Author Topic: Remover Win32:BitCoinMiner-CA  (Read 4869 times)

0 Members and 1 Guest are viewing this topic.

Akariam

  • Guest
Remover Win32:BitCoinMiner-CA
« on: September 22, 2013, 10:09:06 PM »
Há alguns dias o meu Avast começou a emitir um aviso da quarentena, é o seguinte:
Nome do arquivo: wuaudit.exe
Pasta de Origem: C:\Users\xxxx\AppData\Local\Temp\iswizard
Vírus: Win32:BitCoinMiner-ca

Ao executar um escaneamento com o Avast o mesmo detectou tal vírus, porem não consegue remove-lo, e volta e meia ele volta a cair em quarentena, sem contar que constantemente o avast está a detectar novos virus..
Eu gostaria de ajudar para remover este vírus

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Remover Win32:BitCoinMiner-CA
« Reply #1 on: September 22, 2013, 10:32:26 PM »
Download OTL  to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.


  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post  both logs

Akariam

  • Guest
Re: Remover Win32:BitCoinMiner-CA
« Reply #2 on: September 22, 2013, 10:53:47 PM »
Logs

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Remover Win32:BitCoinMiner-CA
« Reply #3 on: September 22, 2013, 10:59:19 PM »
This should fix it, let me know please

 Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:Commands
[CREATERESTOREPOINT]

:OTL
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
[2013/06/30 05:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Jhones\AppData\Roaming\Mozilla\Firefox\Profiles\gjvf2rrw.default\extensions\trtv3@trtv.com.xpi
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
[2013/05/06 20:11:02 | 000,000,000 | ---D | M] -- C:\Users\Jhones\AppData\Roaming\Funmoods
[2013/07/10 00:41:37 | 000,000,000 | ---D | M] -- C:\Users\Jhones\AppData\Roaming\DSite

:Files
C:\Users\Jhones\AppData\Local\Temp\iswizard

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Akariam

  • Guest
Re: Remover Win32:BitCoinMiner-CA
« Reply #4 on: September 22, 2013, 11:23:21 PM »
me desculpe, mas eu não consegui localizar o local onde ele salvou o log que ele gerou após terminar o processo, eu acabei por fechar ele quando o sistema terminou de reinicializar pois achei que ele já estivesse salvo, posso repetir o processo para gerar um novo log?

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Remover Win32:BitCoinMiner-CA
« Reply #5 on: September 22, 2013, 11:36:02 PM »
Não tem problema uma verificação rápida fresco deve ser suficiente. Também Avast não deve mais ser alertando .

Akariam

  • Guest
Re: Remover Win32:BitCoinMiner-CA
« Reply #6 on: September 23, 2013, 12:03:30 AM »
Bem, sendo assim, Muito Obrigado pela ajuda amigo!
eu coloquei em anexo o log de uma verificação rápida do OTL, eu não sabia se esta necessário, mas enfim, ta aí caso necessite.
Novamente muito obrigado, você me ajudou muito!

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: Remover Win32:BitCoinMiner-CA
« Reply #7 on: September 23, 2013, 12:11:26 AM »
Agradeço pela ajuda Essexboy. :)
ele  irá voltar para dar continuidade as instruções se for necessario.
se você quiser volte mais tarde
« Last Edit: September 23, 2013, 12:13:29 AM by jefferson santiag »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Remover Win32:BitCoinMiner-CA
« Reply #8 on: September 23, 2013, 03:54:15 PM »
Não tem problema, se ele está feliz, então eu também sou