[Arquivado] &nbspAnalise de Log

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Versão da Base de Dados: 6253

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

3/4/2011 02:38:39

mbam-log-2011-04-03 (02-38-39).txt

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 218891

Tempo decorrido: 44 minuto(s), 39 segundo(s)

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 1

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 1

Arquivos Infectados: 22

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

Valores de Registro Infectados:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdVantage (Adware.Vomba) -> Value: AdVantage -> Quarantined and deleted successfully.

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

Pastas Infectadas:

c:\documents and settings\all users\menu iniciar\programas\ardamax keylogger (PUP.ArdamaxKeyLogger) -> Not selected for removal.

Arquivos Infectados:

c:\documents and settings\all users\documentos\afqjop.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\documents and settings\usuario\dados de aplicativos\wplugin.dll (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\documents and settings\Usuario\Desktop\# Igor\RAGNAROK\cópia de ragnarok online\GF.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\documents and settings\Usuario\Desktop\# Igor\Igor\downloads e instaladores\warcraft iii\xpam.exe (Trojan.MultiDropper) -> Quarantined and deleted successfully.

c:\documents and settings\Usuario\Desktop\my shared folder\penis drive\sony vegas pro 10\sony vegas 10 32-bit\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\arquivos de programas\htv\htv.003 (PUP.ArdamaxKeyLogger) -> Not selected for removal.

c:\arquivos de programas\htv\htv.004 (PUP.ArdamaxKeyLogger) -> Not selected for removal.

c:\arquivos de programas\htv\htv.007 (PUP.ArdamaxKeyLogger) -> Not selected for removal.

c:\arquivos de programas\htv\jeremias cabra homem.exe (Spyware.Ardamax) -> Quarantined and deleted successfully.

c:\windows\wplugin.dll (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\windows\system32\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully.

c:\windows\system32\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully.

c:\windows\system32\pv40f20.exe (Trojan.FlyStudi.Gen) -> Quarantined and deleted successfully.

c:\windows\system32\zh262.exe (Trojan.FlyStudi.Gen) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\og.dll (Worm.AutoRun) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\og.EDT (Worm.AutoRun) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> Quarantined and deleted successfully.

c:\documents and settings\Usuario\dados de aplicativos\advantage\advantage.exe (Adware.Vomba) -> Quarantined and deleted successfully.

c:\documents and settings\all users\menu iniciar\programas\ardamax keylogger\ardamax keylogger.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.

c:\documents and settings\all users\menu iniciar\programas\ardamax keylogger\Help.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.

c:\documents and settings\all users\menu iniciar\programas\ardamax keylogger\log viewer.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.

Observações:

Eu não deletei a pasta porque logo após verificar o Malwarebytes' Anti-Malware, não mexi em mais nada além de remover os selecionados e, como pode ser visto no log, tudo sobre o Ardamax não estava selecionado e por precaução, também não selecionei. Qualquer dúvida sobre o uso do mesmo, posso responder também, rs.

Agradeço desde já.

Abraços, iSombra.