Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Boa tarde galera,
Tem tempo que nao faço um 'checkup' do pc aqui no forum.
Ele anda dando umas congeladas com necessidade ate mesmo de reiniciar. E a memoria usada no CTRL ALT DEL sempre fica em alta nakela barrinha verde.
Segue o log! :thumbsup:
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:01:34, on 15/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\RTHDCPL.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\qttask.exe
C:\Windows\SysWOW64\conime.exe
C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\javaw.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ACE Mega CoDecS Pack\Media Player Classic\mplayerc.exe
C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\hijackthis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\SysWOW64\qttask.exe" -atboottime
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-21-1094363809-2537201261-1953011900-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7437 bytes
Bom dia Digram!!
SCAN:
--------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7 REPORT Wednesday, November 19, 2008 Operating System: Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Tuesday, November 18, 2008 21:05:17 Records in database: 1392277--------------------------------------------------------------------------------Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yesScan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\Scan statistics: Files scanned: 182550 Threat name: 6 Infected objects: 18 Suspicious objects: 0 Duration of the scan: 01:50:35File name / Threat name / Threats countC:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RDVAJ0L.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RFEMBCG.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RO98KS9.mp3 Infected: Trojan-Downloader.WMA.GetCodec.f 1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RSJ73TE.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\temp\LimewirePro Setup\Setup.exe Infected: Trojan.Win32.FormatC.ad 1C:\Users\Gustavo\Documents\Downloads\Incomplete\Preview-T-3545425-e o cid ed lincoln.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Users\Gustavo\Documents\Downloads\Limewire_Lime_Wire_Pro_v41001\LimeWireProSetup.exe Infected: Trojan.Win32.FormatC.ad 1C:\Users\Gustavo\Documents\Downloads\Limewire_Lime_Wire_Pro_v41001.rar Infected: Trojan.Win32.FormatC.ad 1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\funk pirocoptero.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\Gui boratto - Beautiful life.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\jambalay jonhn fogerty - greatest hits.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\pirocoptero.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Windows\System32\oobe\msobcommw.dll Infected: Trojan-Banker.Win32.Banbra.dys 1C:\Windows\System32\oobe\msobweb2.dll Infected: Trojan-Banker.Win32.Banbra.dys 1C:\Windows\System32\oobe\spoolsv.exe Infected: Backdoor.Win32.Delf.mpj 1C:\Windows\SysWOW64\oobe\msobcommw.dll Infected: Trojan-Banker.Win32.Banbra.dys 1C:\Windows\SysWOW64\oobe\msobweb2.dll Infected: Trojan-Banker.Win32.Banbra.dys 1C:\Windows\SysWOW64\oobe\spoolsv.exe Infected: Backdoor.Win32.Delf.mpj 1The selected area was scanned.
HiJackThis
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 07:34:13, on 19/11/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\RTHDCPL.exeC:\Program Files (x86)\RocketDock\RocketDock.exeC:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\qttask.exeC:\Windows\SysWOW64\conime.exeC:\Program Files (x86)\LimeWire\LimeWire.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\hijackthis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dllO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\SysWOW64\qttask.exe" -atboottimeO4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [Google Update] "C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-21-1094363809-2537201261-1953011900-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dllO9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cabO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exeO23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 7211 bytes
Boa Noite! Gsbad
<!> Execute,na ordem,estes programas: Dr.Web Cureit --> Kaspersky Virus Removal Tool.
--------------------------
<@> Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://virusscan.jotti.org/images/drweb.gif&key=694fc839d5530915b206f0fd10b2abc7c3c10c8c2ace4928f7da2ab78e620150" alt="drweb.gif" /> >
< ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe >
<@> Salve-o no Desktop!
<@> Execute o arquivo: drweb-cureit.exe
<@> Clique em Iniciar e escolha a verificação express scan.
<@> Se for encontrado,algum ficheiro infectado,clique no botão yes,para acionar a cura.
<@> Quando o scan rápido terminar,clique em Opções --> Alterar Definições.
<@> Na aba Verificação,desmarque a Análise Heurística e confirme!
<@> De volta à janela principal,marque os drives que você deseja examinar.
<@> Selecione todos! Um ponto vermelho,vai indicar os drives selecionados.
<@> Clique na seta verde,para iniciar o exame.
/applications/core/interface/imageproxy/imageproxy.php?img=http://img264.imageshack.us/img264/8903/drwebho6.jpg&key=ffe3b53a296017d45f3fae908235c59b07dcd9159cbf2aeb7b2fd841a169f1a4" alt="drwebho6.jpg" />
<@> Caso haja uma solicitação,para curar/mover o arquivo,clique em Sim,para todos.
<@> Quando o exame terminar,observe se o ícone "objetos encontrados" < /applications/core/interface/imageproxy/imageproxy.php?img=http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif&key=4896023681234a98a3b96db05eba7a3f1f5c9d0b9f328a2bb40bf00916c816f9" alt="check.gif" /> > está habilitado.
<@> Se estiver,clique nele!
<@> À seguir clique no ícone,logo abaixo,e selecione: Mover incuráveis
/applications/core/interface/imageproxy/imageproxy.php?img=http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif&key=6290111d385033d9a614f75c047b3f0d453b1342d40127e3183bd71e2be122d0" alt="move.gif" />
<@> Caso o programa não possa curá-los,ele irá move-los para a pasta Quarentena,no diretório DoctorWeb.
<@> Feito isto, vá no menu superior e clique na opção Ficheiros --> Guardar listas de arquivos.
<@> Salve a lista no desktop. ( DrWeb.csv ) <-- Relatório para postagem!
<@> Feche o programa!
<@> Reinicie o computador,para que o programa termine de deletar/mover,os arquivos que estavam sendo utilizados.
-------------------------
<@> Baixe: < Kaspersky Virus Removal Tool >
-----------------------------
<@> Faça o download da atualização mais recente! <-- *Observe as **datas!*
<@> Salve-o em Arquivos de Programas!
<@> Reinicie o computador,se possível,em Modo de Segurança! <-- Importante!
<@> Execute a ferramenta com um duplo-clique,em seu executável.
<@> Abrir-se-á,a seguinte janela:
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.softpedia.com/screenshots/Kaspersky-Virus-Removal-Tool_1.png&key=f6d568ce4d80c9d3646adebaff2a335ebc3856caefe3c3a2f8040c9e7c2092a6" alt="Kaspersky-Virus-Removal-Tool_1.png" />
<@> Na opção: Manual Cure,marque todas as caixas e clique em Scan.
<@> Ps: Na ausência da opção,escolha: Automatic Scan
<@> Terminando,a verificação,copie e poste o relatório.
>
Ps: Confirme a solicitação de remoção,aos arquivos detectados!
<!> Poste: Os relatórios desses programas. <-- *Procure **resumi-los,mostrando apenas as infecções detectadas!*
<!> Poste,também,HijackThis atualizado.
Abraços!
Tópico Arquivado
Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.
Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.
Bom Dia! Gsbad
<@> Faça um scan online em: < Kaspersky >
<@> Utilize para isso,o navegador Internet Explorer.
<!> Acesse o site,e clique em: < /applications/core/interface/imageproxy/imageproxy.php?img=http://img265.imageshack.us/img265/9241/kasperdx9.jpg&key=5da30928d6a3dc04edefe3b030dc936ff47d64c2422bfdf6f0d4c186b977d57c" alt="kasperdx9.jpg" /> >
<@> Na próxima página,clique em: I Accept
<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.
<@> Na próxima página,clique em: My Computer e faça o scan.
<@> Tenha paciência!
<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.
<@> Terminando,salve e poste o relatório.
<@> Clique em Save Report As... para salvar o log.
<@> Salve o resultado como .txt,segundo a imagem abaixo:
/applications/core/interface/imageproxy/imageproxy.php?img=http://img.photobucket.com/albums/v666/sUBs/Kas-Savetxt.gif&key=12df84cc9364ed13311153b7405127e0f208cd4a0679232596972a39ca5dfe36" alt="Kas-Savetxt.gif" />
<@> Poste,também,HijackThis atualizado.
Abraços!