[Arquivado] [Log] Computador lento, e travando constantemente

[1sefirot1 0]

Boa tarde galera,

Tem tempo que nao faço um 'checkup' do pc aqui no forum.

Ele anda dando umas congeladas com necessidade ate mesmo de reiniciar. E a memoria usada no CTRL ALT DEL sempre fica em alta nakela barrinha verde.

 

Segue o log! :thumbsup:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:01:34, on 15/11/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\RTHDCPL.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\SysWOW64\qttask.exe

C:\Windows\SysWOW64\conime.exe

C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Java\jre1.6.0_07\bin\javaw.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ACE Mega CoDecS Pack\Media Player Classic\mplayerc.exe

C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\hijackthis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\SysWOW64\qttask.exe" -atboottime

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-21-1094363809-2537201261-1953011900-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 7437 bytes

[DigRam 144]

Bom Dia! Gsbad

 

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

 

<!> Acesse o site,e clique em: < >

 

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log.

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

[1sefirot1 0]

Bom dia Digram!!

 

SCAN:

--------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7 REPORT Wednesday, November 19, 2008 Operating System: Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Tuesday, November 18, 2008 21:05:17 Records in database: 1392277--------------------------------------------------------------------------------Scan settings:	Scan using the following database: extended	Scan archives: yes	Scan mail databases: yesScan area - My Computer:	A:\	C:\	D:\	E:\	F:\	G:\	H:\Scan statistics:	Files scanned: 182550	Threat name: 6	Infected objects: 18	Suspicious objects: 0	Duration of the scan: 01:50:35File name / Threat name / Threats countC:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RDVAJ0L.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RFEMBCG.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RO98KS9.mp3	Infected: Trojan-Downloader.WMA.GetCodec.f	1C:\$Recycle.Bin\S-1-5-21-1094363809-2537201261-1953011900-1000\$RSJ73TE.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\temp\LimewirePro Setup\Setup.exe	Infected: Trojan.Win32.FormatC.ad	1C:\Users\Gustavo\Documents\Downloads\Incomplete\Preview-T-3545425-e o cid ed lincoln.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\Users\Gustavo\Documents\Downloads\Limewire_Lime_Wire_Pro_v41001\LimeWireProSetup.exe	Infected: Trojan.Win32.FormatC.ad	1C:\Users\Gustavo\Documents\Downloads\Limewire_Lime_Wire_Pro_v41001.rar	Infected: Trojan.Win32.FormatC.ad	1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\funk pirocoptero.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\Gui boratto - Beautiful life.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\jambalay jonhn fogerty - greatest hits.mp3	Infected: Trojan-Downloader.WMA.GetCodec.n	1C:\Users\Gustavo\Documents\Downloads\Musicas limewire\pirocoptero.mp3	Infected: Trojan-Downloader.WMA.GetCodec.c	1C:\Windows\System32\oobe\msobcommw.dll	Infected: Trojan-Banker.Win32.Banbra.dys	1C:\Windows\System32\oobe\msobweb2.dll	Infected: Trojan-Banker.Win32.Banbra.dys	1C:\Windows\System32\oobe\spoolsv.exe	Infected: Backdoor.Win32.Delf.mpj	1C:\Windows\SysWOW64\oobe\msobcommw.dll	Infected: Trojan-Banker.Win32.Banbra.dys	1C:\Windows\SysWOW64\oobe\msobweb2.dll	Infected: Trojan-Banker.Win32.Banbra.dys	1C:\Windows\SysWOW64\oobe\spoolsv.exe	Infected: Backdoor.Win32.Delf.mpj	1The selected area was scanned.

 

 

HiJackThis

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 07:34:13, on 19/11/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\RTHDCPL.exeC:\Program Files (x86)\RocketDock\RocketDock.exeC:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\qttask.exeC:\Windows\SysWOW64\conime.exeC:\Program Files (x86)\LimeWire\LimeWire.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gustavo\AppData\Local\Google\Chrome\Application\chrome.exeC:\hijackthis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dllO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\SysWOW64\qttask.exe" -atboottimeO4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [Google Update] "C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-21-1094363809-2537201261-1953011900-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dllO9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cabO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: lxcz_device -   - C:\Windows\system32\lxczcoms.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exeO23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 7211 bytes

[DigRam 144]

Boa Noite! Gsbad

 

<!> Execute,na ordem,estes programas: Dr.Web Cureit --> Kaspersky Virus Removal Tool.

--------------------------

<@> Baixe: < >

 

< ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe >

 

<@> Salve-o no Desktop!

<@> Execute o arquivo: drweb-cureit.exe

<@> Clique em Iniciar e escolha a verificação express scan.

<@> Se for encontrado,algum ficheiro infectado,clique no botão yes,para acionar a cura.

<@> Quando o scan rápido terminar,clique em Opções --> Alterar Definições.

<@> Na aba Verificação,desmarque a Análise Heurística e confirme!

<@> De volta à janela principal,marque os drives que você deseja examinar.

<@> Selecione todos! Um ponto vermelho,vai indicar os drives selecionados.

<@> Clique na seta verde,para iniciar o exame.

 

 

<@> Caso haja uma solicitação,para curar/mover o arquivo,clique em Sim,para todos.

<@> Quando o exame terminar,observe se o ícone "objetos encontrados" < > está habilitado.

<@> Se estiver,clique nele!

<@> À seguir clique no ícone,logo abaixo,e selecione: Mover incuráveis

 

 

<@> Caso o programa não possa curá-los,ele irá move-los para a pasta Quarentena,no diretório DoctorWeb.

<@> Feito isto, vá no menu superior e clique na opção Ficheiros --> Guardar listas de arquivos.

<@> Salve a lista no desktop. ( DrWeb.csv ) <-- Relatório para postagem!

<@> Feche o programa!

<@> Reinicie o computador,para que o programa termine de deletar/mover,os arquivos que estavam sendo utilizados.

-------------------------

<@> Baixe: < Kaspersky Virus Removal Tool >

-----------------------------

<@> Faça o download da atualização mais recente! <-- Observe as datas!

<@> Salve-o em Arquivos de Programas!

<@> Reinicie o computador,se possível,em Modo de Segurança! <-- Importante!

<@> Execute a ferramenta com um duplo-clique,em seu executável.

<@> Abrir-se-á,a seguinte janela:

 

 

<@> Na opção: Manual Cure,marque todas as caixas e clique em Scan.

<@> Ps: Na ausência da opção,escolha: Automatic Scan

<@> Terminando,a verificação,copie e poste o relatório.

 

Ps: Confirme a solicitação de remoção,aos arquivos detectados!

<!> Poste: Os relatórios desses programas. <-- Procure resumi-los,mostrando apenas as infecções detectadas!

<!> Poste,também,HijackThis atualizado.

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.