[Resolvido!] Infectado por diversos virus do tipo bagle e outros

alves.2010 · Fevereiro 26, 2010

1.

*Acesse a pasta C:\Program Files\AskBarDis

*Localize o arquivo uninstall.exe

*Execute-o para a desinstalação do programa.

2.

*Execute novamente o AD-Remover

*Tecle D > [ENTER]

3.

*Baixe o HJTScanList'>http://www.hijackthis-forum.de/attachment.php?attachmentid=3412&d=1202937977"]HJTScanList e salve-o no desktop

*Extraia o seu conteúdo para o desktop

*Duplo clique em hjtscanlist.bat

*Tecle V > [ENTER]

*Tecle 1 > [ENTER]

*Selecione (Ctrl+A), copie (Ctrl+C) e cole (Ctrl+V) o relatório na sua próxima resposta.

Feito as etapas acima, agora segue abaixo o log:

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

º º

hjtscanlist v2.0

º º

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [versÆo 6.0.6002]

C:

26/02/2010 13:13 C:\Ad-Remover --------- 16384

C:\hiberfil.sys ---------

C:\pagefile.sys ---------

25/02/2010 23:47 C:\Program Files --------- 20480

24/02/2010 20:25 C:\ProgramData --------- 12288

24/02/2010 19:52 C:\Windows --------- 32768

24/02/2010 19:31 C:\Ad-Report-SCAN[2].log --------- 4595

24/02/2010 19:14 C:\Ad-Report-SCAN[1].log --------- 555

24/02/2010 19:12 C:\FyK --------- 4096

24/02/2010 17:59 C:\Hijackthis --------- 0

24/02/2010 16:17 C:\komboFix28887k --------- 0

24/02/2010 16:17 C:\QooBox --------- 4096

24/02/2010 16:17 C:\ComboFix.txt --------- 13415

24/02/2010 16:15 C:\$RECYCLE.BIN --------- 0

24/02/2010 15:56 C:\comboFix --------- 0

22/02/2010 01:20 C:\System Volume Information --------- 28672

07/07/2009 18:01 C:\Boot --------- 4096

11/04/2009 03:36 C:\bootmgr --------- 333257

10/09/2008 18:07 C:\logs --------- 0

10/09/2008 18:01 C:\Drivers --------- 4096

22/05/2008 14:56 C:\327882R2FWJFW --------- 0

14/05/2008 11:54 C:\KomboFix --------- 32768

12/05/2008 14:18 C:\PerfLogs --------- 0

16/03/2008 00:59 C:\Intel --------- 0

10/02/2008 14:28 C:\~MSSETUP.T --------- 0

09/02/2008 23:27 C:\IO.SYS --------- 0

09/02/2008 23:27 C:\MSDOS.SYS --------- 0

09/02/2008 14:37 C:\Users --------- 4096

30/10/2007 07:57 C:\Arquivos de programas --------- 0

30/10/2007 07:47 C:\BOOTSECT.BAK --------- 8192

02/11/2006 10:02 C:\Documents and Settings --------- 0

18/09/2006 18:43 C:\config.sys --------- 10

18/09/2006 18:43 C:\autoexec.bat --------- 24

----------------------------------------

C:\Windows

26/02/2010 11:19 C:\Windows\WindowsUpdate.log --------- 1981268

26/02/2010 11:07 C:\Windows\bootstat.dat --------- 67584

24/02/2010 16:11 C:\Windows\system.ini --------- 215

09/12/2009 22:54 C:\Windows\PEV.exe --------- 261632

25/10/2009 06:11 C:\Windows\MBR.exe --------- 77312

20/10/2009 10:54 C:\Windows\win.ini --------- 240

10/07/2009 11:25 C:\Windows\WLXPGSS.SCR --------- 307056

20/04/2009 12:56 C:\Windows\NIRCMD.exe --------- 31232

11/04/2009 03:27 C:\Windows\explorer.exe --------- 2926592

05/09/2008 13:21 C:\Windows\Irremote.ini --------- 0

05/06/2008 13:41 C:\Windows\NeroDigital.ini --------- 69

12/05/2008 14:37 C:\Windows\WindowsShell.Manifest --------- 749

08/04/2008 20:08 C:\Windows\wininit.ini --------- 66

06/03/2008 02:07 C:\Windows\SIERRA.INI --------- 480

28/02/2008 17:38 C:\Windows\UNNeroMediaHome.exe --------- 972072

26/02/2008 16:14 C:\Windows\UNRecode.exe --------- 972072

12/02/2008 22:43 C:\Windows\ODBC.INI --------- 418

19/01/2008 04:33 C:\Windows\regedit.exe --------- 134656

19/01/2008 04:33 C:\Windows\notepad.exe --------- 151040

19/01/2008 04:33 C:\Windows\HelpPane.exe --------- 498176

19/01/2008 04:33 C:\Windows\fveupdate.exe --------- 13312

19/01/2008 04:33 C:\Windows\bfsvc.exe --------- 58880

30/10/2007 09:44 C:\Windows\cceinfo.txt --------- 237

30/10/2007 08:41 C:\Windows\DIFxAPI.dll --------- 319456

30/10/2007 08:37 C:\Windows\HideWin.exe --------- 315392

11/10/2007 11:04 C:\Windows\SkyTel.exe --------- 1826816

11/10/2007 10:53 C:\Windows\RtHDVCpl.exe --------- 4702208

12/09/2007 19:13 C:\Windows\CMICARDREADER.INI --------- 112

22/08/2007 11:43 C:\Windows\CmUCREye.exe --------- 327680

07/08/2007 15:10 C:\Windows\ccetheme.Theme --------- 6147

26/07/2007 18:06 C:\Windows\RtlUpd.exe --------- 1191936

26/07/2007 17:09 C:\Windows\RtlExUpd.dll --------- 520192

24/04/2007 16:30 C:\Windows\AVISOFIM.CMD --------- 585

20/03/2007 20:22 C:\Windows\UNNeroBackItUp.exe --------- 972336

14/02/2007 16:04 C:\Windows\CmiUCRUninstall.exe --------- 311296

14/02/2007 16:03 C:\Windows\CmiUCRUninstall_x64.exe --------- 464384

12/02/2007 14:08 C:\Windows\cmiboot.exe --------- 65536

02/11/2006 09:32 C:\Windows\WMSysPr9.prx --------- 316640

02/11/2006 09:31 C:\Windows\twunk_16.exe --------- 49680

02/11/2006 09:31 C:\Windows\twunk_32.exe --------- 31232

02/11/2006 09:31 C:\Windows\twain_32.dll --------- 50688

02/11/2006 09:31 C:\Windows\twain.dll --------- 94784

02/11/2006 06:45 C:\Windows\winhlp32.exe --------- 9216

02/11/2006 06:45 C:\Windows\hh.exe --------- 14848

02/11/2006 04:46 C:\Windows\mib.bin --------- 43131

19/09/2006 08:41 C:\Windows\Starter.xml --------- 9757

18/09/2006 18:43 C:\Windows\_default.pif --------- 707

18/09/2006 18:43 C:\Windows\winhelp.exe --------- 256192

18/09/2006 18:30 C:\Windows\msdfmap.ini --------- 1405

15/09/2005 13:35 C:\Windows\UNNeroMediaHome.cfg --------- 50

30/08/2005 20:36 C:\Windows\UNRecode.cfg --------- 50

30/08/2005 20:33 C:\Windows\UNNeroBackItUp.cfg --------- 50

28/08/2004 02:41 C:\Windows\winpos.exe --------- 110592

31/08/2000 08:00 C:\Windows\zip.exe --------- 68096

31/08/2000 08:00 C:\Windows\SWREG.exe --------- 161792

31/08/2000 08:00 C:\Windows\sed.exe --------- 98816

31/08/2000 08:00 C:\Windows\grep.exe --------- 80412

31/08/2000 08:00 C:\Windows\SWXCACLS.exe --------- 212480

31/08/2000 08:00 C:\Windows\SWSC.exe --------- 136704

29/10/1998 16:45 C:\Windows\IsUninst.exe --------- 306688

23/01/1998 12:21 C:\Windows\IsUn0416.exe --------- 305664

05/11/1996 15:13 C:\Windows\uninst.exe --------- 299008

----------------------------------------

C:\Windows\System

02/11/2006 09:31 C:\Windows\System\mciwave.drv --------- 28160

02/11/2006 09:31 C:\Windows\System\mciseq.drv --------- 25264

02/11/2006 09:31 C:\Windows\System\avifile.dll --------- 109456

02/11/2006 09:31 C:\Windows\System\avicap.dll --------- 69584

02/11/2006 09:31 C:\Windows\System\mciavi.drv --------- 73376

02/11/2006 09:31 C:\Windows\System\msvideo.dll --------- 126912

02/11/2006 04:10 C:\Windows\System\OLESVR.DLL --------- 24064

02/11/2006 04:10 C:\Windows\System\WFWNET.DRV --------- 12704

02/11/2006 04:10 C:\Windows\System\COMMDLG.DLL --------- 32816

02/11/2006 04:10 C:\Windows\System\TIMER.DRV --------- 4048

02/11/2006 04:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992

02/11/2006 04:10 C:\Windows\System\mmtask.tsk --------- 1152

02/11/2006 04:10 C:\Windows\System\mouse.drv --------- 2032

02/11/2006 04:10 C:\Windows\System\vga.drv --------- 2176

02/11/2006 04:10 C:\Windows\System\sound.drv --------- 1744

02/11/2006 04:10 C:\Windows\System\keyboard.drv --------- 2000

02/11/2006 04:10 C:\Windows\System\SHELL.DLL --------- 5120

02/11/2006 04:10 C:\Windows\System\system.drv --------- 3360

18/09/2006 18:43 C:\Windows\System\ver.dll --------- 9008

18/09/2006 18:43 C:\Windows\System\olecli.dll --------- 82944

18/09/2006 18:43 C:\Windows\System\lzexpand.dll --------- 9936

18/09/2006 18:35 C:\Windows\System\stdole.tlb --------- 5532

----------------------------------------

C:\Windows\System32

26/02/2010 13:07 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3168

26/02/2010 13:07 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3168

26/02/2010 11:12 C:\Windows\system32\OSSService.log --------- 5162

24/02/2010 22:23 C:\Windows\system32\drivers --------- 57344

24/02/2010 18:22 C:\Windows\system32\catroot2 --------- 8192

24/02/2010 01:32 C:\Windows\system32\prfc0416.dat --------- 121294

24/02/2010 01:32 C:\Windows\system32\prfh0416.dat --------- 632766

24/02/2010 01:32 C:\Windows\system32\perfh009.dat --------- 585914

24/02/2010 01:32 C:\Windows\system32\perfc009.dat --------- 100718

24/02/2010 01:32 C:\Windows\system32\PerfStringBackup.INI --------- 1441484

22/02/2010 14:33 C:\Windows\system32\ShellExt --------- 0

11/02/2010 12:11 C:\Windows\system32\catroot --------- 0

04/02/2010 14:19 C:\Windows\system32\migration --------- 0

01/02/2010 16:26 C:\Windows\system32\mrt.exe --------- 30364104

31/01/2010 12:53 C:\Windows\system32\FNTCACHE.DAT --------- 1587272

14/01/2010 10:12 C:\Windows\system32\MpSigStub.exe --------- 181120

02/01/2010 03:38 C:\Windows\system32\wininet.dll --------- 916480

02/01/2010 03:38 C:\Windows\system32\urlmon.dll --------- 1208832

02/01/2010 03:36 C:\Windows\system32\occache.dll --------- 206848

02/01/2010 03:33 C:\Windows\system32\mshtml.dll --------- 5942784

02/01/2010 03:33 C:\Windows\system32\msfeeds.dll --------- 594432

02/01/2010 03:33 C:\Windows\system32\msfeedsbs.dll --------- 55296

02/01/2010 03:32 C:\Windows\system32\jsproxy.dll --------- 25600

02/01/2010 03:32 C:\Windows\system32\inetcpl.cpl --------- 1469440

02/01/2010 03:32 C:\Windows\system32\ieui.dll --------- 164352

02/01/2010 03:32 C:\Windows\system32\iesysprep.dll --------- 109056

02/01/2010 03:32 C:\Windows\system32\iesetup.dll --------- 71680

02/01/2010 03:32 C:\Windows\system32\iertutil.dll --------- 1985536

02/01/2010 03:32 C:\Windows\system32\iernonce.dll --------- 55808

02/01/2010 03:32 C:\Windows\system32\iepeers.dll --------- 184320

02/01/2010 03:32 C:\Windows\system32\ieframe.dll --------- 11070464

02/01/2010 03:32 C:\Windows\system32\iedkcs32.dll --------- 387584

02/01/2010 01:57 C:\Windows\system32\ieUnatt.exe --------- 133632

02/01/2010 01:56 C:\Windows\system32\ie4uinit.exe --------- 173056

02/01/2010 01:56 C:\Windows\system32\msfeedssync.exe --------- 13312

02/01/2010 01:55 C:\Windows\system32\mshtml.tlb --------- 1638912

27/12/2009 12:02 C:\Windows\system32\config.nt --------- 2577

10/12/2009 23:16 C:\Windows\system32\pt-BR --------- 241664

08/12/2009 17:01 C:\Windows\system32\ntkrnlpa.exe --------- 3600456

08/12/2009 17:01 C:\Windows\system32\ntoskrnl.exe --------- 3548216

04/12/2009 15:30 C:\Windows\system32\tsbyuv.dll --------- 12288

04/12/2009 15:29 C:\Windows\system32\quartz.dll --------- 1314816

04/12/2009 15:28 C:\Windows\system32\msyuv.dll --------- 22528

04/12/2009 15:28 C:\Windows\system32\msvidc32.dll --------- 31744

04/12/2009 15:28 C:\Windows\system32\msvfw32.dll --------- 123904

04/12/2009 15:28 C:\Windows\system32\msrle32.dll --------- 13312

04/12/2009 15:28 C:\Windows\system32\mciavi32.dll --------- 82944

04/12/2009 15:28 C:\Windows\system32\iyuv_32.dll --------- 50176

04/12/2009 15:27 C:\Windows\system32\avifil32.dll --------- 91136

09/11/2009 14:54 C:\Windows\system32\Tasks --------- 4096

09/11/2009 14:46 C:\Windows\system32\wbem --------- 57344

09/11/2009 14:46 C:\Windows\system32\it-IT --------- 0

09/11/2009 14:46 C:\Windows\system32\bg-BG --------- 0

09/11/2009 14:46 C:\Windows\system32\pt-PT --------- 0

09/11/2009 14:46 C:\Windows\system32\he-IL --------- 0

09/11/2009 14:46 C:\Windows\system32\uk-UA --------- 0

09/11/2009 14:46 C:\Windows\system32\pl-PL --------- 0

09/11/2009 14:46 C:\Windows\system32\ko-KR --------- 0

09/11/2009 14:46 C:\Windows\system32\hr-HR --------- 0

09/11/2009 14:46 C:\Windows\system32\hu-HU --------- 0

09/11/2009 14:46 C:\Windows\system32\sl-SI --------- 0

09/11/2009 14:46 C:\Windows\system32\zh-HK --------- 0

09/11/2009 14:46 C:\Windows\system32\el-GR --------- 0

09/11/2009 14:46 C:\Windows\system32\nl-NL --------- 0

09/11/2009 14:46 C:\Windows\system32\fr-FR --------- 0

09/11/2009 14:46 C:\Windows\system32\fi-FI --------- 0

09/11/2009 14:46 C:\Windows\system32\sr-Latn-CS --------- 0

09/11/2009 14:46 C:\Windows\system32\tr-TR --------- 0

09/11/2009 14:46 C:\Windows\system32\sv-SE --------- 0

09/11/2009 14:46 C:\Windows\system32\th-TH --------- 0

09/11/2009 14:46 C:\Windows\system32\es-ES --------- 0

09/11/2009 14:46 C:\Windows\system32\lv-LV --------- 0

09/11/2009 14:46 C:\Windows\system32\sk-SK --------- 0

09/11/2009 14:46 C:\Windows\system32\lt-LT --------- 0

09/11/2009 14:46 C:\Windows\system32\zh-TW --------- 0

09/11/2009 14:46 C:\Windows\system32\de-DE --------- 0

09/11/2009 14:46 C:\Windows\system32\et-EE --------- 0

09/11/2009 14:46 C:\Windows\system32\cs-CZ --------- 0

09/11/2009 14:46 C:\Windows\system32\ja-JP --------- 0

09/11/2009 14:46 C:\Windows\system32\zh-CN --------- 0

09/11/2009 14:46 C:\Windows\system32\ro-RO --------- 0

09/11/2009 14:46 C:\Windows\system32\ar-SA --------- 0

09/11/2009 14:46 C:\Windows\system32\nb-NO --------- 0

09/11/2009 14:46 C:\Windows\system32\ru-RU --------- 0

09/11/2009 14:46 C:\Windows\system32\da-DK --------- 0

09/11/2009 14:46 C:\Windows\system32\en-US --------- 24576

03/11/2009 18:43 C:\Windows\system32\nshhttp.dll --------- 24064

03/11/2009 18:42 C:\Windows\system32\httpapi.dll --------- 30720

29/10/2009 06:17 C:\Windows\system32\tzres.dll --------- 2048

26/10/2009 13:49 C:\Windows\system32\sm56co85.txt --------- 516096

23/10/2009 14:10 C:\Windows\system32\timedate.cpl --------- 714240

19/10/2009 10:38 C:\Windows\system32\t2embed.dll --------- 156672

19/10/2009 10:35 C:\Windows\system32\fontsub.dll --------- 72704

08/10/2009 18:08 C:\Windows\system32\UIAutomationCore.dll --------- 555520

08/10/2009 18:08 C:\Windows\system32\oleacc.dll --------- 234496

08/10/2009 18:07 C:\Windows\system32\oleaccrc.dll --------- 4096

07/10/2009 08:36 C:\Windows\system32\rastls.dll --------- 243712

30/09/2009 22:02 C:\Windows\system32\wpdshext.dll --------- 2537472

30/09/2009 22:02 C:\Windows\system32\WPDShextAutoplay.exe --------- 30208

30/09/2009 22:02 C:\Windows\system32\PortableDeviceApi.dll --------- 334848

----------------------------------------

C:\Windows\Prefetch

----------------------------------------

C:\Windows\Tasks

26/02/2010 12:45 C:\Windows\Tasks\User_Feed_Synchronization-{A7122E6C-F1DC-4A2E-918C-1D5D9B153B37}.job --------- 432

26/02/2010 12:23 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1032

26/02/2010 11:08 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1028

26/02/2010 11:07 C:\Windows\Tasks\GlaryInitialize.job --------- 324

26/02/2010 11:07 C:\Windows\Tasks\SA.DAT --------- 6

26/02/2010 03:09 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32602

----------------------------------------

C:\Windows\Temp

26/02/2010 11:08 C:\Windows\Temp\AskBarDis --------- 0

24/02/2010 16:20 C:\Windows\Temp\WER508B.tmp.hdmp --------- 0

24/02/2010 16:20 C:\Windows\Temp\WER4FBF.tmp.appcompat.txt --------- 18812

24/02/2010 16:20 C:\Windows\Temp\WER4FAF.tmp.version.txt --------- 458

----------------------------------------

C:\Users\ANDREH~1\AppData\Local\Temp

26/02/2010 13:13 C:\Users\ANDREH~1\AppData\Local\Temp\Low --------- 0

26/02/2010 13:13 C:\Users\ANDREH~1\AppData\Local\Temp\~nsu.tmp --------- 0

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFAE2.tmp --------- 512

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFAC2.tmp --------- 49152

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFA82.tmp --------- 512

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFA77.tmp --------- 16384

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFA24.tmp --------- 512

26/02/2010 13:11 C:\Users\ANDREH~1\AppData\Local\Temp\~DFA19.tmp --------- 49152

26/02/2010 13:10 C:\Users\ANDREH~1\AppData\Local\Temp\~DFC2C0.tmp --------- 24576

26/02/2010 13:10 C:\Users\ANDREH~1\AppData\Local\Temp\~DFB916.tmp --------- 16384

26/02/2010 12:08 C:\Users\ANDREH~1\AppData\Local\Temp\MessengerCache --------- 20480

26/02/2010 11:13 C:\Users\ANDREH~1\AppData\Local\Temp\jusched.log --------- 2414

26/02/2010 11:11 C:\Users\ANDREH~1\AppData\Local\Temp\WPDNSE --------- 0

26/02/2010 11:07 C:\Users\ANDREH~1\AppData\Local\Temp\Andreh Alves.bmp --------- 31832

25/02/2010 14:06 C:\Users\ANDREH~1\AppData\Local\Temp\~WRS0001.tmp --------- 122610

25/02/2010 14:05 C:\Users\ANDREH~1\AppData\Local\Temp\~WRS0003.tmp --------- 43520

25/02/2010 14:01 C:\Users\ANDREH~1\AppData\Local\Temp\~DI2511.tmp --------- 0

25/02/2010 14:01 C:\Users\ANDREH~1\AppData\Local\Temp\~WRF0002.tmp --------- 131072

25/02/2010 14:00 C:\Users\ANDREH~1\AppData\Local\Temp\~WRD0001.doc --------- 37157

25/02/2010 13:59 C:\Users\ANDREH~1\AppData\Local\Temp\~WRC0000.tmp --------- 29696

25/02/2010 13:57 C:\Users\ANDREH~1\AppData\Local\Temp\~WRF0005.tmp --------- 131072

25/02/2010 13:56 C:\Users\ANDREH~1\AppData\Local\Temp\~WRD0004.doc --------- 37157

25/02/2010 13:56 C:\Users\ANDREH~1\AppData\Local\Temp\Word8.0 --------- 0

25/02/2010 13:54 C:\Users\ANDREH~1\AppData\Local\Temp\~DI993A.tmp --------- 0

24/02/2010 20:26 C:\Users\ANDREH~1\AppData\Local\Temp\~DF7F88.tmp --------- 311296

24/02/2010 18:32 C:\Users\ANDREH~1\AppData\Local\Temp\nro.log --------- 0

25/07/2009 15:59 C:\Users\ANDREH~1\AppData\Local\Temp\_iu14D2N.tmp --------- 695206

21/05/2009 13:25 C:\Users\ANDREH~1\AppData\Local\Temp\lilo3 --------- 1024

21/05/2009 13:25 C:\Users\ANDREH~1\AppData\Local\Temp\lilo2 --------- 1024

----------------------------------------

C:\Program Files

26/02/2010 13:10 C:\Program Files\AskBarDis --------- 0

25/02/2010 23:47 C:\Program Files\ESET --------- 0

24/02/2010 20:25 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096

24/02/2010 16:05 C:\Program Files\Common Files --------- 4096

22/02/2010 01:21 C:\Program Files\Avira --------- 0

11/02/2010 12:04 C:\Program Files\Windows Mail --------- 4096

04/02/2010 14:18 C:\Program Files\Internet Explorer --------- 4096

04/02/2010 12:28 C:\Program Files\Microsoft Silverlight --------- 4096

27/01/2010 23:29 C:\Program Files\Google --------- 4096

27/12/2009 12:01 C:\Program Files\Alwil Software --------- 0

16/11/2009 22:19 C:\Program Files\Windows Live --------- 4096

16/11/2009 22:16 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0

16/11/2009 22:16 C:\Program Files\Microsoft --------- 0

16/11/2009 22:15 C:\Program Files\Windows Live SkyDrive --------- 0

09/11/2009 14:46 C:\Program Files\Windows Portable Devices --------- 0

09/11/2009 13:37 C:\Program Files\Windows Media Player --------- 4096

14/10/2009 16:42 C:\Program Files\Messenger Plus Live --------- 4096

27/08/2009 12:11 C:\Program Files\Glary Utilities --------- 16384

27/08/2009 11:46 C:\Program Files\CCleaner --------- 0

21/07/2009 19:23 C:\Program Files\Real --------- 0

07/07/2009 17:48 C:\Program Files\Windows Calendar --------- 0

07/07/2009 17:48 C:\Program Files\Movie Maker --------- 4096

07/07/2009 17:48 C:\Program Files\Windows Sidebar --------- 4096

07/07/2009 17:48 C:\Program Files\Windows Photo Gallery --------- 4096

07/07/2009 17:48 C:\Program Files\Windows Defender --------- 4096

25/05/2009 10:23 C:\Program Files\Lx_cats --------- 4096

20/05/2009 19:39 C:\Program Files\Java --------- 4096

22/04/2009 02:36 C:\Program Files\ICQ --------- 32768

06/04/2009 18:26 C:\Program Files\DAP --------- 0

06/04/2009 18:03 C:\Program Files\InstallShield Installation Information --------- 0

15/12/2008 15:19 C:\Program Files\AVEO --------- 0

06/12/2008 22:42 C:\Program Files\Rockstar Games --------- 0

30/11/2008 13:18 C:\Program Files\rFactor --------- 0

29/10/2008 19:33 C:\Program Files\RadLight Company --------- 0

29/10/2008 12:15 C:\Program Files\AC3Filter --------- 4096

10/09/2008 18:04 C:\Program Files\Lexmark 1300 Series --------- 65536

10/09/2008 18:03 C:\Program Files\Lexmark Toolbar --------- 0

02/09/2008 15:27 C:\Program Files\Adobe --------- 4096

02/09/2008 15:25 C:\Program Files\Bonjour --------- 0

11/08/2008 09:47 C:\Program Files\DivX --------- 8192

08/07/2008 01:17 C:\Program Files\cdTree --------- 4096

08/07/2008 00:58 C:\Program Files\Megacubo --------- 4096

04/06/2008 13:37 C:\Program Files\SopCast --------- 0

22/05/2008 14:35 C:\Program Files\eMule --------- 4096

12/05/2008 14:37 C:\Program Files\desktop.ini --------- 174

25/04/2008 11:43 C:\Program Files\MSXML 4.0 --------- 0

04/04/2008 17:58 C:\Program Files\NeroInstall.bak --------- 0

04/04/2008 17:47 C:\Program Files\Nero --------- 0

01/04/2008 10:42 C:\Program Files\Red Storm Entertainment --------- 0

26/02/2008 19:25 C:\Program Files\Xvid --------- 4096

12/02/2008 22:40 C:\Program Files\Microsoft Office --------- 4096

11/02/2008 10:34 C:\Program Files\WinRAR --------- 4096

11/02/2008 10:28 C:\Program Files\WinZip --------- 4096

09/02/2008 23:27 C:\Program Files\Electronic Arts --------- 0

30/10/2007 08:48 C:\Program Files\C-Media USB2.0 Card Reader --------- 4096

30/10/2007 08:41 C:\Program Files\Realtek --------- 0

30/10/2007 07:57 C:\Program Files\Windows NT --------- 4096

30/10/2007 07:57 C:\Program Files\Arquivos Comuns --------- 0

30/10/2007 07:51 C:\Program Files\Motorola --------- 0

26/09/2007 15:26 C:\Program Files\Synaptics --------- 0

02/11/2006 10:02 C:\Program Files\Uninstall Information --------- 0

02/11/2006 09:33 C:\Program Files\Microsoft Games --------- 4096

02/11/2006 09:33 C:\Program Files\Reference Assemblies --------- 0

02/11/2006 09:33 C:\Program Files\MSBuild --------- 0

----------------------------------------

C:\ProgramData\..

Public

Andreh Alves

desktop.ini

Default

Default User

All Users

----------------------------------------

C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

----------------------------------------

Nome da imagem Identifi Nome da sessÆo SessÆo# Uso de mem¢r

========================= ======== ================ =========== ============

System Idle Process 0 Services 0 24 K

System 4 Services 0 2.144 K

smss.exe 416 Services 0 536 K

csrss.exe 500 Services 0 4.140 K

wininit.exe 544 Services 0 3.072 K

csrss.exe 552 Console 1 11.732 K

winlogon.exe 600 Console 1 4.200 K

services.exe 632 Services 0 5.184 K

lsass.exe 648 Services 0 3.408 K

lsm.exe 656 Services 0 3.056 K

svchost.exe 816 Services 0 4.944 K

svchost.exe 888 Services 0 5.752 K

svchost.exe 924 Services 0 22.432 K

svchost.exe 1008 Services 0 10.636 K

svchost.exe 1084 Services 0 51.948 K

svchost.exe 1100 Services 0 21.360 K

audiodg.exe 1172 Services 0 13.464 K

svchost.exe 1196 Services 0 3.636 K

SLsvc.exe 1212 Services 0 3.016 K

svchost.exe 1232 Services 0 8.196 K

svchost.exe 1412 Services 0 14.964 K

spoolsv.exe 1620 Services 0 6.472 K

dwm.exe 1708 Console 1 3.568 K

explorer.exe 1736 Console 1 45.396 K

sched.exe 1752 Services 0 952 K

taskeng.exe 1772 Services 0 4.964 K

svchost.exe 1788 Services 0 8.128 K

MSASCui.exe 1872 Console 1 6.432 K

RtHDVCpl.exe 1880 Console 1 5.064 K

igfxtray.exe 1896 Console 1 3.524 K

hkcmd.exe 1904 Console 1 3.912 K

igfxpers.exe 1912 Console 1 3.236 K

lxdcamon.exe 1920 Console 1 6.772 K

jusched.exe 1928 Console 1 2.984 K

sm56hlpr.exe 1936 Console 1 4.128 K

avgnt.exe 1952 Console 1 3.264 K

sidebar.exe 1960 Console 1 20.620 K

igfxsrvc.exe 896 Console 1 4.212 K

taskeng.exe 1152 Console 1 8.576 K

CmUCREye.exe 1800 Console 1 4.184 K

GoogleUpdate.exe 1696 Services 0 1.440 K

avguard.exe 2304 Services 0 16.008 K

mDNSResponder.exe 2356 Services 0 3.464 K

lxdccoms.exe 2424 Services 0 3.100 K

IoctlSvc.exe 2516 Services 0 2.268 K

pmservice.exe 2552 Services 0 2.608 K

svchost.exe 2592 Services 0 4.388 K

svchost.exe 2628 Services 0 3.252 K

SearchIndexer.exe 2684 Services 0 18.444 K

WUDFHost.exe 3052 Services 0 3.092 K

mobsync.exe 3724 Console 1 5.224 K

wuauclt.exe 700 Console 1 4.136 K

unsecapp.exe 3016 Console 1 4.216 K

WmiPrvSE.exe 2792 Services 0 5.120 K

msnmsgr.exe 3760 Console 1 29.572 K

wlcomm.exe 2484 Console 1 25.216 K

conime.exe 1544 Console 1 3.504 K

iexplore.exe 3508 Console 1 28.668 K

iexplore.exe 1836 Console 1 63.360 K

FlashUtil10b.exe 3812 Console 1 4.928 K

SearchProtocolHost.exe 2248 Services 0 9.092 K

WmiPrvSE.exe 1312 Services 0 6.288 K

cmd.exe 2332 Console 1 2.732 K

SearchFilterHost.exe 3720 Services 0 4.176 K

dllhost.exe 1968 Console 1 4.156 K

tasklist.exe 3892 Console 1 4.552 K

***** Ende des Scans 26/02/2010 um 13:16:17,56 ***

wings · Fevereiro 26, 2010

Não encontrei nenhum arquivo malicioso, nem sequer contaminação por Bagle.

1.

*Delete o programa HJTScanList.

2.

*Desative seu antivírus temporariamente, conforme orientei anteriormente

*Faça um scan online em http://www.kaspersky.com/kos/eng/partner/default/pages/default/check.html?n=1266884657179 seguindo os passos abaixo e cole o resultado aqui no fórum.

alves.2010 · Fevereiro 26, 2010

Não encontrei nenhum arquivo malicioso, nem sequer contaminação por Bagle.

1.

*Delete o programa HJTScanList.

2.

*Desative seu antivírus temporariamente, conforme orientei anteriormente

*Faça um scan online em http://www.kaspersky.com/kos/eng/partner/default/pages/default/check.html?n=1266884657179 seguindo os passos abaixo e cole o resultado aqui no fórum.

Fala Wings, excelente não ter encontrado nada mas será que não esta sendo encontrado nada porque todos os arquivos maliciosos (pelo menos os do tipo Bagle) foram encontrados e postos em quarentena pelo AVIRA ? porque quando acesso a quarentena dele encontro os 87 arquivos infectados ainda lá.

Será que pode ser isto ?

Vou fazer este escaneamento do KASPERSKY e já posto aqui !

wings · Fevereiro 26, 2010

Fala Wings, excelente não ter encontrado nada mas será que não esta sendo encontrado nada porque todos os arquivos maliciosos (pelo menos os do tipo Bagle) foram encontrados e postos em quarentena pelo AVIRA ? porque quando acesso a quarentena dele encontro os 87 arquivos infectados ainda lá.

Será que pode ser isto ?

Basta limpar a quarentena do AVIRA.

alves.2010 · Fevereiro 26, 2010

Fala Wings, excelente não ter encontrado nada mas será que não esta sendo encontrado nada porque todos os arquivos maliciosos (pelo menos os do tipo Bagle) foram encontrados e postos em quarentena pelo AVIRA ? porque quando acesso a quarentena dele encontro os 87 arquivos infectados ainda lá.

Será que pode ser isto ?

Basta limpar a quarentena do AVIRA.

Wings, segue abaixo o log do KAPERSKY:

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7.0: scan report

Friday, February 26, 2010

Operating system: Microsoft Windows Vista Starter Edition, 32-bit Service Pack 2 (build 6002)

Kaspersky Online Scanner version: 7.0.26.13

Last database update: Friday, February 26, 2010 10:09:37

Records in database: 3651045

--------------------------------------------------------------------------------

Scan settings:

scan using the following database: extended

Scan archives: yes

Scan e-mail databases: yes

Scan area - My Computer:

C:\

D:\

E:\

F:\

H:\

I:\

Scan statistics:

Objects scanned: 153400

Threats found: 1

Infected objects found: 1

Suspicious objects found: 0

Scan duration: 02:59:55

File name / Threat / Threats count

C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp 1

Selected area has been scanned.

wings · Fevereiro 27, 2010

C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp 1

Isso indica que você tem ainda o Combofix instalado no PC.

*Clique em [iniciar] > [Executar] > digite: Combofix /uninstall

*Clique [OK]

*Clique em [Executar]

*Aguarde até surgir a mensagem: "ComboFix está desinstalado"

*Clique [OK]

O PC está limpo.

Um abraço.

wings · Março 1, 2010

PROBLEMA RESOLVIDO!

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Entrar

Arquivado

[Resolvido!] Infectado por diversos virus do tipo bagle e outros

Recommended Posts

alves.2010 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

alves.2010 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

alves.2010 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Fixar div até atingir uma certa altura

Ajuda com Extends e envio para o banco

PHP+Codeginiter - Orientação para Impressão

Este projeto é apoiado pelas empresas

Fóruns

Tempo Real

Informação importante