ComboFix 09-12-25.05 - will 12/26/2009 13:23:48.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.1948 [GMT -6:00]
Running from: c:\users\will\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2205956746-275866889-86147075-500
c:\$recycle.bin\S-1-5-21-2819002435-850761837-2018973860-500
c:\program files\Web Search Operator\4.1.0.2080\wso.dll------
.
((((((((((((((((((((((((( Files Created from 2009-11-26 to 2009-12-26 )))))))))))))))))))))))))))))))
.
2009-12-26 19:29 . 2009-12-26 19:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-26 15:33 . 2009-12-26 15:33 -------- d-----w- c:\users\will\AppData\Roaming\Template
2009-12-26 04:13 . 2009-12-26 05:52 -------- d-----w- c:\users\will\DoctorWeb
2009-12-26 00:36 . 2009-12-26 00:36 -------- d-----w- c:\users\will\AppData\Local\Textual Content Provider
2009-12-26 00:35 . 2009-12-26 00:35 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-25 04:00 . 2009-12-25 04:00 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlig ht\MCESpotlight\SpotlightResources.dll
2009-12-24 03:24 . 2009-12-26 03:54 -------- d-----w- c:\program files\Ad-Remover
2009-12-21 20:31 . 2009-12-22 17:17 -------- d-----w- c:\program files\Zeallsoft
2009-12-21 19:53 . 2009-12-22 17:11 -------- d-----w- c:\program files\ZD Soft
2009-12-20 05:39 . 2009-06-30 15:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-12-20 05:36 . 2009-12-20 05:36 -------- d-----w- c:\program files\Panda Security
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\programdata\QuestService
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\QuestService
2009-12-19 15:01 . 2009-12-09 13:00 58744 ----a-w- c:\programdata\QuestService\questservice110.exe
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Textual Content Provider
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Content Management Wizard
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\users\will\AppData\Local\Internet Today
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Internet Today
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Customized Platform Advancer
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Automated Content Enhancer
2009-12-19 15:01 . 2009-12-19 15:01 -------- d-----w- c:\program files\Web Search Operator
2009-12-19 15:01 . 2009-12-19 18:52 -------- d-----w- c:\program files\HottieStar Toolbar
2009-12-11 01:43 . 2008-10-02 21:58 2014208 ----a-w- c:\users\will\AppData\Roaming\Mozilla\Firefox\Prof iles\hfliptg5.default\extensions\ustreampublisher@ ustream.tv\platform\WINNT_x86-msvc\plugins\npustreampublisher.dll
2009-12-09 09:02 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 09:02 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 09:02 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-05 18:30 . 2009-12-05 18:30 -------- d-----w- c:\users\will\AppData\Roaming\Xilisoft Corporation
2009-12-05 17:19 . 2009-12-05 17:19 -------- d-----w- c:\programdata\Apple Computer
2009-12-03 16:48 . 2009-12-03 16:48 680 ----a-w- c:\users\will\AppData\Local\d3d9caps.dat
2009-11-30 22:58 . 2009-12-22 17:38 -------- d-----w- c:\programdata\boost_interprocess
2009-11-30 22:58 . 2009-12-22 17:35 -------- d-----w- c:\users\will\AppData\Roaming\Multi File Downloader
2009-11-30 07:42 . 2009-12-21 01:02 -------- d-----w- c:\users\will\AppData\Local\The Weather Channel
2009-11-28 09:18 . 2009-11-28 09:18 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-28 09:01 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-27 04:46 . 2009-11-27 04:46 -------- d-----w- c:\windows\system32\ca-ES
2009-11-27 04:46 . 2009-11-27 04:46 -------- d-----w- c:\windows\system32\eu-ES
2009-11-27 04:46 . 2009-11-27 04:46 -------- d-----w- c:\windows\system32\vi-VN
2009-11-27 04:33 . 2009-11-27 04:33 -------- d-----w- c:\windows\system32\EventProviders
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-12-26 19:15 . 2009-09-22 01:45 -------- d-----w- c:\users\will\AppData\Roaming\Skype
2009-12-26 19:15 . 2009-05-09 07:04 -------- d-----w- c:\users\will\AppData\Roaming\Orbit
2009-12-26 19:15 . 2009-09-22 01:52 -------- d-----w- c:\users\will\AppData\Roaming\skypePM
2009-12-26 15:33 . 2009-12-26 15:33 0 ----a-w- c:\users\will\AppData\Roaming\wklnhst.dat
2009-12-21 19:24 . 2009-05-02 04:43 75264 ----a-w- c:\users\will\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-21 01:55 . 2008-10-23 09:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-21 01:11 . 2008-10-23 09:57 -------- d-----w- c:\programdata\WildTangent
2009-12-21 01:11 . 2008-10-23 09:57 -------- d-----w- c:\program files\HP Games
2009-12-21 00:57 . 2009-05-17 18:03 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-21 00:40 . 2009-05-15 17:22 -------- d-----w- c:\users\will\AppData\Roaming\vlc
2009-12-21 00:40 . 2009-09-22 01:45 -------- d-----w- c:\program files\Common Files\Skype
2009-12-21 00:40 . 2008-10-23 10:25 -------- d-----w- c:\program files\Microsoft Works
2009-12-20 20:10 . 2008-10-23 10:53 -------- d-----w- c:\program files\Java
2009-12-19 19:00 . 2008-10-23 10:43 -------- d-----w- c:\program files\CyberLink
2009-12-09 09:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 09:02 . 2008-10-23 10:38 -------- d-----w- c:\programdata\Microsoft Help
2009-12-07 16:30 . 2009-05-08 15:21 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-28 09:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-28 09:18 . 2009-11-28 09:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_ 07_00.Wdf
2009-11-28 09:18 . 2009-11-28 09:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_ 00.Wdf
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-11-27 04:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-11-26 13:19 . 2009-11-26 13:19 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb3394.tmp.exe
2009-11-24 20:35 . 2009-07-08 10:17 -------- d-----w- c:\users\will\AppData\Roaming\gtk-2.0
2009-11-23 02:28 . 2009-11-23 01:57 -------- d-----w- c:\users\will\AppData\Roaming\Photo DVD Slideshow
2009-11-23 01:57 . 2009-11-23 01:57 -------- d-----w- c:\programdata\Anvsoft
2009-11-21 06:40 . 2009-12-08 23:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-08 23:49 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-08 23:49 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-08 23:49 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-14 17:39 . 2009-05-24 17:21 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-11-14 17:39 . 2009-05-24 17:21 -------- d-----w- c:\program files\DVDVideoSoft
2009-11-03 02:42 . 2009-10-27 02:02 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 01:23 . 2009-10-30 17:10 -------- d-----w- c:\users\will\AppData\Roaming\dvdcss
2009-10-29 09:17 . 2009-11-26 09:01 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-28 03:49 . 2009-10-28 03:49 -------- d-----w- c:\program files\Panopreter
2009-10-20 02:30 . 2009-10-20 02:30 3584 ----a-r- c:\users\will\AppData\Roaming\Microsoft\Installer\ {121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-10-08 21:08 . 2009-11-28 09:01 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-28 09:01 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-28 09:01 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-07 11:36 . 2009-12-08 23:49 243712 ----a-w- c:\windows\system32\rastls.dll
2009-10-01 01:02 . 2009-11-28 09:01 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-28 09:01 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-28 09:01 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-28 09:01 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-28 09:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-28 09:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-28 09:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-28 09:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-28 09:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-28 09:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.d ll
2009-10-01 01:01 . 2009-11-28 09:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-28 09:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-28 09:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-28 09:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-28 09:01 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-29 02:45 . 2009-09-29 02:18 81920 ----a-w- c:\users\will\AppData\Roaming\Macromedia\Flash Player\
www.macromedia.com\bin\acaddin\connecthook.dll
2009-09-29 02:45 . 2009-09-29 02:18 190976 ----a-w- c:\users\will\AppData\Roaming\Macromedia\Flash Player\
www.macromedia.com\bin\acaddin\connectsprd.dll
2009-09-29 02:18 . 2009-09-29 02:18 4183224 ----a-w- c:\users\will\AppData\Roaming\Macromedia\Flash Player\
www.macromedia.com\bin\acaddin\acaddin.exe
2008-10-23 10:05 . 2008-10-23 09:55 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\will\AppData\Local\Google\Update \GoogleUpdate.exe" [2009-09-17 133104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-09-19 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-21 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-10 170520]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-07-10 145944]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMen u.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-19 122368]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-21 149280]
"Super Screen Capture"="c:\program files\Zeallsoft\Super Screen Capture\SSCapture.exe" [2007-03-09 3025920]
c:\users\will\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-5-9 1719496]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 22:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2009-03-02 17:08 209153 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2008-09-30 23:56 972080 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 17:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-09-24 00:21 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-04-17 18:05 1049896 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu. exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStart Menu.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):4b,8f,12,75,1d,6f,ca,01
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboo t.sys [12/19/2009 11:39 PM 28552]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/8/2009 9:21 AM 108289]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [10/23/2008 4:56 AM 365952]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [6/29/2008 8:52 AM 112128]
S2 scpVista;scpVista;c:\program files\Scpad\scpVista.exe [5/11/2009 9:30 AM 136448]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [10/23/2008 3:55 AM 193840]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [1/20/2008 8:23 PM 21504]
S3 vgadrv;vgadrv;c:\windows\System32\drivers\vgadrv.s ys [6/10/2006 3:41 AM 8078]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.br/
mWindow Title =
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6 097707281E79.dll/cmsidewiki.html
DPF: Justin.tv Publisher - hxxp://pt-br.justin.tv/plugins/justintv_publisher.CAB
DPF: Ustream Publisher - hxxp://static.ustream.tv/plugin/3.1.5.2/ustream_publisher.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
FF - ProfilePath - c:\users\will\AppData\Roaming\Mozilla\Firefox\Prof iles\hfliptg5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br
FF - component: c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.dll
FF - component: c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.dll
FF - component: c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\will\AppData\Local\Google\Update\1.2.183. 13\npGoogleOneClick8.dll
FF - plugin: c:\users\will\AppData\Roaming\Mozilla\Firefox\Prof iles\hfliptg5.default\extensions\ustreampublisher@ ustream.tv\platform\WINNT_x86-msvc\plugins\npustreampublisher.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.
- - - - ORPHANS REMOVED - - - -
BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\DealioToolbarIE.dll
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
HKLM-Run-Internet Today Task - c:\program files\Internet Today\1.1.0.1260\InternetToday.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_07\bin\jusched.exe
MSConfigStartUp-VVSN - c:\program files\VVSN\VVSN.exe
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-12-26 13:31
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(660)
c:\program files\Scpad\scpLIB.dll
c:\program files\Scpad\scpMIB.dll
c:\program files\Scpad\sshib.dll
.
Completion time: 2009-12-26 13:33:12
ComboFix-quarantined-files.txt 2009-12-26 19:33
Pre-Run: 222,950,760,448 bytes free
Post-Run: 222,931,730,432 bytes free
- - End Of File - - F6195F7DBC8735B125AE01F6A92956B6
Problema no IE8 e Firefox 3,5
. Nós temos 759.317 usuários, convidamos você fazer parte de nossa comunidade também! Se ainda não encontrou o que procura use nossa pesquisa. Esperamos que aprecie nosso trabalho.
Problema no IE8 e Firefox 3,5
Crie uma pasta, e nomeia-a de Hijackthis..
Visite nosso 
Duplo clique em launch.exe
