[Resolvido!]Olá, pessoal... Dá uma olhadinha aqui p/ mim, por favo

[Mme. Bela 0]

Oi, pessoal!

Vocês podem analisar meu log do hijackthis por favor? É que meu PC anda muito lento ultimamente e tenho certeza que é vírus.

Muito Obrigada!

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 20:51:23, on 22/04/2008

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\DAEMON Tools\daemon.exe

c:\program files\panda software\panda antivirus 2007\WebProxy.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\DAP\DAP.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\Users\Isabela\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: avldr - C:\Windows\SYSTEM32\avldr.dll

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrvx86.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe

O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PskSvc.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

[DigRam 144]

Boa Tarde! Mme. Bela

 

>@< Faça um scan on line em: < Kaspersky >

 

<!> Acesse o site, clique em: < >

 

>@< Na próxima página,clique em: I Accept

>@< Isto,para que se instale o controle activeX e,em seguida,atualize o banco de dados.

>@< Na próxima página,clique em: My Computer e faça o scan.

>@< Tenha paciência! Aguarde a atualização da base de dados,e o próprio exame que é demorado.

>@< Terminando,salve e poste o relatório.

 

Abraços!

[Mme. Bela 0]

Acho que consegui copiar direitinho o log, espero :cry: Muito obrigada pela resposta e desculpe-me pela demora.

 

Abraços :thumbsup:

 

 

 

 

KASPERSKY ONLINE SCANNER REPORT

Wednesday, April 23, 2008 8:43:07 PM

Operating System: Microsoft Windows Vista Home Edition, (Build 6000)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 23/04/2008

Kaspersky Anti-Virus database records: 723648

 

 

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

 

Scan Target My Computer

C:\

D:\

E:\

F:\

G:\

H:\

I:\

L:\

 

Scan Statistics

Total number of scanned objects 64118

Number of viruses found 1

Number of infected objects 5

Number of suspicious objects 0

Duration of the scan process 01:08:18

 

Infected Object Name Virus Name Last Action

C:\Boot\BCD Object is locked skipped

 

C:\Boot\BCD.LOG Object is locked skipped

 

C:\Program Files\DAP\History\Isabela\_lasthist.dat Object is locked skipped

 

C:\Program Files\DAP\Log\DAP_REPORT.LOG Object is locked skipped

 

C:\Program Files\DAP\Log\DAP_WIZARD.LOG Object is locked skipped

 

C:\Program Files\DAP\Temp\INSA78F.tmp.dap Object is locked skipped

 

C:\Program Files\DAP\Temp\TestReport.html Object is locked skipped

 

C:\Program Files\Panda Software\Panda Antivirus 2007\cace2423dfb97c58fe7dd9f120557063PSK_NAMES Object is locked skipped

 

C:\Program Files\Panda Software\Panda Antivirus 2007\cace2423dfb97c58fe7dd9f120557063PSK_NAMES2 Object is locked skipped

 

C:\Program Files\Panda Software\Panda Antivirus 2007\PavCntrs.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4M81NW84\080409_microsoft_-_treasure_chest_-_superbanner_728x90[1].swf Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat{1175bb42-62ef-11dc-8750-001a92eefb80}.TM.blf Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat{1175bb42-62ef-11dc-8750-001a92eefb80}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows\UsrClass.dat{1175bb42-62ef-11dc-8750-001a92eefb80}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Microsoft\Windows Defender\FileTracker\{86B0DB6D-5BC4-42FD-A560-1EFD959AAB3C} Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Temp\Low\~DF7878.tmp Object is locked skipped

 

C:\Users\Isabela\AppData\Local\Temp\Low\~DF787E.tmp Object is locked skipped

 

C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped

 

C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped

 

C:\Users\Isabela\Desktop\Panda Recos\WPE PRO.exe Infected: Sniffer.Win32.WpePro.a skipped

 

C:\Users\Isabela\Desktop\Panda Recos\WpeSpy.dll Infected: Sniffer.Win32.WpePro.a skipped

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\wpeproalpha0_9a.zip/WPE PRO.exe Infected: Sniffer.Win32.WpePro.a skipped

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\wpeproalpha0_9a.zip/WpeSpy.dll Infected: Sniffer.Win32.WpePro.a skipped

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\wpeproalpha0_9a.zip ZIP: infected - 2 skipped

 

C:\Users\Isabela\ntuser.dat Object is locked skipped

 

C:\Users\Isabela\ntuser.dat.LOG1 Object is locked skipped

 

C:\Users\Isabela\ntuser.dat.LOG2 Object is locked skipped

 

C:\Users\Isabela\NTUSER.DAT{024c5571-6a70-11db-8b20-e67c0f776047}.TM.blf Object is locked skipped

 

C:\Users\Isabela\NTUSER.DAT{024c5571-6a70-11db-8b20-e67c0f776047}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

 

C:\Users\Isabela\NTUSER.DAT{024c5571-6a70-11db-8b20-e67c0f776047}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

 

C:\Windows\Debug\PASSWD.LOG Object is locked skipped

 

C:\Windows\Debug\sam.log Object is locked skipped

 

C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped

 

C:\Windows\Installer\MSIA2DF.tmp Object is locked skipped

 

C:\Windows\Installer\MSIB999.tmp Object is locked skipped

 

C:\Windows\Installer\MSID4D6.tmp Object is locked skipped

 

C:\Windows\Logs\CBS\CBS.log Object is locked skipped

 

C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped

 

C:\Windows\Logs\DPX\setupact.log Object is locked skipped

 

C:\Windows\Logs\DPX\setuperr.log Object is locked skipped

 

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped

 

C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped

 

C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped

 

C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped

 

C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped

 

C:\Windows\security\database\secedit.sdb Object is locked skipped

 

C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped

 

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

 

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

 

C:\Windows\System32\catroot2\edb.log Object is locked skipped

 

C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped

 

C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped

 

C:\Windows\System32\config\COMPONENTS Object is locked skipped

 

C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped

 

C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped

 

C:\Windows\System32\config\DEFAULT Object is locked skipped

 

C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped

 

C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped

 

C:\Windows\System32\config\SAM Object is locked skipped

 

C:\Windows\System32\config\SAM.LOG1 Object is locked skipped

 

C:\Windows\System32\config\SAM.LOG2 Object is locked skipped

 

C:\Windows\System32\config\SECURITY Object is locked skipped

 

C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped

 

C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped

 

C:\Windows\System32\config\SOFTWARE Object is locked skipped

 

C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped

 

C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped

 

C:\Windows\System32\config\SYSTEM Object is locked skipped

 

C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped

 

C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped

 

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped

 

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

 

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

 

C:\Windows\System32\config\TxR\{6ef1ac7b-10a0-11dd-bb8b-996be1558bfc}.TxR.0.regtrans-ms Object is locked skipped

 

C:\Windows\System32\config\TxR\{6ef1ac7b-10a0-11dd-bb8b-996be1558bfc}.TxR.1.regtrans-ms Object is locked skipped

 

C:\Windows\System32\config\TxR\{6ef1ac7b-10a0-11dd-bb8b-996be1558bfc}.TxR.2.regtrans-ms Object is locked skipped

 

C:\Windows\System32\config\TxR\{6ef1ac7b-10a0-11dd-bb8b-996be1558bfc}.TxR.blf Object is locked skipped

 

C:\Windows\System32\drivers\sptd.sys Object is locked skipped

 

C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped

 

C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

 

C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped

 

C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped

 

C:\Windows\System32\sysprep\Panther\diagerr.xml Object is locked skipped

 

C:\Windows\System32\sysprep\Panther\diagwrn.xml Object is locked skipped

 

C:\Windows\System32\sysprep\Panther\setupact.log Object is locked skipped

 

C:\Windows\System32\sysprep\Panther\setuperr.log Object is locked skipped

 

C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof Object is locked skipped

 

C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped

 

C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped

 

C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped

 

C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped

 

C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped

 

C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped

 

C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped

 

C:\Windows\WindowsUpdate.log Object is locked skipped

 

C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped

 

Scan process completed.

[DigRam 144]

Bom Dia! Mme.Bela

 

>@< Faça o download do a-squared Free 3.0

 

Link Opcional: < >

 

>@< Abra o programa e clique em: Atualizar agora >> Aguarde!

>@< Terminando,clique em: Analisar agora.

>@< Caso possa,procure fazer,esta análise,em Modo de Segurança!

>@< Escolha a opção: A fundo

>@< Clique em Analisar!

>@< Terminando,envie os ítens encontrados para a quarentena. << Importante!

>@< Aonde,daí,serão excluídos ou restaurados.

>@< Salve o relatório,desta verificação,e poste na sua resposta.

 

Abraços!

[Mme. Bela 0]

Boa noite, DigRam! :D

 

Durante a análise ocorreu um erro e o a-squared teve que ser fechado, ainda bem que já havia mandado os tais arquivos infectados para a a quarentena. Estou realizando nova análise, torcendo para que não ocorra novo erro. (Dedinhos cruzados!!!). Mesmo assim posto aqui o log salvo e torno a agradecer por sua enorme ajuda... Creio que até que termine todo o processo e que meu PC esteja novamente saudável ainda agradecerei umas 7657657 vezes a você :clap:

 

Abraços! :thumbsup:

 

Terminada a nova análise, e nada de novo aconteceu, ainda bem! O que devo fazer com os arquivos agora?

 

 

a-squared Free - Versão 3.5

Última atualização 24/04/2008 17:56:26

 

Configurações da análise:

 

Objetos: Memória, Rastros, Cookies, C:\

Análise de arquivos: Ligado

Heurística: Ligado

Análise de ADS: Ligado

 

Início da análise: 24/04/2008 17:57:36

 

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> DownloadAccelerator detectado: Trace.Registry.Timbuktu Pro

C:\Users\Isabela\Desktop\Panda Recos\AutoClique.exe detectado: Trojan.Win32.LowZones.by

C:\Users\Isabela\Desktop\Panda Recos\WPE PRO.exe detectado: Sniffer.Win32.WpePro.a

C:\Users\Isabela\Documents\Meus arquivos recebidos\AutoClique.rar/AutoClique.exe detectado: Trojan.Win32.LowZones.by

 

Analisado

 

Arquivos: 88174

Objetos: 317206

Cookies: 9

Processos: 51

Encontrado

 

Arquivos: 3

Objetos: 1

 

 

 

Cookies: 0

Processos: 0

Chaves do registro: 0

 

Fim da análise: 24/04/2008 18:33:13

Duração da análise: 0:35:37

 

C:\Users\Isabela\Desktop\Panda Recos\WPE PRO.exe Em quarentena Sniffer.Win32.WpePro.a

C:\Users\Isabela\Desktop\Panda Recos\AutoClique.exe Em quarentena Trojan.Win32.LowZones.by

C:\Users\Isabela\Documents\Meus arquivos recebidos\AutoClique.rar/AutoClique.exe Em quarentena Trojan.Win32.LowZones.by

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> DownloadAccelerator Em quarentena Trace.Registry.Timbuktu Pro

 

Em quarentena

 

Arquivos: 3

Objetos: 1

Cookies: 0

[DigRam 144]

Boa Noite! Mme.Bela

 

Terminada a nova análise, e nada de novo aconteceu, ainda bem! O que devo fazer com os arquivos agora

>@< Por alguns dias,deixe em quarentena estes ficheiros e,estando tudo Ok,elimine-os.

----------------------------------

>@< Faça uma busca,e delete os arquivos em destaque:

 

C:\Users\Isabela\Desktop\Panda Recos\WpeSpy.dll << Delete!

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\wpeproalpha0_9a.zip << Delete!

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\WpeSpy.dll << Delete!

 

C:\Users\Isabela\Documents\Meus arquivos recebidos\WPE PRO.exe << Delete!

----------------------------------

>@< Faça o download do TuneUp Utilities 2008.

>@< Para baixar,digite o seu E-Mail e clique em Start download.

>@< Salve o executável: TU2008TrialEN.exe,em Arquivos de Programas.

>@< O programa é Trial,mas...haverá tempo suficiente,para a otimização do computador.

>@< Procure desfragmentar o Disco e Registro.

----------------------------------

>@< O log está limpo! :thumbsup:

 

Abraços!

[Mme. Bela 0]

Caro DigRam, boa noite!

Farei isso agorinha mesmo. Obrigada mais uma vez (falei que seriam 7657657 rsrs...).

 

Abraços!!

[Mme. Bela 0]

Perfeito, DigRam!

O meu PC voltou à normalidade!

 

7657655 x OBRIGADA! :clap: :thumbsup:

Abraços!

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o Tópico seja reaberto é preciso enviar uma Mensagem Privada,para um Moderador,com um Link para o Tópico.