[Arquivado] VIRUS QUE NAO CONSIGO EXCLUIR

[xarel 0]

SENHORES,

MINHA FILHA, NAVEGANDO PELO ORKUT, FEZ O FAVOR DE CLICAR EM DETERMINADO LINK DO QUE RESULTOU NA INFECÇÃO POR VIRUS.

MEU ANTIVIRUS NAO CONSEGUIU EXCLUIR O MALWARE E TB NAO CONSEGUI INSTALAR O HIJACKTHIS (PARA VER O LOG).

EFETUEI O SCAN ONLINE NO KASPERSKY E NO PANDA DO QUE POSTO O RESULTADO ABAIXO. AGUARDO VOSSAS AJUDAS.

XAREL

Infected Object Name Virus Name Last Action

C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Paulo Andre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Paulo Andre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Paulo Andre\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Paulo Andre\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Paulo Andre\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Paulo Andre\Dados de aplicativos\AVG7\Log\emc.log Object is locked skipped

C:\Documents and Settings\Paulo Andre\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Paulo Andre\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\new.exe Infected: Trojan-Spy.Win32.Banker.chu skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\gevchohg.bat Infected: Trojan.Win32.KillApp.n skipped

C:\WINDOWS\Temp\xzercwsl.bat Infected: Trojan-Spy.Win32.Banker.chu skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

 

 

E AKI ESTÁ A PERFORMANCE DO PANDA

Incidência Estado Localização

 

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Cookies\paulo andre@google.com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.google.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.terra.com.br/]

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.ig.com.br/]

Spyware:Cookie/Xiti Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.com.com/]

Spyware:Cookie/MetriWeb Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.metriweb.be/]

Spyware:Cookie/Bluestreak Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.bluestreak.com/]

Spyware:Cookie/Toplist Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.toplist.cz/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.bannerlandia.com.ar/]

Spyware:Cookie/Go Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.go.com/]

Spyware:Cookie/RealMedia Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[.247realmedia.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Paulo Andre\Dados de aplicativos\Mozilla\Firefox\Profiles\wtfgpzrz.default\cookies.txt[de.uol.com.br/]

Virus:Trj/PassMailSteal.A Desinfectado C:\WINDOWS\super.exe

Virus:Trj/PassMailSteal.A Desinfectado C:\WINDOWS\Temp\eqpgdxxl.bat

[Shine 0]

Olá, xarel! Como vai?

 

1. Baixe o programa atualizado do HijackThis e salve-o numa pasta própria

 

Lembre-se: O HijackThis precisa ter uma pasta própria no C:\

 

- Abra o HijackThis, clique em Do a system scan and save a logfile;

 

- Copie o log salvo na pasta HijackThis e cole-o na sua resposta para ser analisado.

 

Qualquer dúvida fique a vontade para perguntar

 

Abraços!

[Shine 0]

Tópico Arquivado

 

Como o autor não respondeu ao tópico por mais de 20 dias, o mesmo foi arquivado.

 

Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um moderador com um link para este tópico e explique o motivo da reabertura.