Ir ao conteúdo
  • Cadastre-se
Auralilas

Ajuda por favor, não sei qual virus está infectando.

Recommended Posts

Caro moderador,

Gostaria de uma ajuda para limpar meu computador. No início do ano vocês já me ajudaram e ficou tudo limpo, mas acho que quando entrei num website do FreeTv, apareceu que meu pc foi infectado com Virtumonde. Eu usei o Vundofix e nao apareceu infecção nele.

Mas umas coisas estranhas acontecem no meu pc. Por exemplo:

- a toolbar Quick Lauch desaparece algumas vezes quando reinicio o computador.

- quando uso o Internet Explorer, faço um search no Google, clico em qualquer link e ele redireciona sempre para outra página, sempre com um Jump no meio do endereço,

- meu antivirus é o Trendmicro e eu não consigo fazê-lo rodar inteiro, ele sempre trava quando está entre 70 e 80% do scanning, tenho então que desligar o computador na força;

Uso sempre o CCleaner, tentei usar o Kapersky online, e a página não abre no meu computador, não sei se a página está offline ou se é por causa do virus que eu não consigo assessá-la.

Rodei o HijackThis e aqui está o log, agradeço desde já a ajuda. Obrigada.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:29:45, on 21/09/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe

C:\WINDOWS\StartupMonitor.exe

C:\Program Files\Trend Micro\BM\TMBMSRV.exe

C:\WINDOWS\system32\NVATray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

C:\Program Files\Internet Explorer\Iexplore.exe

C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: NP545 Wireless Client Utility.lnk = C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O23 - Service: Active WebCam (ACTIVEWEBCAM) - Unknown owner - C:\Program Files\Active WebCam\WebCam.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)

O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 5028 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Siga as instruções contidas no link abaixo e instale e execute o Combofix:

http://www.bleepingcomputer.com/combofix/pt/como-usar-o-combofix

  • É importante que instale o Console de Recuperação também.
  • Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt).
  • Cole o conteúdo desse arquivo e faça também um novo log do HijackThis para colocar na sua resposta.

Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver rodando, isso pode fazer com que o computador pare.

Nota: Por favor, NÃO utilize o ComboFix sozinho. É uma ferramenta poderosa criada pra lidar com infeções sofisticadas e caso não a utilize corretamente poderá danificar o seu sistema. A ferramenta apenas deve ser utilizada sob supervisão de Assistentes de remoção de malware devidamente treinados.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigada Renato.

Foi difícil conseguir rodar o Combofix, aparecia as seguintes mensagens:

"This will disable and terminate NVATray application! Is that what you want to do?"

"ComboFix has detected teh presence of rootkit activity and needs to reboot the machine"

e no reeboot travava sozinho sem eu tocar em nada.

Finalmente consegui rodá-lo, aqui segue os logs do Combofix e do Hijackthis.

ComboFix 08-09-22.06 - Admin 2008-09-24 22:25:37.6 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.193 [GMT 10:00]

Running from: C:\Documents and Settings\Admin\Desktop\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\system32\a.exe

C:\WINDOWS\system32\lphcaggj0ee3t.exe

C:\WINDOWS\system32\phcaggj0ee3t.bmp

C:\WINDOWS\system32\tdssinit.dll

C:\WINDOWS\system32\tdssl.dll

C:\WINDOWS\system32\tdsslog.dll

C:\WINDOWS\system32\tdssmain.dll

C:\WINDOWS\system32\tdssservers.dat

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_TDSSSERV

-------\Service_TDSSserv

((((((((((((((((((((((((( Files Created from 2008-08-24 to 2008-09-24 )))))))))))))))))))))))))))))))

.

2008-09-21 21:27 . 2005-05-17 16:24 311,296 --a------ C:\WINDOWS\system32\AegisI5.exe

2008-09-21 21:27 . 2006-01-18 13:55 290,918 --a------ C:\WINDOWS\system32\Install7x.dll

2008-09-21 21:27 . 2006-01-12 19:46 252,928 --a------ C:\WINDOWS\system32\drivers\rt73.sys

2008-09-21 21:27 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.SYS

2008-09-21 21:27 . 2005-11-30 11:33 2,048 --a------ C:\WINDOWS\system32\drivers\rt73.bin

2008-09-21 21:27 . 2005-08-19 15:51 138 --a------ C:\WINDOWS\filespec7x

2008-09-21 21:26 . 2008-09-21 21:26 <DIR> d-------- C:\Program Files\NetComm

2008-09-21 21:26 . 2008-09-21 21:26 20,747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys

2008-09-20 21:36 . 2008-09-20 21:36 <DIR> d-------- C:\VundoFix Backups

2008-08-31 11:54 . 2008-08-31 11:54 <DIR> d-------- C:\Documents and Settings\Admin\.wirefusion

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-09-21 11:26 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-09-16 13:41 --------- d-----w C:\Program Files\Windows Live

2008-07-29 12:39 --------- d-----w C:\Documents and Settings\Admin\Application Data\Skype

2007-06-13 05:39 800,272 ----a-w C:\Documents and Settings\Admin\ppctl.dll

2006-10-02 15:43 2,402,550 ----a-w C:\WINDOWS\inf\SET4E.tmp

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-02-15 1398024]

"Run StartupMonitor"="StartupMonitor.exe" [2000-05-20 C:\WINDOWS\StartupMonitor.exe]

"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2002-06-18 C:\WINDOWS\system32\NVATray.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

NP545 Wireless Client Utility.lnk - C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe [2008-09-21 593920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

S2 ACTIVEWEBCAM;Active WebCam;C:\Program Files\Active WebCam\WebCam.exe [ ]

S3 Navcar;Navman In-car Navigator USB Driver Service;C:\WINDOWS\system32\DRIVERS\Navcar.sys [2006-09-18 30329]

.

Contents of the 'Scheduled Tasks' folder

.

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\meyth66t.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-24 22:31:16

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

C:\Program Files\Trend Micro\BM\TMBMSRV.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

.

**************************************************************************

.

Completion time: 2008-09-24 22:39:34 - machine was rebooted

ComboFix-quarantined-files.txt 2008-09-24 12:39:11

ComboFix2.txt 2008-02-25 00:02:14

ComboFix3.txt 2008-02-21 22:41:13

ComboFix4.txt 2008-02-10 16:36:18

Pre-Run: 18,544,414,720 bytes free

Post-Run: 18,485,112,832 bytes free

107 --- E O F --- 2008-01-27 04:09:40

*****************

*****************

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:41:56, on 24/09/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Trend Micro\BM\TMBMSRV.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

C:\WINDOWS\StartupMonitor.exe

C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe

C:\WINDOWS\system32\NVATray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: NP545 Wireless Client Utility.lnk = C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O23 - Service: Active WebCam (ACTIVEWEBCAM) - Unknown owner - C:\Program Files\Active WebCam\WebCam.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)

O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 4675 bytes

Obrigada pela atenção!:3:

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

Por que o console de recuperação não foi instalado conforme havia sido pedido?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe, não foi instalado por dois motivos. Não sei ou não achei onde existe esse download do console de instalação.

Eu não consegui fazer o download do ComboFix pelo link que você passou, a página não abria de jeito nenhum, então eu rodei um ComboFix.exe que eu tinha salvado da ultima vez vocês me ajudaram a fazer uma limpeza em janeiro/2008.

Assim, pode me dizer de onde consigo esse console para poder instalar?

Obrigada:(

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você chegou a ler o link?

http://www.bleepingcomputer.com/combofix/pt/como-usar-o-combofix

Está tudo explicado ai. E quanto a usar ComboFix que baixou em janeiro não é efetivo, precisa baixar uma versão atual.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi Renato

depois de um longo e tenebroso inverno consegui fazer o negócio. Na primeira tentativa eu não tinha conseguido abrir a página por isso não tinha as informações de como instalar o console de recuperacao etc e tal... bla, bla, bla....

Bom, agora consegui e aqui estão os logs do Combofix e do Hijack.

Obrigada por analisar.

ComboFix 08-10-01.02 - Admin 2008-10-02 19:44:38.8 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.190 [GMT 10:00]

Running from: C:\Documents and Settings\Admin\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_MCHINJDRV

((((((((((((((((((((((((( Files Created from 2008-09-02 to 2008-10-02 )))))))))))))))))))))))))))))))

.

2008-09-21 21:27 . 2005-05-17 16:24 311,296 --a------ C:\WINDOWS\system32\AegisI5.exe

2008-09-21 21:27 . 2006-01-18 13:55 290,918 --a------ C:\WINDOWS\system32\Install7x.dll

2008-09-21 21:27 . 2006-01-12 19:46 252,928 --a------ C:\WINDOWS\system32\drivers\rt73.sys

2008-09-21 21:27 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.SYS

2008-09-21 21:27 . 2005-11-30 11:33 2,048 --a------ C:\WINDOWS\system32\drivers\rt73.bin

2008-09-21 21:27 . 2005-08-19 15:51 138 --a------ C:\WINDOWS\filespec7x

2008-09-21 21:26 . 2008-09-21 21:26 <DIR> d-------- C:\Program Files\NetComm

2008-09-21 21:26 . 2008-09-21 21:26 20,747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys

2008-09-20 21:36 . 2008-09-20 21:36 <DIR> d-------- C:\VundoFix Backups

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-09-28 14:57 --------- d-----w C:\Documents and Settings\Admin\Application Data\Skype

2008-09-21 11:26 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-09-16 13:41 --------- d-----w C:\Program Files\Windows Live

2007-06-13 05:39 800,272 ----a-w C:\Documents and Settings\Admin\ppctl.dll

2006-10-02 15:43 2,402,550 ----a-w C:\WINDOWS\inf\SET4E.tmp

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-02-15 1398024]

"Run StartupMonitor"="StartupMonitor.exe" [2000-05-20 C:\WINDOWS\StartupMonitor.exe]

"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2002-06-18 C:\WINDOWS\system32\NVATray.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

NP545 Wireless Client Utility.lnk - C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe [2008-09-21 593920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

S2 ACTIVEWEBCAM;Active WebCam;C:\Program Files\Active WebCam\WebCam.exe [ ]

S3 Navcar;Navman In-car Navigator USB Driver Service;C:\WINDOWS\system32\DRIVERS\Navcar.sys [2006-09-18 30329]

.

Contents of the 'Scheduled Tasks' folder

.

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\meyth66t.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-02 19:50:40

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2008-10-02 19:56:23 - machine was rebooted [Admin]

ComboFix-quarantined-files.txt 2008-10-02 09:56:19

ComboFix2.txt 2008-10-02 09:30:37

ComboFix3.txt 2008-09-24 12:39:38

ComboFix4.txt 2008-02-25 00:02:14

ComboFix5.txt 2008-10-02 09:41:42

Pre-Run: 18,144,444,416 bytes free

Post-Run: 18,128,035,840 bytes free

93 --- E O F --- 2008-01-27 04:09:40

******************

******************

HIJACK THIS

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:00:09, on 02/10/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\StartupMonitor.exe

C:\WINDOWS\system32\NVATray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: NP545 Wireless Client Utility.lnk = C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O23 - Service: Active WebCam (ACTIVEWEBCAM) - Unknown owner - C:\Program Files\Active WebCam\WebCam.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)

O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 4407 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça um Online Scan em kaspersky Virusscanner

  • Clique em Clipboard01-1.jpg
  • Quando questionando para instalar o componente ActiveX, clique em Clipboard015.jpg
  • Aguarde a instalação e a actualização e depois clique em Clipboard013.jpg
  • Clique agora em Clipboard016.jpg
  • Nas opções do scan (settings), certifique-se que as entradas abaixo estão selecionadas:
    • Scan using the following Anti-Virus database:

      Extended (if available otherwise Standard)

    • Scan Options:

      Scan Archives
      Scan Mail Bases

    [*]Clique Clipboard014.jpg

    [*]Clique em My Computer para que seja feito um Scan completo no seu Sistema.

    [*]Será iniciado o scan e poderá demorar um pouco. Seja paciente e aguarde.

    [*]No final do Scan, clique no botão Save as Text

    [*]Salve o log com os resultados e poste na sua próxima resposta.

    [*]Gere e cole também um novo log do HijackThis.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigada! :)

Aqui estão os logs:

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

Saturday, October 4, 2008

Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)

Kaspersky Online Scanner 7 version: 7.0.25.0

Program database last update: Friday, October 03, 2008 08:28:31

Records in database: 1285596

--------------------------------------------------------------------------------

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

Scan area - My Computer:

A:\

C:\

D:\

E:\

H:\

Scan statistics:

Files scanned: 70182

Threat name: 11

Infected objects: 19

Suspicious objects: 0

Duration of the scan: 03:04:57

File name / Threat name / Threats count

C:\Program Files\Trend Micro\Internet Security\Quarantine\13.tmp Infected: not-a-virus:AdWare.Win32.Aureate 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\13.tmp Infected: not-a-virus:Porn-Dialer.Win32.PluginAccess 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\21.tmp Infected: not-a-virus:AdWare.Win32.Aureate 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\21.tmp Infected: not-a-virus:Porn-Dialer.Win32.PluginAccess 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\2A.tmp Infected: Trojan.Win32.Dialer.yz 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\30F.tmp Infected: Trojan.Win32.Dialer.yz 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000012.dll Infected: Trojan-Downloader.Win32.FraudLoad.vbxt 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000057.sys Infected: Backdoor.Win32.Agent.roc 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000108.dll Infected: Hoax.Win32.Renos.ebd 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000109.dll Infected: Backdoor.Win32.Agent.rfw 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000110.dll Infected: Backdoor.Win32.Agent.rfv 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\A0000111.exe Infected: Backdoor.Win32.Frauder.fk 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\TDSSADW.DLL Infected: Rootkit.Win32.Clbd.jy 1

C:\Program Files\Trend Micro\Internet Security\Quarantine\TDSSSERF.DLL Infected: Trojan-Downloader.Win32.FraudLoad.vbxt 1

C:\QooBox\Quarantine\C\WINDOWS\system32\a.exe.vir Infected: Trojan-Downloader.Win32.Small.adgj 1

C:\QooBox\Quarantine\C\WINDOWS\system32\lphcaggj0ee3t.exe.vir Infected: Backdoor.Win32.Frauder.fk 1

C:\QooBox\Quarantine\C\WINDOWS\system32\tdssl.dll.vir Infected: Hoax.Win32.Renos.ebd 1

C:\QooBox\Quarantine\C\WINDOWS\system32\tdsslog.dll.vir Infected: Backdoor.Win32.Agent.rfv 1

C:\QooBox\Quarantine\C\WINDOWS\system32\tdssmain.dll.vir Infected: Backdoor.Win32.Agent.rfw 1

The selected area was scanned.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:35:14, on 04/10/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\StartupMonitor.exe

C:\WINDOWS\system32\NVATray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: NP545 Wireless Client Utility.lnk = C:\Program Files\NetComm\NP545\Installer\WINXP\NP545 Wireless Client Utility.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O23 - Service: Active WebCam (ACTIVEWEBCAM) - Unknown owner - C:\Program Files\Active WebCam\WebCam.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)

O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 4538 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Limpe a quarentena do seu antivírus.

Parabéns, seu log está limpo.

De agora em diante fique ALERTA!

Para finalizar faça o seguinte:

Vá em Iniciar > Executar e digite combofix /u. Isso desinstalará o ComboFix de sua máquina.

Sugiro que rode o CCleaner para fazer uma limpeza em sua máquina. Faça o download dele aqui CCleaner

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Erros >> Procurar erros >> Corrigir Erros

Sugiro também que consulte este artigo: Proteja seu PC

Mais algum problema com malwares?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Muito obrigada pela ajuda, Renato.

Minha ultima dúvida é a seguinte:

Quando vou deletar os files do quarantine aparece a seguinte mensagem: Unable to delete de file.Your computer may have locked the file or you may lack sufficiente privilieges to access the files.

Há algum problema em deixar os files no quarantine?

Se os files estão travanos no computador, tem como destravar?

porque será que não tenho esse privilégio de acessar os files? Uso o Trend Micro

BTW, eu já uso o CCleaner desde que vocês me ajudaram a limpar o computador em Janeiro, uso todos os dias quando desligo o computador.

Obrigada:unsure:

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você precisa usar o próprio antivírus para limpar a quarentena.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×