Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

gatamalvada

[Arquivado] Analizem meu log também!

Recommended Posts

Olá gente sou nova no fórum e andei lendo e pesquisando alguns assuntos para estar mais antenada sobre vírus e tal. Eu passo o avast e ele vive dizendo q estou com vírus e meu pc está lento, e além do mais, meumsn fica recebendo e enviando a seguinte msg para meus contatos:

 

mandei uma msg em homenagem a você www.mensagensvirtuais.front.ru

e a página inicial foi modificada para about:blank, sou novata no assunto e estou lendo um tutorial sobre como utilizar o HijackThis sem ter problemas, já que algumas situações serão irreverssíveis...

Gostaria que alguém pudesse dar uma olhado no meu log ok??? :thumbsup:

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 14:42:09, on 4/8/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Hijack\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: UltraVNC Server.lnk = C:\Arquivos de programas\UltraVNC\winvnc.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Pesquisa do Google - res://c:\arquivos de programas\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Traduzir palavra em inglês - res://c:\arquivos de programas\google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Instantâneo da página em cache - res://c:\arquivos de programas\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Links para esta página - res://c:\arquivos de programas\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Páginas semelhantes - res://c:\arquivos de programas\google\GoogleToolbar1.dll/cmsimilar.html

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6E99D955-A761-4AB3-BEDC-15F7E14F3628}: NameServer = 192.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{6E99D955-A761-4AB3-BEDC-15F7E14F3628}: NameServer = 192.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{6E99D955-A761-4AB3-BEDC-15F7E14F3628}: NameServer = 192.168.0.1

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - AppInit_DLLs: MsgPlusLoader.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: Serviço McAfee Framework (McAfeeFramework) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite

Esta parecendo o hijacker About Blank.... :ermm:

Clique em Ferramentas, Opções da Internet, em endereço altere para o site desejado e clique em Aplicar ou Ok, caso não consiga avise...

 

O Log esta limpo...faça alguns procedimentos para tirarmos a conclusão!

Faça um Scan Online:

Kaspersky

 

Clique no botão KASPERSKY ON LINE SCANNER

- Ira abrir uma pagina, nela clique no bobtão ACCEPT

- Note que na parte de cima aparecerá uma barra amarela, é necessário clicar nela e escolher INSTALAR CONTROLE ACTIVE X. Depois na caixa, clique em INSTALAR.

- Após carregar as assinaturas para o escaneamento, clique no botão NEXT. Depois escolha MY COMPUTER, para iniciar o scan.

- Ao terminar o scan, clique no botao SAVE REPORT AS. Coloque um nome no arquivo e salve-o.

- Abra o arquivo salvo, copie e cole o conteudo aqui.

 

Habilite o Windows para mostrar todos os arquivos (até ocultos).

 

 

Após os procedimentos acima, gere um novo log do Hijackthis e poste + Log Kaspersky!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Certo Master, fiz o que você disse. Sendo que antes de realizar o scan online, na sexta-feira quando fui ligar meu pc, ele ligava e não ia p tela de boas vindas do windows,ele ligava normlamente e reiniciava sozinho, meu irmão reinstalou o windows e o pc está funcionando normalmente até então... :!: Segue abaixo o log do HijackThis e o do Kaspersky...ah, vale lembrar tbm que modifiquei a página inicial e coloquei a do google, e não tive problemas :joia: ...espero ter feito tudo direitinho certo? :ermm: Valeu, um abraço!

P.S.:Alista do log ficou grande, está certo? Desde já agradeço pela ajuda e atenção!Tenha um bom dia! (noite) :)

 

Log Kaspersky

KASPERSKY ONLINE SCANNER REPORT

Sunday, August 13, 2006 12:51:53 AM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 13/08/2006

Kaspersky Anti-Virus database records: 201750

 

 

Scan Settings

Scan using the following antivirus database standard

Scan Archives true

Scan Mail Bases true

 

Scan Target My Computer

A:\

C:\

D:\

E:\

 

Scan Statistics

Total number of scanned objects 64856

Number of viruses found 4

Number of infected objects 144 / 0

Number of suspicious objects 0

Duration of the scan process 01:24:47

 

Infected Object Name Virus Name Last Action

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Crypto\DSS\MachineKeys\01ce997940d36d8b86ce8c0fed19c3d0_45e5c228-29e6-42a9-bbaf-1dc22fec72cc Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\BOPDATA\_Date-20060812_Time-154320000_EnterceptExceptions.dat Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\BOPDATA\_Date-20060812_Time-154320000_EnterceptRules.dat Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\Common Framework\Db\Agent_RESIDENC-69694B.log Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\Common Framework\Db\PrdMgr_RESIDENC-69694B.log Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\VirusScan\AccessProtectionLog.txt Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\VirusScan\BufferOverflowProtectionLog.txt Object is locked skipped

 

C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Network Associates\VirusScan\OnAccessScanLog.txt Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\ApplicationHistory\hpqimzone.exe.57576738.ini.inuse Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Histórico\History.IE5\MSHist012006081220060813\index.dat Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Temp\hpodvd09.log Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Temp\~DF47D8.tmp Object is locked skipped

 

C:\Documents and Settings\David\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\David\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\David\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\David\NTUSER.DAT.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\LocalService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\NetworkService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped

 

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

C:\System Volume Information\_restore{00935374-E71C-4F88-A390-0C13C3D7EB2E}\RP5\change.log Object is locked skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP17\A0013110.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP17\A0013119.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP17\A0013125.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP17\A0013138.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP17\A0013156.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0013414.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0013431.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0013444.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0013449.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0013469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP19\A0014468.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0015478.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0016467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0017471.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0018467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0019472.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0020469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0021467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0022467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0023471.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0024467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0025469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0026467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0027469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0028467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0029469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0030469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0031467.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0032469.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0033477.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0033491.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0033927.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0033962.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0034960.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0035960.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0036960.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0038960.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0039982.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0041982.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0043000.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0045000.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0046000.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0047003.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP20\A0049000.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0049046.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0051045.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0051093.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0051111.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0051128.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0052128.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0053128.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0053146.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0053164.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0054161.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0055161.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0055181.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0056181.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0056198.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP22\A0057207.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP23\A0058221.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0058255.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0059271.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0059315.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0060313.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0060334.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0060349.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0061349.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0061375.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0061391.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0062391.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0062452.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0064448.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0065448.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0065460.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0066478.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0066504.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0067504.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0068504.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0068518.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0069518.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0069536.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0070536.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0070552.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0070566.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0071562.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP24\A0072562.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0072635.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0072716.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0072771.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0073780.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0073805.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0073824.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0074824.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0074860.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP26\A0074894.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0075994.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0076017.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0076049.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0076076.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077076.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077108.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077150.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077156.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077172.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0077186.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP27\A0078184.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0078215.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0078232.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0079232.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0079253.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0079273.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0079300.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP28\A0080300.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0080345.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0080358.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0080372.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0081408.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0082408.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0083408.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0083426.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0083442.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0083460.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0083476.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0084478.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0085481.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0085512.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0086509.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0086526.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0086546.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0086577.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0086588.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP29\A0087588.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0087628.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0087648.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0087664.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0088674.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0088695.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP30\A0088788.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP41\A0089163.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP41\A0089168.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP54\A0101594.exe Infected: Trojan-Downloader.Win32.Reqlook.d skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101627.exe Object is locked skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101628.exe Infected: Trojan-PSW.Win32.Sinowal.al skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101634.exe Infected: Backdoor.Win32.Small.ls skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101636.exe Object is locked skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101637.exe Infected: Trojan-PSW.Win32.Sinowal.al skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101640.exe Object is locked skipped

 

C:\System Volume Information\_restore{117D23F0-D17D-4B42-9A44-5F75005AC6E5}\RP55\A0101643.exe Object is locked skipped

 

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

 

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\EventCache\{544A9D83-234B-4A1E-B77F-7040C85A3940}.bin Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

 

C:\WINDOWS\Sti_Trace.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

 

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\default Object is locked skipped

 

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SAM Object is locked skipped

 

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\software Object is locked skipped

 

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\system Object is locked skipped

 

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

 

C:\WINDOWS\system32\h323log.txt Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

 

C:\WINDOWS\wiadebug.log Object is locked skipped

 

C:\WINDOWS\wiaservc.log Object is locked skipped

 

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

D:\System Volume Information\_restore{00935374-E71C-4F88-A390-0C13C3D7EB2E}\RP5\change.log Object is locked skipped

 

Scan process completed.

 

 

 

Log HijackThis

Logfile of HijackThis v1.99.1

Scan saved at 01:02:00, on 13/8/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\Arquivos de programas\Network Associates\VirusScan\SHSTAT.EXE

C:\Arquivos de programas\Network Associates\Common Framework\UpdaterUI.exe

C:\Arquivos de programas\Arquivos comuns\Network Associates\TalkBack\TBMon.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\ARQUIV~1\Grisoft\AVG6\avgcc32.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqimzone.exe

C:\ARQUIV~1\Grisoft\AVG6\avgserv.exe

C:\Arquivos de programas\Network Associates\Common Framework\FrameworkService.exe

C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Hijack\HijackThis.exe

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: EzNav Browser Helper - {79154DA9-0723-446D-A146-B8D5AE1A6387} - C:\Arquivos de programas\Easy Navigation\Puxa Rapido - Sistema de Buscas\EzNavBho.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Arquivos de programas\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Arquivos de programas\Arquivos comuns\Network Associates\TalkBack\TBMon.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [AVG_CC] C:\ARQUIV~1\Grisoft\AVG6\avgcc32.exe /STARTUP

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F81C55A5-58F2-441C-AF55-2BD001BAD445}: NameServer = 192.168.0.1

O23 - Service: AVG6 Service (AvgServ) - GRISOFT© SOFTWARE s.r.o - C:\ARQUIV~1\Grisoft\AVG6\avgserv.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: Serviço McAfee Framework (McAfeeFramework) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

TÓPICO ARQUIVADO

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada

para um moderador da área juntamente com o link para este tópico e explique

o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.