Logo Hardware.com.br
matuto2003
matuto2003 Membro Senior Registrado
237 Mensagens 0 Curtidas

Alguém já viu isso???

#1 Por matuto2003 19/12/2009 - 20:34
Um cliente meu depois baixar musicas pelo Emule, ao tentar executar pelo windows media player, é direcionado ao site http://free.x3codec.com, que o IE8 não deixa abrir.

Passei o spybot atualizado e nada...Passei tb o MacAfee atualizado e nada foi localizado...


Será que é virus ou somente um codec a mais que o media player não tem???

Vlaeuss
baixar cliente media musicas emule executar passei viu ie8
brando lee
brando lee Zerinho Registrado
2.4K Mensagens 97 Curtidas
#2 Por brando lee
19/12/2009 - 20:45
1)*Faça o Download do programa ((OTlist)) no link abaixo e Salve o arquivo no desktop
http://oldtimer.geekstogo.com/OTL.exe

2)*Duplo clique em OTL.exe
*Marque as opções: ((Scan All Users)) e ((Use Conpany name Whitelist))
*Clique em ((Run Scan)) e aguarde o término do processo
*Os resultados serão criados no desktop: (OTListIt.txt) e abrirá automatico o Relatório
*Copia o Relatótio Todo e cole aqui.
Imagem
Ficarei um tempo ausente no Fórum, muito Ocupado, coisas mais importante pra fazer "Trabalho".


Removendo vírus pelo bloco de notas!


matuto2003
matuto2003 Membro Senior Registrado
237 Mensagens 0 Curtidas
#3 Por matuto2003
19/12/2009 - 22:41
Olá Brando Lee:

Fiz como vc disse e veja o resultado.

OTL logfile created on: 19/12/2009 22:23:18 - Run 2
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Papai\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 232,88 Gb Total Space | 184,13 Gb Free Space | 79,07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NONE-B30DC9D052
Current User Name: Papai
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/19 22:18:31 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Papai\Desktop\OTL.exe
PRC - [2009/11/05 23:15:22 | 00,053,704 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- c:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Arquivos de programas\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 10:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Arquivos de programas\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 09:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Arquivos de programas\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/10 01:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Arquivos de programas\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 12:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Arquivos de programas\Arquivos comuns\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 20:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Arquivos de programas\Arquivos comuns\McAfee\MNA\McNASvc.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
PRC - [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Bonjour\mDNSResponder.exe
PRC - [2008/11/02 15:02:50 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe
PRC - [2008/04/13 20:21:00 | 01,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/30 19:47:48 | 00,393,216 | ---- | M] (Creative Technology Ltd) -- C:\Arquivos de programas\Creative\Shared Files\CTAudSvc.exe
PRC - [2007/05/30 12:35:10 | 00,125,064 | ---- | M] (Open Communications Security S/A) -- C:\WINDOWS\system32\SnAgOS.EXE
PRC - [2007/05/30 12:34:54 | 00,280,712 | ---- | M] (Open Communications Security S/A) -- C:\WINDOWS\system32\SnEngine.EXE
PRC - [2007/05/30 12:34:42 | 00,280,712 | ---- | M] (Open Communications Security S/A) -- C:\WINDOWS\system32\SnMgrSvc.exe
PRC - [2006/07/25 00:33:42 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006/01/17 02:05:20 | 01,527,895 | ---- | M] (The Firebird Project) -- C:\Arquivos de programas\Firebird\Firebird_1_5\bin\fbserver.exe
PRC - [2006/01/17 02:05:20 | 00,065,536 | ---- | M] (The Firebird Project) -- C:\Arquivos de programas\Firebird\Firebird_1_5\bin\fbguard.exe
PRC - [2005/10/31 11:51:52 | 00,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Arquivos de programas\Creative\SBAudigy\Surround Mixer\CTSysVol.exe


========== Modules (SafeList) ==========

MOD - [2009/12/19 22:18:31 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Papai\Desktop\OTL.exe
MOD - [2009/12/19 18:33:46 | 00,186,504 | ---- | M] (Open Communications Security S/A) -- C:\WINDOWS\system32\SnAgOS.TMP
MOD - [2007/05/30 12:34:36 | 00,092,296 | ---- | M] (Open Communications Security S/A) -- C:\WINDOWS\system32\Sngw.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/05 23:15:22 | 00,053,704 | ---- | M] ( ) [Unknown | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Arquivos de programas\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 11:23:32 | 00,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 10:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Arquivos de programas\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 09:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Arquivos de programas\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/08/17 13:01:44 | 00,099,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Arquivos de programas\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009/08/05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/10 01:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Arquivos de programas\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 12:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 20:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/05/29 12:47:24 | 01,005,904 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Arquivos de programas\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/02 15:02:50 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/10/05 17:43:13 | 00,068,096 | ---- | M] () [Disabled | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2008/01/30 19:47:48 | 00,393,216 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Arquivos de programas\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007/05/30 12:34:42 | 00,280,712 | ---- | M] (Open Communications Security S/A) [Auto | Running] -- C:\WINDOWS\System32\SnMgrSvc.exe -- (SNMgrSvc)
SRV - [2007/04/23 12:43:54 | 00,310,008 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2007/04/23 12:43:54 | 00,166,648 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2007/04/23 12:43:46 | 01,010,424 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2007/04/22 21:29:34 | 00,088,824 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Arquivos de programas\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/04/22 21:29:32 | 00,359,160 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Arquivos de programas\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2006/07/25 00:33:42 | 00,127,043 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/01/17 02:05:20 | 01,527,895 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Arquivos de programas\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006/01/17 02:05:20 | 00,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Arquivos de programas\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/09/20 17:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/11/05 23:16:40 | 00,030,408 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm)
DRV - [2009/09/16 10:22:48 | 00,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 00,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 00,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 00,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/07 23:46:56 | 00,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009/08/05 22:48:42 | 00,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/16 13:32:26 | 00,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/05/29 12:47:40 | 00,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/04/13 10:39:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/05/30 12:21:42 | 00,015,048 | ---- | M] (Open Communications Security SA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\psseckbd.sys -- (Ps2KSecureKeyboard)
DRV - [2007/05/30 12:21:42 | 00,012,464 | ---- | M] (Open Communications Security SA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vhsecmou.sys -- (vhidmini)
DRV - [2007/04/13 17:58:10 | 00,034,440 | ---- | M] (Open Communications Security S/A) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SNSMS.SYS -- (SNSMS)
DRV - [2007/04/13 17:48:32 | 00,022,272 | ---- | M] (Open Communications Security) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SNSID.SYS -- (SNSID)
DRV - [2007/03/23 04:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/01/18 11:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2006/11/07 20:02:04 | 00,022,272 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2006/08/07 20:30:52 | 00,162,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2006/07/25 00:33:40 | 03,095,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/07/07 06:14:30 | 01,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005/05/19 07:55:12 | 00,227,200 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx)
DRV - [2005/04/27 17:22:28 | 00,060,928 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viamraid.sys -- (viamraid)
DRV - [2005/03/16 04:23:54 | 00,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2005/01/10 08:15:30 | 00,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 08:15:24 | 00,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/08/04 10:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 10:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2004/08/03 20:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/07/15 17:00:00 | 00,578,368 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2002/07/16 22:53:02 | 00,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.BAK -- (ASPI32)
DRV - [2002/06/03 22:38:38 | 00,311,684 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P1001Vid.sys -- (P1001VID) Creative WebCam (WDM)
DRV - [2002/04/01 14:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001/08/17 22:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 18:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: (776 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Arquivos de programas\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Arquivos de programas\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de programas\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Arquivos de programas\GbPlugin\gbiehscd.dll (Sicredi)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CTSysVol] C:\Arquivos de programas\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [mcagent_exe] C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Arquivos de programas\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} https://ww7.banrisul.com.br/bxz/data/securecontrol2k.cab (CAtmCap Object)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.21.192.132 201.21.192.137
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginScd: DllName - C:\ARQUIV~1\GbPlugin\gbiehscd.dll - C:\Arquivos de programas\GbPlugin\gbiehscd.dll (Sicredi)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Arquivos de programas\GbPlugin\gbiehscd.dll (Sicredi)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/09 18:59:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/19 22:18:17 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Papai\Desktop\OTL.exe
[2009/12/07 16:58:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2009/12/05 21:44:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/12/05 21:44:35 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\MSBuild
[2009/12/05 21:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/12/05 21:44:29 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Reference Assemblies
[2009/12/05 21:44:18 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/12/05 21:44:18 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/12/05 21:44:17 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/12/05 21:44:17 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/12/05 21:44:17 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/12/05 21:44:17 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/12/05 21:44:17 | 00,000,000 | ---D | C] -- C:\34bef76f89c53ad697b01353a1
[2009/12/05 19:22:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/12/05 17:47:55 | 00,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/12/05 16:41:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
[2009/12/05 16:41:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Spybot - Search & Destroy
[2009/11/21 13:14:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Papai\Dados de aplicativos\dvdcss
[2009/09/20 22:26:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Roxio
[2009/04/07 09:16:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Adobe
[2008/11/08 12:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft
[2008/11/08 12:49:41 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft
[2008/11/08 12:49:41 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft
[2008/11/08 12:49:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft
[2008/09/09 19:42:03 | 00,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Dados de aplicativos\*.tmp files -> C:\Documents and Settings\All Users\Dados de aplicativos\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/19 22:18:31 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Papai\Desktop\OTL.exe
[2009/12/19 19:01:55 | 05,767,168 | -H-- | M] () -- C:\Documents and Settings\Papai\NTUSER.DAT
[2009/12/19 18:33:52 | 00,022,175 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/12/19 18:33:48 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/19 18:33:39 | 00,017,521 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/12/19 18:32:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/19 18:32:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/15 23:26:35 | 00,000,210 | -HS- | M] () -- C:\Documents and Settings\Papai\ntuser.ini
[2009/12/13 16:17:41 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Papai\Meus documentos\Emails a analisar.doc
[2009/12/09 14:02:40 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/07 20:16:50 | 00,042,456 | ---- | M] () -- C:\Documents and Settings\Papai\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT
[2009/12/07 17:00:12 | 00,000,056 | -H-- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\ezsidmv.dat
[2009/12/06 14:02:21 | 01,018,218 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/06 14:02:21 | 00,468,440 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2009/12/06 14:02:21 | 00,432,670 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/06 14:02:21 | 00,079,370 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2009/12/06 14:02:21 | 00,067,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/06 12:10:30 | 00,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/05 17:52:01 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/12/05 17:52:00 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/12/05 17:31:22 | 01,095,063 | ---- | M] () -- C:\Documents and Settings\Papai\Desktop\VirtualDJ Database v5.xml
[2009/12/05 16:42:00 | 00,000,989 | ---- | M] () -- C:\Documents and Settings\Papai\Desktop\Spybot - Search & Destroy.lnk
[2009/12/05 16:21:34 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/04 21:18:38 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/12/02 10:39:03 | 00,000,748 | -H-- | M] () -- C:\WINDOWS\System32\SNRULE.SNP
[2009/12/02 10:39:03 | 00,000,748 | -H-- | M] () -- C:\WINDOWS\System32\SNRULE.SNC
[2009/12/02 10:39:03 | 00,000,172 | -H-- | M] () -- C:\WINDOWS\System32\SNRULE.SNS
[2009/11/22 11:12:44 | 00,127,488 | ---- | M] () -- C:\Documents and Settings\Papai\Desktop\mymail.doc
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Dados de aplicativos\*.tmp files -> C:\Documents and Settings\All Users\Dados de aplicativos\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/13 16:17:41 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Papai\Meus documentos\Emails a analisar.doc
[2009/12/07 17:00:12 | 00,000,056 | -H-- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\ezsidmv.dat
[2009/12/05 16:42:00 | 00,000,989 | ---- | C] () -- C:\Documents and Settings\Papai\Desktop\Spybot - Search & Destroy.lnk
[2009/10/23 19:46:23 | 11,808,768 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\sandra.mda
[2009/10/12 12:47:55 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/10/09 01:18:08 | 00,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2009/10/09 01:18:08 | 00,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/09/05 14:13:15 | 00,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2009/06/15 21:59:40 | 00,000,029 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2009/04/27 00:10:37 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\MSJCE.dll
[2009/04/01 22:07:17 | 00,002,587 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/04/01 22:07:14 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/10/07 21:26:36 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Papai\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/23 18:36:23 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/13 19:12:50 | 00,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
[2008/09/13 09:53:56 | 00,186,504 | ---- | C] () -- C:\WINDOWS\System32\SnAgOS.DLL
[2008/09/13 09:53:56 | 00,002,560 | ---- | C] () -- C:\WINDOWS\System32\SNLINK.DLL
[2008/09/10 22:40:11 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/09 23:53:44 | 00,000,223 | ---- | C] () -- C:\WINDOWS\System32\P1001Twn.ini
[2008/09/09 19:42:02 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2006/07/25 00:33:40 | 00,548,864 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/05/03 09:38:42 | 00,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 08:48:18 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
< End of report >
brando lee
brando lee Zerinho Registrado
2.4K Mensagens 97 Curtidas
#4 Por brando lee
19/12/2009 - 23:04
*Baixe o ((AD-Remover)) e salve-o no desktop
http://forum-aide-contre-virus.be/download/C_XX/AD-R.exe

*Duplo clique em AD-R.exe e instale o programa.
*Duplo clique no ícone criado no desktop e clique em [Oui]
*Tecle (L) -> [ENTER]
*Aguarde o término
*Copia e Cole aqui no Fórum, o relatório criado em C:\Ad-Report-SCAN.log
Ficarei um tempo ausente no Fórum, muito Ocupado, coisas mais importante pra fazer "Trabalho".


Removendo vírus pelo bloco de notas!


matuto2003
matuto2003 Membro Senior Registrado
237 Mensagens 0 Curtidas
#5 Por matuto2003
20/12/2009 - 11:34
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_F | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 20.12.2009 at 12:28
Contact: [EMAIL="AdRemover.contact@gmail.com"]AdRemover.contact@gmail.com[/EMAIL]
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 10:11:44, dom 20/12/2009 | Normal Boot | Option: CLEAN
Executed from: C:\Arquivos de programas\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 versÆo 5.1.2600
Computer Name: NONE-B30DC9D052 | Current user: Papai
.
============== NEUTRALIZED ELEMENT(S) ==============
.
C:\DOCUME~1\Papai\MENUIN~1\PROGRA~1\Ask Search Assistant
C:\Arquivos de programas\Ask Search Assistant
C:\Arquivos de programas\Search Settings
C:\DOCUME~1\Papai\DADOSD~1\Search Settings
C:\Windows\Installer\f6d43.msi
C:\Documents and Settings\Laura\Dados de aplicativos\Dealio
C:\Documents and Settings\Laura\Dados de aplicativos\Search Settings
C:\Documents and Settings\Convidado\Dados de aplicativos\Search Settings
(!) -- Temp files deleted.

.
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============

.
527 Byte(s) - C:\Ad-Report-CLEAN[1].log
3313 Byte(s) - C:\Ad-Report-CLEAN[2].log
.
2 File(s) - C:\DOCUME~1\Papai\CONFIG~1\Temp
5 File(s) - C:\WINDOWS\Temp
0 File(s) - C:\WINDOWS\Prefetch
.
18 File(s) - C:\Arquivos de programas\Ad-Remover\BACKUP
264 File(s) - C:\Arquivos de programas\Ad-Remover\QUARANTINE
.
End at: 11:14:14 | dom 20/12/2009 - CLEAN[2]
.
============== E.O.F ==============
.
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal