mpadv 0 Denunciar post Postado Outubro 10, 2010 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:24:18, on 10/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\QSTART.SYS\config\DVMExportService.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Energy Management\utility.exe C:\Program Files\Lenovo\Energy Management\Energy Management.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\VeriFaceIII\PManage.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\Documents and Settings\Marcelo Porto\Application Data\Dropbox\bin\Dropbox.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\HiJackThis\HiJackThis.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (file missing) O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (file missing) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (file missing) O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Nitro PDF Printer Monitor] "C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Marcelo Porto\Application Data\Dropbox\bin\Dropbox.exe O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: PicNotify - PicNotify.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\QSTART.SYS\config\DVMExportService.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- End of file - 12192 bytes Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Outubro 10, 2010 Olá mpadv 1. Abra o SpybotNo menu superior, clique em [Modo] > [Avançado] e confirme. Clique em [Ferramentas] > [Residente] Desmarque a opção Ativar "TeaTimer" do Residente (proteção geral das configurações de sistema). Feche o programa. 2. *Baixe o AD-Remover e salve-o no desktop *Execute o AD-Remover *Clique [Clean]...aguarde o término. A reinicialização do PC poderá ou não ser solicitada pelo programa. *Cole o relatório C:\Ad-Report-CLEAN.log 3. *Acesse o site ConfickerWorkingGroup *No site, observe as figuras abaixo de "Conficker Eye Chart" *Compare com resultado da tabela abaixo de "How to interpret:" *Informe o resultado escrito na coluna "It probably means this:" Compartilhar este post Link para o post Compartilhar em outros sites
mpadv 0 Denunciar post Postado Outubro 12, 2010 Obrigado pela atenção... Eu tinha lido outros tópicos a respeito e já tinha feito o mesmo procedimento; entretanto, para minha surpresa, ele deu "NORMAL". Pelo que vi aqui, o AVIRA acusa a existência do worm conficker.y.14 em dois arquivos de uma pasta. Quando fui verificar do que se tratava tais arquivos, vi que sao (pelo menos aparentemente) da CAIXA ECONOMICA FEDERAL, onde tenho conta. TALVEZ (talvez) seja algum plugin de segurança. Não sei, o que você acha? Obrigado mais uma vez. ======= REPORT FROM AD-REMOVER 2.0.0.1,F | ONLY XP/VISTA/7 ======= Updated by C_XX on 16/09/10 at 13:30 Contact: AdRemover.contact[AT]gmail.com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 12:52:57 on 12/10/2010, Normal boot Microsoft Windows XP Home Edition Service Pack 3 (X86) Marcelo Porto@MP ( ) ============== ACTION(S) ============== Service: "Application Updater" Service stopped and deleted 0,Folder deleted: C:\Program Files\Application Updater 0,Folder deleted: C:\Documents and Settings\Marcelo Porto\Application Data\pdfforge 0,Folder deleted: C:\Documents and Settings\Marcelo Porto\Application Data\Search Settings 3,File deleted: C:\WINDOWS\Installer\ba0ba4.msi (!) -- Temporary files deleted. 1,Key deleted: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} 1,Key deleted: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 0,Key deleted: HKLM\Software\Application Updater 0,Key deleted: HKLM\Software\pdfforge 0,Key deleted: HKLM\Software\Search Settings 0,Key deleted: HKCU\Software\pdfforge 0,Key deleted: HKCU\Software\Search Settings 3,Key deleted: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23 3,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\3D7B197543B881247905A6E8540DDA23 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32} 0,Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings 0,Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings 0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.10 (pt-BR)] ** -- C:\Documents and Settings\Marcelo Porto\Application Data\Mozilla\FireFox\Profiles\hxlmijq1.default\Prefs.js -- browser.startup.homepage, about:blank browser.startup.homepage_override.mstone, rv:1.9.2.10 ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 5 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 12/10/2010 (2511 Byte(s)) C:\Ad-Report-SCAN[1].txt - 12/10/2010 (3795 Byte(s)) End at: 13:00:35, 12/10/2010 ============== E.O.F ============== Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Outubro 16, 2010 Olá mpadv 1. *Execute o AD-Remover *Clique [uninstall] 2. *Baixe o ATF-Cleaner e salve-o no desktop *Execute o ATF-Cleaner *Selecione: [X] Select All *Clique [Empty Selected] =>Caso use Firefox ou Opera: *Clique na aba "Firefox" ou em "Opera" *Selecione: [X] Select All *Clique [sim] > [Empty Selected] > [sim] 3. *Baixe a atualização KB958644 e salve-a no desktop *Instale-a. Caso seu Windows informe que a versão presente no seu PC é mais atual, cancele a instalação e siga para o passo seguinte. 4. *Desative a Restauração do Sistema *Clique com o botão direito do mouse em Meu Computador e selecione Propriedades*Clique em Restauração do Sistema *Selecione a opção: [] Desativar Restauração do Sistema *Clique [Aplicar] > [sim] > [OK] *Baixe o KidoKiller e salve-o no desktop *Extraia o seu conteúdo para C:\ *Desative temporariamente seu antivírus *Clique [iniciar] > [Executar] > copie e cole: C:\kk.exe -x -y -l conficker.txt -v *Clique [OK] e aguarde o término do scan. O programa será fechado automaticamente. *Cole o resumo localizado no final do relatório C:\conficker.txt Exemplo: 15:25:43:548 1868 scanning Flash drives ... 15:25:43:638 1868 completed 15:25:43:638 1868 Infected jobs: 0 15:25:43:638 1868 Infected files: 1 15:25:43:638 1868 Infected threads: 7 15:25:43:638 1868 Spliced functions: 7 15:25:43:638 1868 Cured files: 1 15:25:43:638 1868 Fixed registry keys: 6 15:25:43:638 1868 Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Novembro 17, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites