.dll

2011-04-26 11:04:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-04-26 11:04:12 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-04-24 14:40:24 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-04-24 14:40:02 -------- d-----w- C:\VundoFix Backups

2011-04-24 13:26:20 -------- d--h--w- C:\$AVG

2011-04-24 12:41:08 -------- d-----w- c:\users\joana\appdata\roaming\AVG10

2011-04-24 12:27:25 -------- d--h--w- c:\progra~2\Common Files

2011-04-24 12:25:48 -------- d-----w- c:\progra~2\AVG10

2011-04-24 12:15:51 -------- d-----w- c:\progra~2\MFAData

2011-04-24 11:18:17 -------- d-s---w- C:\ComboFix

2011-04-24 11:03:08 -------- d-----w- c:\users\joana\appdata\roaming\Malwarebytes

2011-04-24 11:03:04 -------- d-----w- c:\progra~2\Malwarebytes

2011-04-24 11:02:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-04-24 09:43:45 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-04-24 09:43:45 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-04-23 17:00:00 -------- d-----w- c:\users\joana\appdata\local\{1935C5B4-41A3-4AE6-BDF3-378DB7C5F618}

2011-04-22 15:06:06 -------- d-----w- c:\progra~2\KingsIsle Entertainment

2011-04-16 15:29:25 -------- d-----w- c:\program files\VirtualVillagers_at

2011-04-16 15:10:53 -------- d-----w- c:\progra~2\Big Fish Games

2011-04-16 15:10:16 -------- d-----w- C:\BigFishGamesCache

2011-04-15 08:41:17 -------- d-----w- c:\progra~2\EA Core

2011-04-15 08:26:01 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-04-15 08:26:00 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-04-15 08:24:51 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-04-15 08:24:51 322560 ----a-w- c:\windows\system32\sbe.dll

2011-04-15 08:24:51 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-04-15 08:24:50 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-04-15 08:24:42 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-04-15 08:24:17 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-04-15 08:24:16 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-04-13 11:05:22 -------- d-----w- c:\users\joana\appdata\local\{C25632EA-918F-40DB-8662-127408F94A1F}

2011-04-10 20:30:21 -------- d-----w- c:\program files\RocketDock

2011-04-10 20:23:51 35332 ----a-w- c:\windows\system32\uninst.exe

2011-04-10 20:23:51 1350656 ----a-w- c:\windows\system32\Screen Antics.scr

2011-04-10 20:23:09 -------- d-----w- c:\program files\LIVEUPDATE

2011-04-10 20:23:09 -------- d-----w- c:\program files\Aqua Dock

2011-04-10 11:41:07 -------- d-----w- c:\users\joana\appdata\local\{98EFF7FF-0E44-40C5-BF27-2DE542B2F458}

2011-04-09 21:20:28 -------- d-----w- c:\users\joana\appdata\local\AnyUtils

2011-04-09 21:20:26 -------- d-----w- c:\program files\AnyUtils

2011-04-09 20:13:22 -------- d-----w- c:\users\joana\appdata\local\{9D3EE474-CB48-4F30-BB8F-E36FF96B8CE0}

2011-04-09 15:04:28 -------- d-----w- c:\users\joana\appdata\local\WpfDock

2011-04-09 14:57:59 -------- d-----w- c:\users\joana\appdata\roaming\BatteryBar

2011-04-08 18:49:41 -------- d-----w- c:\users\joana\appdata\local\{B1805E4C-E602-4528-96C0-4E878463534C}

2011-04-05 20:38:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-04-05 13:02:16 -------- d-----w- c:\windows\pss

2011-04-03 13:19:31 -------- d-----w- c:\users\joana\appdata\roaming\EuroTalk

2011-03-29 21:19:36 -------- d-----w- c:\users\joana\appdata\local\PackageAware

.

==================== Find3M ====================

.

2011-04-18 17:25:12 40112 ----a-w- c:\windows\avastSS.scr

2011-03-13 10:20:41 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-03-13 10:11:04 138056 ----a-w- c:\users\joana\appdata\roaming\PnkBstrK.sys

2011-03-13 10:10:49 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys

2011-03-02 15:44:27 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-02-22 14:13:01 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33:12 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-02-22 13:33:09 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-02-22 06:21:28 916480 ----a-w- c:\windows\system32\wininet.dll

2011-02-22 06:17:08 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-02-22 06:16:53 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-02-22 06:16:40 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-02-22 06:16:40 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-02-22 05:20:39 385024 ----a-w- c:\windows\system32\html.iec

2011-02-22 04:43:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-02-22 04:42:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-02-17 06:23:50 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-02-06 11:50:40 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 17:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 10:15:12,71 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

Configure o Windows para mostrar todos os arquivos

Acesse este site: http://virustotal.com/

Em File to upload coloque: c:\users\joana\zoga\iqwyb.exe

Em seguida clique em Submit

Copie e poste o resultado deste exame.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aqui esta tudo o que achei que podia ser necessario:

Antivirus Version Last Update Result

AhnLab-V3 2011.04.29.00 2011.04.28 -

AntiVir 7.11.7.79 2011.04.28 -

Antiy-AVL 2.0.3.7 2011.04.28 -

Avast 4.8.1351.0 2011.04.28 -

Avast5 5.0.677.0 2011.04.28 -

AVG 10.0.0.1190 2011.04.28 -

BitDefender 7.2 2011.04.28 -

CAT-QuickHeal 11.00 2011.04.28 -

ClamAV 0.97.0.0 2011.04.28 -

Commtouch 5.3.2.6 2011.04.28 -

Comodo 8509 2011.04.28 -

DrWeb 5.0.2.03300 2011.04.28 -

eSafe 7.0.17.0 2011.04.28 -

eTrust-Vet 36.1.8297 2011.04.28 -

F-Prot 4.6.2.117 2011.04.28 -

F-Secure 9.0.16440.0 2011.04.28 -

Fortinet 4.2.257.0 2011.04.28 -

GData 22 2011.04.28 -

Ikarus T3.1.1.103.0 2011.04.28 -

Jiangmin 13.0.900 2011.04.28 -

K7AntiVirus 9.98.4509 2011.04.28 -

Kaspersky 9.0.0.837 2011.04.28 -

McAfee 5.400.0.1158 2011.04.28 -

McAfee-GW-Edition 2010.1D 2011.04.28 -

Microsoft 1.6802 2011.04.28 -

NOD32 6079 2011.04.28 -

Norman 6.07.07 2011.04.28 -

Panda 10.0.3.5 2011.04.28 -

PCTools 7.0.3.5 2011.04.28 -

Prevx 3.0 2011.04.28 -

Rising 23.55.03.06 2011.04.28 -

Sophos 4.64.0 2011.04.28 -

SUPERAntiSpyware 4.40.0.1006 2011.04.28 -

Symantec 20101.3.2.89 2011.04.28 -

TheHacker 6.7.0.1.184 2011.04.27 -

TrendMicro 9.200.0.1012 2011.04.28 -

TrendMicro-HouseCall 9.200.0.1012 2011.04.28 -

VBA32 3.12.16.0 2011.04.27 -

VIPRE 9147 2011.04.28 -

ViRobot 2011.4.28.4435 2011.04.28 -

VirusBuster 13.6.326.1 2011.04.28 -

Additional information

MD5 : b95ed145eff5c3a9576f7ff0f11b428e

SHA1 : 7af6be62eee7d3b9add0a0503a5dba3ddc5c47e0

SHA256: ff6505a1264e6866c98e7e7df11e5f9bf8611934d12471c0de769f44fe291396

ssdeep: 3072:fXF9onTGorrxZR2C/Mr0mE5RxmwL36kyN/MiZVQjAKqP0UqudpTIQVDCsMLMy/:f1enSor

r904j5/2kc/5+AKq8UhdlCFL

File size : 164352 bytes

First seen: 2011-04-28 20:55:28

Last seen : 2011-04-28 20:55:28

Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID:

Win64 Executable Generic (59.6%)

Win32 Executable MS Visual C++ (generic) (26.2%)

Win32 Executable Generic (5.9%)

Win32 Dynamic Link Library (generic) (5.2%)

Generic Win/DOS Executable (1.3%)

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

PEiD: Armadillo v1.71

PEInfo: PE structure information

[[ basic data ]]

entrypointaddress: 0x2BD5

timedatestamp....: 0x4DBA0460 (Fri Apr 29 00:20:48 2011)

machinetype......: 0x14C (Intel I386)

[[ 4 section(s) ]]

name, viradd, virsiz, rawdsiz, ntropy, md5

.text, 0x1000, 0xA6EE, 0xA800, 6.58, f4dfc2f7db1126cb434176fc434016b9

.rdata, 0xC000, 0x14E4, 0x1600, 5.09, 0f5024b7d1c9c36df94c3c4d8d0d90f8

.data, 0xE000, 0x324FC, 0x1BC00, 7.64, 25cd129846caca691bfcf4b76288f10a

.rsrc, 0x41000, 0x260, 0x400, 2.01, d21c83edfee9fad9a717924832c5db4f

[[ 2 import(s) ]]

kernel32.dll: GetPriorityClass, CreateEventA, GetEnvironmentStringsW, GetCurrentThread, VirtualAlloc, GetTickCount, GetProcAddress, GetModuleHandleA, GetVersionExA, GetCommandLineA, CreateSemaphoreA, GetEnvironmentStrings, GetCommandLineW, IsDebuggerPresent, GetStdHandle, CompareStringW, CompareStringA, GetLocaleInfoW, GetTimeZoneInformation, GetStartupInfoA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, SetHandleCount, GetFileType, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetLastError, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, HeapFree, RtlUnwind, WriteFile, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, FatalAppExitA, GetCPInfo, GetACP, GetOEMCP, HeapAlloc, HeapReAlloc, IsBadWritePtr, LoadLibraryA, MultiByteToWideChar, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, InterlockedDecrement, InterlockedIncrement, Sleep, IsValidLocale, IsValidCodePage, GetLocaleInfoA, EnumSystemLocalesA, GetUserDefaultLCID, SetEnvironmentVariableA

msi.dll: -, -, -

ExifTool:

file metadata

CharacterSet: Unicode

CodeSize: 43008

CompanyName: Omdyuy

EntryPoint: 0x2bd5

FileFlagsMask: 0x0017

FileOS: Win32

FileSize: 160 kB

FileSubtype: 0

FileType: Win32 EXE

FileVersion: 1, 0, 0, 1

FileVersionNumber: 1.0.0.1

ImageVersion: 0.0

InitializedDataSize: 212992

LanguageCode: English (U.S.)

LegalCopyright: 1, 0, 0, 1

LinkerVersion: 9.0

MIMEType: application/octet-stream

MachineType: Intel 386 or later, and compatibles

OSVersion: 5.0

ObjectFileType: Executable application

OriginalFilename: Pijqbhke.exe

PEType: PE32

ProductVersion: 1, 0, 0, 1

ProductVersionNumber: 1.0.0.1

Subsystem: Windows GUI

SubsystemVersion: 5.0

TimeStamp: 2011:04:29 02:20:48+02:00

UninitializedDataSize: 0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aqui esta:

ComboFix 11-04-28.03 - Joana 29-04-2011 12:41:59.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.351.2070.18.3069.1914 [GMT 1:00]

Executando de: c:\users\Joana\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2011-03-28 to 2011-04-29 ))))))))))))))))))))))))))))

.

.

2011-04-29 11:47 . 2011-04-29 11:47 -------- d-----w- c:\users\Joana\AppData\Local\temp

2011-04-29 11:47 . 2011-04-29 11:47 -------- d-----w- c:\users\TMN\AppData\Local\temp

2011-04-29 11:47 . 2011-04-29 11:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-04-29 11:27 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69BCE6FF-C19F-4301-9A9F-3CA876930A6F}\mpengine.dll

2011-04-27 09:16 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-04-27 09:16 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-04-27 09:16 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-04-24 09:43 . 2011-04-24 14:20 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-04-24 09:43 . 2011-04-24 11:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-04-23 17:00 . 2011-04-23 17:00 -------- d-----w- c:\users\Joana\AppData\Local\{1935C5B4-41A3-4AE6-BDF3-378DB7C5F618}

2011-04-22 15:06 . 2011-04-22 15:06 -------- d-----w- c:\programdata\KingsIsle Entertainment

2011-04-16 15:29 . 2011-04-24 11:27 -------- d-----w- c:\program files\VirtualVillagers_at

2011-04-16 15:10 . 2011-04-24 11:27 -------- d-----w- c:\programdata\Big Fish Games

2011-04-16 15:10 . 2011-04-24 11:27 -------- d-----w- C:\BigFishGamesCache

2011-04-15 08:41 . 2011-04-15 08:41 -------- d-----w- c:\programdata\EA Core

2011-04-15 08:26 . 2011-02-16 14:02 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-04-15 08:26 . 2011-02-16 16:16 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-04-15 08:24 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll

2011-04-15 08:24 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-04-15 08:24 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-04-15 08:24 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-04-15 08:24 . 2011-03-03 10:50 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-04-15 08:24 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-04-15 08:24 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-04-13 11:05 . 2011-04-13 11:05 -------- d-----w- c:\users\Joana\AppData\Local\{C25632EA-918F-40DB-8662-127408F94A1F}

2011-04-10 20:30 . 2011-04-24 11:37 -------- d-----w- c:\program files\RocketDock

2011-04-10 20:23 . 2007-03-28 11:05 35332 ----a-w- c:\windows\system32\uninst.exe

2011-04-10 20:23 . 2004-03-31 22:38 1350656 ----a-w- c:\windows\system32\Screen Antics.scr

2011-04-10 20:23 . 2011-04-10 20:23 -------- d-----w- c:\program files\Aqua Dock

2011-04-10 20:23 . 2011-04-10 20:23 -------- d-----w- c:\program files\LIVEUPDATE

2011-04-10 11:41 . 2011-04-10 11:41 -------- d-----w- c:\users\Joana\AppData\Local\{98EFF7FF-0E44-40C5-BF27-2DE542B2F458}

2011-04-09 21:20 . 2011-04-09 21:20 -------- d-----w- c:\users\Joana\AppData\Local\AnyUtils

2011-04-09 21:20 . 2011-04-09 21:20 -------- d-----w- c:\program files\AnyUtils

2011-04-09 20:13 . 2011-04-09 20:13 -------- d-----w- c:\users\Joana\AppData\Local\{9D3EE474-CB48-4F30-BB8F-E36FF96B8CE0}

2011-04-09 15:04 . 2011-04-09 15:04 -------- d-----w- c:\users\Joana\AppData\Local\WpfDock

2011-04-09 14:57 . 2011-04-09 15:09 -------- d-----w- c:\users\Joana\AppData\Roaming\BatteryBar

2011-04-09 09:42 . 2011-04-09 09:42 -------- d-----w- c:\programdata\WindowsSearch

2011-04-08 18:49 . 2011-04-08 18:49 -------- d-----w- c:\users\Joana\AppData\Local\{B1805E4C-E602-4528-96C0-4E878463534C}

2011-04-05 20:38 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-04-03 13:19 . 2011-04-03 13:32 -------- d-----w- c:\users\Joana\AppData\Roaming\EuroTalk

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-18 17:25 . 2010-09-11 21:17 40112 ----a-w- c:\windows\avastSS.scr

2011-04-18 17:25 . 2010-09-11 21:17 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-04-18 17:17 . 2010-09-11 21:18 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-04-18 17:16 . 2010-09-11 21:18 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-04-18 17:13 . 2010-09-11 21:18 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-04-18 17:13 . 2010-09-11 21:18 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-04-18 17:12 . 2010-09-11 21:18 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-03-13 10:20 . 2011-01-29 10:50 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-03-13 10:11 . 2011-01-29 10:20 138056 ----a-w- c:\users\Joana\AppData\Roaming\PnkBstrK.sys

2011-03-13 10:10 . 2011-01-29 10:19 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-03-11 12:18 . 2010-06-24 11:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-03 15:40 . 2011-04-27 09:16 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll

2011-03-03 15:40 . 2011-04-27 09:16 542720 ----a-w- c:\windows\apppatch\AcLayers.dll

2011-03-03 15:40 . 2011-04-27 09:16 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2011-03-03 15:40 . 2011-04-27 09:16 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll

2011-02-06 11:50 . 2011-02-06 11:50 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 17:11 . 2010-09-11 13:00 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-03-18 18:04 . 2011-03-24 19:30 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-04-18 17:25 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"{DF030F23-4FA6-D1D6-75C7-D439E7BB3B44}"="c:\users\Joana\Zoga\iqwyb.exe" [2010-10-12 161280]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"Any Wallpaper"="c:\program files\AnyUtils\Any Wallpaper\AnyWallpaper.exe" [2008-07-26 122880]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk

backup=c:\windows\pss\hpoddt01.exe.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-11-15 21:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-11-15 21:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Any Wallpaper]

2008-07-26 16:24 122880 ----a-w- c:\program files\AnyUtils\Any Wallpaper\AnyWallpaper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aqua Dock]

2003-11-01 12:58 386560 ----a-w- c:\program files\Aqua Dock\Aqua Dock.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]

2011-04-18 17:25 3460784 ----a-w- c:\program files\Alwil Software\Avast5\AvastUI.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]

2008-05-28 11:40 20480 ----a-w- c:\program files\Google\Google EULA\GoogleEULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]

2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate]

2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]

2007-09-02 12:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2008-04-08 13:14 6037504 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

2007-11-20 16:15 1826816 ----a-w- c:\windows\SkyTel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2008-01-21 11:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-05-14 11:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO]

2008-04-24 09:22 103824 ----a-w- c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2011-04-20 14:09 549752 ----a-w- c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]

2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{DF030F23-4FA6-D1D6-75C7-D439E7BB3B44}]

2010-10-12 05:54 161280 ----a-w- c:\users\Joana\Zoga\iqwyb.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe"

.

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [x]

R2 Automatic CDROM Monitor;Automatic CDROM Monitor;c:\windows\system32\SupportAppPT\ztemon_cd.exe [2008-08-06 86016]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [x]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-16 436792]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-04-18 53592]

S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]

S2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]

S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682

IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Joana\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Joana\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

FF - ProfilePath -

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-29 12:47

Windows 6.0.6002 Service Pack 2 NTFS

.

Procurando processos ocultos ...

.

Procurando entradas auto inicializáveis ocultas ...

.

Procurando ficheiros/arquivos ocultos ...

.

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

.

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Tempo para conclusão: 2011-04-29 12:49:48

ComboFix-quarantined-files.txt 2011-04-29 11:49

ComboFix2.txt 2011-04-29 11:37

.

Pré-execução: 26.195.099.648 bytes livres

Pós execução: 26.149.089.280 bytes livres

.

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - 157ECA30D72A110EE2C503052E2914D4

Compartilhar este post


Link para o post
Compartilhar em outros sites

O ComboFix já foi executado antes? Está recebendo ajuda em outro fórum além daqui?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Procure e poste log em C:\Qoobox\Combofix1.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×