Log do HijackThis

Question

Fiz uma verifica&ccedil;&atilde;o completa hoje, com o Malwarebytes. Estava tudo bem, mas o log parece que apareceu algumas coisas.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:00:48, on 15/03/2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1363.0\mswinext.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Phone\Skype.exe
C:\Meus Documentos\DRIVERS\TMMonitor.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lopesnet.com.br/lopesnet.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1363.0
pwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Tracker Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1363.0\mswinext.exe
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User 'Default user')
O4 - Global Startup: TMMonitor.lnk = C:\Meus Documentos\DRIVERS\TMMonitor.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: http://crm.pronto.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSID3D0.tmp
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7391 bytes

Answer

Oi Monica, boa noite!

1)*Baixe o ((AD-Remover)) e salve-o no desktop
http://forum-aide-contre-virus.be/download/C_XX/AD-R.exe

*Duplo clique em AD-R.exe

*Clique em (Scan)
*Aguarde o t&eacute;rmino, quando terminar abrir&aacute; um relat&oacute;rio automatico.
*Copia e Cole aqui no F&oacute;rum, o relat&oacute;rio criado em C:\Ad-Report-SCAN.log

Answer

Oi brando lee!

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,A | ONLY XP/VISTA/7

=======
.
Updated by C_XX on 15/03/10 &agrave; 17:00
Contact: [email]AdRemover.contact@gmail.com[/email]
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Started: 23:18:04 le 15/03/2010 | Normal boot | Option: SCAN
Executed from: C:\Ad-Remover\ADR.exe
 Operating syst&egrave;m: Microsoft&reg; Windows Vista&trade; Ultimate 
Computer name: MONICA | Current user: usuario (Administrator)
.
============== FOUND ELEMENTS ==============
.
.
C:\Program Files\Ask.com
C:\Users\usuario\AppData\Local\Temp\AskSearch
C:\Users\usuario\AppData\Local\Temp\ASKSUTBLOG
C:\Users\usuario\AppData\Local\Temp\Del_AskHPRFF.VBS
C:\Users\usuario\AppData\LocalLow\AskToolbar
C:\Users\usuario\AppData\Roaming\Mozilla\FireFox\Profiles\q1eex5kf.d

efault\extensions	oolbar@ask.com
C:\Users\usuario\AppData\Roaming\Mozilla\FireFox\Profiles\q1eex5kf.d

efault\searchplugins\askcom.xml
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
.
HKCU\Software\AppDataLow\AskToolbarInfo
HKCU\Software\AppDataLow\Software\AskToolbar
HKCU\Software\Ask.com
HKCU\Software\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-

9ED71DEAF12A}
HKCU\Software\Microsoft\Internet

Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-

056A5EBA4A7E}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C

7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-

EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-

502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-

4243D8127440}
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB6

86953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-

160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-

3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-

E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-

47B8B1C05B56}
HKLM\Software\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-

9ED71DEAF12A}
HKLM\Software\Microsoft\Windows

NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for

Ask Toolbar
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S

-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4

B82A-ABED-442A-BE86-96357B70F4FE}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|

{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|

{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A

-4066-A1AD-4243D8127440}
.
============== ADDITIONNAL SCAN ==============
.
* Mozilla FireFox Version 3.5.8 (pt-BR) *
.
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.download.dir:

C:\Users\usuario\Downloads
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.download.lastDir:

C:\Users\usuario\Desktop
C:\Users\usuario\..\q1eex5kf.default\prefs.js -

browser.search.defaultenginename: Ask.com
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.search.defaulturl:

hxxp://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q=
C:\Users\usuario\..\q1eex5kf.default\prefs.js -

browser.search.selectedEngine: Ask.com
C:\Users\usuario\..\q1eex5kf.default\prefs.js -

browser.startup.homepage: hxxp://www.google.com.br/firefox?

client=firefox-a&rls=org.mozilla:pt-

BR:official|hxxps://www.google.com/accounts/ServiceLogin?

service=orkut&hl=pt-BR&rm=false&continue=http%3A%2F%

2Fwww.orkut.com%2FRedirLogin%3Fmsg%3D0%26page%3Dhttp%

253A%252F%252Fwww.orkut.com.br%

252FHome&cd=BR&passive=true&skipvpage=true&sendvemail=false|

hxxp://www.hardware.com.br/comunidade/|hxxp://www.espacocriand

o.com/Jardim_Secreto/index.htm|hxxp://login.live.com/login.srf?

wa=wsignin1.0&rpsnv=11&ct=1268128125&rver=6.0.5285.0&wp=MBI

&wreply=hxxp:%2F%2Fmail.live.com%

2Fdefault.aspx&lc=1046&id=64855&mkt=pt-br
C:\Users\usuario\..\q1eex5kf.default\prefs.js -

browser.startup.homepage_override.mstone: rv:1.9.1.8
C:\Users\usuario\..\q1eex5kf.default\prefs.js - keyword.URL:

hxxp://websearch.ask.com/redirect?

client=ff&src=kw&tb=TKR&o=15589&locale=en_US&q=
C:\Users\Convidado\..\s6j0f9oo.default\prefs.js -

browser.startup.homepage_override.mstone: rv:1.8.1.16
.
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(browser.search.defaultengine, Ask.com);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(browser.search.defaultenginename, Ask.com);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(browser.search.order.1, Ask.com);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(browser.search.selectedEngine, Ask.com);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.cbid, IY);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.default-channel-url-mask,

hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc});
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.fresh-install, false);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.l, dis);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.last-config-req, 1268704739007);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.locale, en_US);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.o, 15589);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.overlay-reloaded-using-restart, true);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.qsrc, 2871);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.r, 2);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.asktb.search-suggestions-uri,

hxxp://ss.websearch.ask.com/query?

qsrc=2922&li=ff&sstype=prefix&q={searchTerms});
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(extensions.enabledItems, msntoolbar@msn.com:5.0,{CAFEEFAC

-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000

-0017-ABCDEFFEDCBA}:6.0.17,{27182e60-b5f3-411c-b545-

b44205977502}:1.0,{B13721C7-F507-4982-B2E5-

502A71474FED}:3.3.0.3971,toolbar@ask.com:3.6.5.112,{972ce4c6-

7e08-4474-a285-3208198ce6fd}:3.5.8);
FOUND: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref

(keyword.URL, hxxp://websearch.ask.com/redirect?

client=ff&src=kw&tb=TKR&o=15589&locale=en_US&q=);
.
* Internet Explorer Version 7.0.6000.16945 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?

prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?

prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxps://www.lopesnet.com.br/lopesnet.asp
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?

prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?

prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?

prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Users\usuario\AppData\Local\Temp: 29 Files, 15 Folders
C:\Windows	emp: 47 Files, 2 Folders
C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Cookies: 18

Files, 2 Folders
Temporary Internet Files: 466 Files, 8 Folders
.
C:\Ad-Remover\Quarantine: 0 Files
C:\Ad-Remover\Backup: 0 Files
.
C:\Ad-Report-SCAN[1].txt - 8283 Byte(s)
.
End at:23:23:00, 15/03/2010
.
============== E.O.F - SCAN[1] ==============

Answer

*Duplo clique em AD-R.exe
*E clique em (Cleaner)
*Cole o rela t&oacute;rio aqui.

Answer

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,A | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 15/03/10 &agrave; 17:00
Contact: [email]AdRemover.contact@gmail.com[/email]
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Started: 06:38:51 le 16/03/2010 | Normal boot | Option: CLEAN
Executed from: C:\Ad-Remover\ADR.exe
 Operating syst&egrave;m: Microsoft&reg; Windows Vista&trade; Ultimate 
Computer name: MONICA | Current user: usuario (Administrator)
.
============== FIXED ELEMENTS ==============
.
.
C:\Program Files\Ask.com
C:\Users\usuario\AppData\Local\Temp\AskSearch
C:\Users\usuario\AppData\Local\Temp\ASKSUTBLOG
C:\Users\usuario\AppData\Local\Temp\Del_AskHPRFF.VBS
C:\Users\usuario\AppData\LocalLow\AskToolbar
C:\Users\usuario\AppData\Roaming\Mozilla\FireFox\Profiles\q1eex5kf.default\extensions	oolbar@ask.com
C:\Users\usuario\AppData\Roaming\Mozilla\FireFox\Profiles\q1eex5kf.default\searchplugins\askcom.xml
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

(!) -- Deleted temporary files.
.
HKCU\Software\AppDataLow\AskToolbarInfo
HKCU\Software\AppDataLow\Software\AskToolbar
HKCU\Software\Ask.com
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
.
============== ADDITIONNAL SCAN ==============
.
* Mozilla FireFox Version 3.5.8 (pt-BR) *
.
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.download.dir: C:\Users\usuario\Downloads
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.download.lastDir: C:\Users\usuario\Desktop
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.search.defaultenginename: Ask.com
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.search.defaulturl: hxxp://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q=
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.search.selectedEngine: Ask.com
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.startup.homepage: hxxp://www.google.com.br/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official|hxxps://www.google.com/accounts/ServiceLogin?service=orkut&hl=pt-BR&rm=false&continue=http%3A%2F%2Fwww.orkut.com%2FRedirLogin%3Fmsg%3D0%26page%3Dhttp%253A%252F%252Fwww.orkut.com.br%252FHome&cd=BR&passive=true&skipvpage=true&sendvemail=false|hxxp://www.hardware.com.br/comunidade/|hxxp://www.espacocriando.com/Jardim_Secreto/index.htm|hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268128125&rver=6.0.5285.0&wp=MBI&wreply=hxxp:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1046&id=64855&mkt=pt-br
C:\Users\usuario\..\q1eex5kf.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.8
C:\Users\usuario\..\q1eex5kf.default\prefs.js - keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=TKR&o=15589&locale=en_US&q=
C:\Users\Convidado\..\s6j0f9oo.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.8.1.16
.
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(browser.search.defaultengine, Ask.com);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(browser.search.defaultenginename, Ask.com);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(browser.search.order.1, Ask.com);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(browser.search.selectedEngine, Ask.com);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.cbid, IY);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.default-channel-url-mask, hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc});
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.fresh-install, false);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.l, dis);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.last-config-req, 1268704739007);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.locale, en_US);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.o, 15589);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.overlay-reloaded-using-restart, true);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.qsrc, 2871);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.r, 2);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.asktb.search-suggestions-uri, hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms});
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(extensions.enabledItems, msntoolbar@msn.com:5.0,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{27182e60-b5f3-411c-b545-b44205977502}:1.0,{B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971,toolbar@ask.com:3.6.5.112,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8);
ERASED: C:\Users\usuario\..\q1eex5kf.default\prefs.js - user_pref(keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=TKR&o=15589&locale=en_US&q=);
.
* Internet Explorer Version 7.0.6000.16945 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Users\usuario\AppData\Local\Temp: 3 Files, 14 Folders
C:\Windows	emp: 2 Files, 2 Folders
C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Cookies: 2 Files, 2 Folders
Temporary Internet Files: 2 Files, 8 Folders
.
C:\Ad-Remover\Quarantine: 120 Files
C:\Ad-Remover\Backup: 15 Files
.
C:\Ad-Report-CLEAN[1].txt - 8312 Byte(s)
C:\Ad-Report-SCAN[1].txt - 8406 Byte(s)
.
End at:06:43:48, 16/03/2010
.
============== E.O.F - CLEAN[1] ==============

Answer

Bom!, cole novo log do hijackthis.

********************************

E depois fa&ccedil;a um scan Online do Nod32.

*Fa&ccedil;a um Scan Online.

1) Acesse o site http://www.esetsoftware.com.br/onlinescan/ e Clique em ((Eset Online Scanner))

2)Na procima janela Baixe o Excutavel e Instale-o.

3) Abrindo o Programa Selecione marcando uma seta em ((Rastrear Arquivos)).

4) E Depois clique em [Configura&ccedil;&otilde;es Avan&ccedil;adas] e selecione marcando uma seta em ((Rastrear em busca de Aplicativos )) e clique em [Iniciar]

5)Aguarde o Download da Database, Termando o Iniciara o scan automatico.

6) Quando, Terminado o scan Clique em (Finalizar), Abra o Relat&oacute;rio ((Log.txt)) que se localiza na Pasta C:\Arquivos de programas\ESET\ESET Online Scanner\Log.txt e Copia e cole-o aqui.

Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:28:45, on 16/03/2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Phone\Skype.exe
C:\Meus Documentos\DRIVERS\TMMonitor.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1363.0\mswinext.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1363.0
pwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1363.0\mswinext.exe
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User 'Default user')
O4 - Global Startup: TMMonitor.lnk = C:\Meus Documentos\DRIVERS\TMMonitor.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: http://crm.pronto.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSID3D0.tmp
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7053 bytes

Answer

O relat&oacute;rio do Hijackthis esta limpo!, a Toolbar Ask, foi removida com sucesso.

H&aacute;, ia esquecendo para desinstala o programa AD-Remover, clique no bot&atilde;o (Uninstal).

E fa&ccedil;a um scan online seguindo os procedimentos acima, e se no caso n&atilde;o souber achar o relat&oacute;rio do Nod32, s&oacute; responde se ele detectou algun v&iacute;rus.

Answer

[quote=brando lee, post: 4861486]

********************************

E depois fa&ccedil;a um scan Online do Nod32.

*Fa&ccedil;a um Scan Online.

1) Acesse o site http://www.esetsoftware.com.br/onlinescan/ e Clique em ((Eset Online Scanner))

2)Na procima janela Baixe o Excutavel e Instale-o.

3) Abrindo o Programa Selecione marcando uma seta em ((Rastrear Arquivos)).

4) E Depois clique em [Configura&ccedil;&otilde;es Avan&ccedil;adas] e selecione marcando uma seta em ((Rastrear em busca de Aplicativos )) e clique em [Iniciar]

5)Aguarde o Download da Database, Termando o Iniciara o scan automatico.

6) Quando, Terminado o scan Clique em (Finalizar), Abra o Relat&oacute;rio ((Log.txt)) que se localiza na Pasta  e Copia e cole-o aqui.[/quote]

Pergunta:

1) Nod32 e o Eset... &Eacute; a mesma coisa...?

2) Sabe se demora muito o scan? &Eacute; que, talvez eu n&atilde;o possa acompanhar o scan agora.

:smile:

Answer

[quote=brando lee, post: 4861486]

1) Acesse o site http://www.esetsoftware.com.br/onlinescan/

[/quote]

N&atilde;o acessa...  
Not Found

The requested URL /onlinescan/ was not found on this server. 
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Answer

Sim, Eset se n&atilde;o me engano &eacute; o nome da empresa, que criou o Antivirus Nod32.

Tenta esse link:
http://translate.google.com.br/translate?hl=pt-BR&sl=en&u=http://www.eset.com/onlinescan/&ei=936fS6OMPI6RuAf2kvnEDQ&sa=X&oi=translate&ct=result&resnum=1&ved=0CBAQ7gEwAA&prev=/search%3Fq%3DNod32%2Bonline%26hl%3Dpt-BR%26client%3Dfirefox-a%26hs%3DTpW%26sa%3DG%26rls%3Dorg.mozilla:pt-BR:official%26channel%3Ds

Answer

&Eacute;... demora... :deu_sono:
&Eacute; esse o relat&oacute;rio?

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=bf8eb9139e5f7a448dcb8b5afb1c525a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-03-16 03:58:05
# local_time=2010-03-16 12:58:05 (-0300, Hora oficial do Brasil)
# country=Brazil
# lang=1033
# osver=6.0.6000 NT 
# compatibility_mode=512 16777215 100 0 5977033 5977033 0 0
# compatibility_mode=768 16777175 100 0 1318061 1318061 0 0
# compatibility_mode=1024 16777215 100 0 51067789 51067789 0 0
# compatibility_mode=5892 16776573 100 100 331915 105352678 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=163377
# found=1
# cleaned=1
# scan_time=10062
C:\Users\usuario\Downloads\aTube_Catcher_Installer.exe    Win32/Adware.ADON application (deleted - quarantined)    00000000000000000000000000000000    C

Answer

Sim &eacute; esse o relat&oacute;rio!, &eacute; demora mesmo, ele detecto um v&iacute;rus e j&aacute; eliminou.
Pode desinstalar o Nod32 Online.
Esta limpo seu PC.

At&eacute;, um abra&ccedil;o..

Answer

Ok! 
Obrigada brando lee!
Um abra&ccedil;o :tchau:

Answer

De nada! :)

At&eacute;..

Ferramentas

Mover Tópico