Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

kaillarkz

[Arquivado] [Vista] Lentidão e suspeitas (sshnas21.dll)

Recommended Posts

Boa tarde,

 

Após notar problemas de performance repentinos, busquei pela internet possíveis diagnósticos e casos semelhantes; de fato, encontrei vários casos, porém percebi o constante uso do HijackThis. Como os logs são pessoais, li alguns guias e posts antes de usá-lo.

Ao iniciar o Windows, começei a receber erros falando de "sshnas21.dll"; bem, suspeitei dos vários processos "svchost.exe", porém vi que ele cada um deles é funcional e necessário (pelo menos até agora). Não consegui solucionar sozinho, eis o motivo do tópico.

 

O HijackThis abriu esse log:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:05:34 PM, on 5/30/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\RtHDVCpl.exe

C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Users\Vítor Dultra\Program Files\DNA\btdna.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Vítor Dultra\Documents\Kai ~\[Arquivos]\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [ATI MainBoard] C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Vítor Dultra\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW

O4 - HKCU\..\Run: [ATI MainBoard] C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

O4 - HKCU\..\Run: [Developer Operations Network] C:\Users\Vítor Dultra\AppData\Roaming\devon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://rfonline-full.gscdn.com

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

O16 - DPF: {490746C1-AEC2-4ADA-AEB5-393DE5D02017} (NeoLauncherCtl Class) - http://dist.cdnetworks.co.kr/cdndist/neomapa/bin/NeoLauncher.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldpt-br.cab

O16 - DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} (ccr_downloader Control) - http://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe

O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 FontCache3.0.0.0SENS (FontCache3.0.0.0SENS) - Unknown owner - C:\Windows\system32\activedsi.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 8674 bytes

 

Desde já grato!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe a demora, estava em outro lugar.

Segui os passos e fiz 2 scans completos com o programa.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:30:43 PM, on 6/3/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\RtHDVCpl.exe

C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Users\Vítor Dultra\Program Files\DNA\btdna.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Vítor Dultra\AppData\Local\AMD Drivers\AMD_graphics.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Users\Vítor Dultra\Documents\Kai ~\[Arquivos]\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [ATI MainBoard] C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Vítor Dultra\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW

O4 - HKCU\..\Run: [ATI MainBoard] C:\Users\Vítor Dultra\AppData\Local\ATI Drivers\ATI_MainBoard.exe

O4 - HKCU\..\Run: [Developer Operations Network] C:\Users\Vítor Dultra\AppData\Roaming\devon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [AMD Graphic] C:\Users\Vítor Dultra\AppData\Local\AMD Drivers\AMD_graphics.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O15 - Trusted Zone: http://rfonline-full.gscdn.com

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

O16 - DPF: {490746C1-AEC2-4ADA-AEB5-393DE5D02017} (NeoLauncherCtl Class) - http://dist.cdnetworks.co.kr/cdndist/neomapa/bin/NeoLauncher.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldpt-br.cab

O16 - DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} (ccr_downloader Control) - http://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe

O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 FontCache3.0.0.0SENS (FontCache3.0.0.0SENS) - Unknown owner - C:\Windows\system32\activedsi.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 8813 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Desinstale o SUPERAntipSpyware

 

2.

*Baixe o MalwareBytes Anti-malware e salve-o no desktop

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as unidades a serem examinadas

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Cole-o na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Feito.

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Versão da Base de Dados: 4169

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18904

 

6/4/2010 11:56:29 AM

mbam-log-2010-06-04 (11-56-29).txt

 

Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|G:\|H:\|)

Objetos escaneados: 313414

Tempo decorrido: 1 hora(s), 6 minuto(s), 20 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 3

Valores de Registro Infectados: 3

Itens de Dados no Registro Infectados: 4

Pastas Infectadas: 2

Arquivos Infectados: 9

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Valores de Registro Infectados:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.

 

Itens de Dados no Registro Infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-0471895809-3040326899-841458177-6774\mgrls32.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

 

Pastas Infectadas:

C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

 

Arquivos Infectados:

C:\Users\Vítor Dultra\Documents\Meus arquivos recebidos\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\Documents\Guitar PRO\Guitar Pro 5.2\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\Documents\Lineage 2 C5\system\engine.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\Downloads\Ad PS CS4 Ext\Crack\adobe.photoshop.cs4-nope.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\AppData\Roaming\videovrx.vxd (Malware.Trace) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.

C:\Users\Vítor Dultra\AppData\Roaming\preferred (Malware.Trace) -> Quarantined and deleted successfully.

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

Abra o Spybot

No menu superior, clique em [Modo] > [Avançado] e confirme.

Clique em [Ferramentas] > [Residente]

Desmarque a opção Ativar "TeaTimer" do Residente (proteção geral das configurações de sistema).

Feche o programa.

 

2.

*Abra o programa Malwarebytes e na aba [Quarentena], selecione todos os resultados e clique em [Remover tudo]

*Clique na aba [Logs], selecione o relatório e clique em [Remover]

 

3.

*Baixe o Kaspersky Virus Removal Tool e salve-o no desktop

*Instale o programa

*A tela principal do programa será aberta automaticamente

*Selecione a opção:

[] Meu Computador

*Clique em [start scan]....aguarde. Pode demorar.

*Caso encontre algo, clique em [skip]

*Ao término do scan, clique em [Report]

*Uma janela chamada "Detailed report" será aberta

*Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados

*Clique com o botão direito do mouse e selecione "Select all"

*Clique novamente com o botão direito do mouse e selecione "Copy"

*Abra o bloco de notas e cole (Ctrl+v) e salve o arquivo no desktop como log.txt

*Feche a janela "Detailed report" do Kasperky

*Na tela principal do Kaspersky clique em [Exit] > [No]

*Cole o relatório salvo no desktop na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Autoscan: completed 14765 days ago (events: 286, objects: 1511108, time: 06:30:11)

 

6/4/2010 6:39:30 PM Task started

6/4/2010 7:05:00 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 7:05:00 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe

6/4/2010 7:05:03 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe

6/4/2010 7:07:43 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 7:07:43 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 7:07:43 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 7:07:43 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe

6/4/2010 7:07:43 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 7:07:44 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe

6/4/2010 7:07:44 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe

6/4/2010 7:07:44 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe

6/4/2010 7:07:46 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 7:07:46 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 7:07:46 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 7:07:46 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe

6/4/2010 7:07:46 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 7:07:56 PM Detected: Trojan-Downloader.Java.Agent.af C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class

6/4/2010 7:07:56 PM Untreated: Trojan-Downloader.Java.Agent.af C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class Skipped by user

6/4/2010 7:07:56 PM Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class

6/4/2010 7:07:56 PM Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class Skipped by user

6/4/2010 7:08:06 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Roaming\ant0.exe

6/4/2010 7:08:06 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Roaming\ant0.exe Skipped by user

6/4/2010 7:08:06 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\kzwivxq.exe

6/4/2010 7:08:06 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\kzwivxq.exe Skipped by user

6/4/2010 7:08:06 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\sclqwem.exe

6/4/2010 7:08:06 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\sclqwem.exe Skipped by user

6/4/2010 7:10:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 7:10:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 7:10:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe

6/4/2010 7:10:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 7:10:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe

6/4/2010 7:10:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 7:10:57 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe

6/4/2010 7:10:57 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 7:10:58 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe

6/4/2010 7:10:58 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 7:10:58 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe

6/4/2010 7:10:58 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 7:10:58 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe

6/4/2010 7:10:58 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 7:10:58 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe

6/4/2010 7:10:58 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 7:12:24 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\kzwivxq.exe

6/4/2010 7:12:24 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\kzwivxq.exe Skipped by user

6/4/2010 7:12:24 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\sclqwem.exe

6/4/2010 7:12:24 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\sclqwem.exe Skipped by user

6/4/2010 7:12:24 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\ant0.exe

6/4/2010 7:12:24 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\ant0.exe Skipped by user

6/4/2010 7:43:45 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 7:43:45 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 7:48:55 PM Detected: Trojan-GameThief.Win32.Magania.dhlh C:\Documents and Settings\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll

6/4/2010 7:48:55 PM Untreated: Trojan-GameThief.Win32.Magania.dhlh C:\Documents and Settings\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll Write not supported

6/4/2010 8:02:20 PM Detected: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll

6/4/2010 8:02:20 PM Untreated: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll Write not supported

6/4/2010 8:05:54 PM Detected: Trojan.Win32.VB.aaer C:\Documents and Settings\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe

6/4/2010 8:05:54 PM Untreated: Trojan.Win32.VB.aaer C:\Documents and Settings\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe Skipped by user

6/4/2010 8:07:04 PM Detected: Trojan-Downloader.NSIS.Agent.gl C:\Documents and Settings\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003

6/4/2010 8:07:04 PM Untreated: Trojan-Downloader.NSIS.Agent.gl C:\Documents and Settings\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003 Write not supported

6/4/2010 8:09:39 PM Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe

6/4/2010 8:09:39 PM Untreated: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe Write not supported

6/4/2010 8:09:44 PM Detected: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll

6/4/2010 8:09:44 PM Untreated: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll Write not supported

6/4/2010 8:34:52 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 8:34:52 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 8:58:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe

6/4/2010 8:58:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 8:58:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 8:58:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 8:58:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe

6/4/2010 8:58:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 8:58:57 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe

6/4/2010 8:58:57 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 8:58:57 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe

6/4/2010 8:58:57 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 8:58:58 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe

6/4/2010 8:58:58 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 8:58:58 PM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe

6/4/2010 8:58:58 PM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 8:58:58 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe

6/4/2010 8:58:58 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 9:00:10 PM Detected: Trojan-Downloader.Java.Agent.af C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class

6/4/2010 9:00:10 PM Untreated: Trojan-Downloader.Java.Agent.af C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class Skipped by user

6/4/2010 9:00:11 PM Detected: Trojan-Downloader.Java.Agent.au C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class

6/4/2010 9:00:11 PM Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class Skipped by user

6/4/2010 9:00:12 PM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Roaming\ant0.exe

6/4/2010 9:00:12 PM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Roaming\ant0.exe Skipped by user

6/4/2010 9:00:12 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\kzwivxq.exe

6/4/2010 9:00:12 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\kzwivxq.exe Skipped by user

6/4/2010 9:00:12 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\sclqwem.exe

6/4/2010 9:00:12 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\sclqwem.exe Skipped by user

6/4/2010 9:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe

6/4/2010 9:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 9:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 9:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 9:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe

6/4/2010 9:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 9:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe

6/4/2010 9:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 9:03:49 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe

6/4/2010 9:03:49 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 9:03:50 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe

6/4/2010 9:03:50 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 9:03:50 PM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe

6/4/2010 9:03:50 PM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 9:03:50 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe

6/4/2010 9:03:50 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 9:05:29 PM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Dados de aplicativos\ant0.exe

6/4/2010 9:05:29 PM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Dados de aplicativos\ant0.exe Skipped by user

6/4/2010 9:05:29 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\kzwivxq.exe

6/4/2010 9:05:29 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\kzwivxq.exe Skipped by user

6/4/2010 9:05:29 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\sclqwem.exe

6/4/2010 9:05:29 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\sclqwem.exe Skipped by user

6/4/2010 9:15:04 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 9:15:04 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 9:18:41 PM Detected: Trojan-GameThief.Win32.Magania.dhlh C:\Users\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll

6/4/2010 9:18:41 PM Untreated: Trojan-GameThief.Win32.Magania.dhlh C:\Users\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll Write not supported

6/4/2010 9:20:59 PM Detected: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll

6/4/2010 9:20:59 PM Untreated: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll Write not supported

6/4/2010 9:21:03 PM Detected: Trojan.Win32.VB.aaer C:\Users\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe

6/4/2010 9:21:03 PM Untreated: Trojan.Win32.VB.aaer C:\Users\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe Skipped by user

6/4/2010 9:21:06 PM Detected: Trojan-Downloader.NSIS.Agent.gl C:\Users\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003

6/4/2010 9:21:06 PM Untreated: Trojan-Downloader.NSIS.Agent.gl C:\Users\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003 Write not supported

6/4/2010 9:21:18 PM Detected: HEUR:Trojan.Win32.Generic C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe

6/4/2010 9:21:18 PM Untreated: HEUR:Trojan.Win32.Generic C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe Write not supported

6/4/2010 9:21:20 PM Detected: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll

6/4/2010 9:21:20 PM Untreated: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll Write not supported

6/4/2010 9:44:08 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 9:44:08 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 9:57:00 PM Detected: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe

6/4/2010 9:57:00 PM Untreated: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe Skipped by user

6/4/2010 9:57:00 PM Detected: Trojan.Win32.Zmunik.vf C:\Windows\System32\ADVAPI16.dll/ASPack

6/4/2010 9:57:00 PM Untreated: Trojan.Win32.Zmunik.vf C:\Windows\System32\ADVAPI16.dll/ASPack Skipped by user

6/4/2010 10:03:44 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00003.SPL

6/4/2010 10:03:44 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00002.SPL

6/4/2010 10:03:44 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00003.SPL Skipped by user

6/4/2010 10:03:44 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00002.SPL Skipped by user

6/4/2010 10:20:26 PM Detected: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe

6/4/2010 10:20:26 PM Untreated: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe Skipped by user

6/4/2010 10:21:54 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe

6/4/2010 10:21:54 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 10:21:54 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe

6/4/2010 10:21:54 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 10:21:55 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe

6/4/2010 10:21:55 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 10:31:31 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 10:31:31 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 10:39:46 PM Detected: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe

6/4/2010 10:39:46 PM Untreated: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe Skipped by user

6/4/2010 10:58:44 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe

6/4/2010 10:58:44 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 10:58:44 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 10:58:44 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 10:58:44 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe

6/4/2010 10:58:44 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 10:58:44 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe

6/4/2010 10:58:44 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 10:58:44 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe

6/4/2010 10:58:44 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 10:58:45 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe

6/4/2010 10:58:45 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 10:58:45 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe

6/4/2010 10:58:45 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 10:58:45 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe

6/4/2010 10:58:45 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 11:00:04 PM Detected: Trojan-Downloader.Java.Agent.af C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class

6/4/2010 11:00:04 PM Untreated: Trojan-Downloader.Java.Agent.af C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class Skipped by user

6/4/2010 11:00:05 PM Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class

6/4/2010 11:00:05 PM Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class Skipped by user

6/4/2010 11:00:07 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Roaming\ant0.exe

6/4/2010 11:00:07 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\AppData\Roaming\ant0.exe Skipped by user

6/4/2010 11:00:07 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\kzwivxq.exe

6/4/2010 11:00:07 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\kzwivxq.exe Skipped by user

6/4/2010 11:00:07 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\sclqwem.exe

6/4/2010 11:00:07 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\AppData\Roaming\sclqwem.exe Skipped by user

6/4/2010 11:03:48 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe

6/4/2010 11:03:48 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe

6/4/2010 11:03:48 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe Skipped by user

6/4/2010 11:03:48 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/4/2010 11:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe

6/4/2010 11:03:49 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe

6/4/2010 11:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe Skipped by user

6/4/2010 11:03:49 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe Skipped by user

6/4/2010 11:03:49 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe

6/4/2010 11:03:49 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe Skipped by user

6/4/2010 11:03:50 PM Detected: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe

6/4/2010 11:03:50 PM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe Skipped by user

6/4/2010 11:03:50 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe

6/4/2010 11:03:50 PM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/4/2010 11:03:50 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe

6/4/2010 11:03:50 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/4/2010 11:05:38 PM Detected: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\ant0.exe

6/4/2010 11:05:38 PM Untreated: Worm.Win32.VBNA.b C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\ant0.exe Skipped by user

6/4/2010 11:05:38 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\kzwivxq.exe

6/4/2010 11:05:38 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\kzwivxq.exe Skipped by user

6/4/2010 11:05:38 PM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\sclqwem.exe

6/4/2010 11:05:38 PM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Documents and Settings\Vítor Dultra\Dados de aplicativos\sclqwem.exe Skipped by user

6/4/2010 11:17:46 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 11:17:46 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/4/2010 11:19:58 PM Detected: Trojan-GameThief.Win32.Magania.dhlh C:\Documents and Settings\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll

6/4/2010 11:19:58 PM Untreated: Trojan-GameThief.Win32.Magania.dhlh C:\Documents and Settings\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll Write not supported

6/4/2010 11:20:50 PM Detected: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll

6/4/2010 11:20:50 PM Untreated: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll Write not supported

6/4/2010 11:20:55 PM Detected: Trojan.Win32.VB.aaer C:\Documents and Settings\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe

6/4/2010 11:20:55 PM Untreated: Trojan.Win32.VB.aaer C:\Documents and Settings\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe Skipped by user

6/4/2010 11:20:56 PM Detected: Trojan-Downloader.NSIS.Agent.gl C:\Documents and Settings\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003

6/4/2010 11:20:56 PM Untreated: Trojan-Downloader.NSIS.Agent.gl C:\Documents and Settings\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003 Write not supported

6/4/2010 11:21:08 PM Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe

6/4/2010 11:21:08 PM Untreated: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe Write not supported

6/4/2010 11:21:09 PM Detected: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll

6/4/2010 11:21:09 PM Untreated: Trojan.Win32.Genome.iwmt C:\Documents and Settings\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll Write not supported

6/4/2010 11:40:35 PM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/4/2010 11:40:35 PM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Documents and Settings\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/5/2010 12:05:00 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe

6/5/2010 12:05:00 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\angBulIaG3aW.exe Skipped by user

6/5/2010 12:05:00 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe

6/5/2010 12:05:00 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/5/2010 12:05:01 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe

6/5/2010 12:05:01 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe

6/5/2010 12:05:01 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\h9AhfY0cSZKj.exe Skipped by user

6/5/2010 12:05:01 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\f0uOn3hj2Z28.exe Skipped by user

6/5/2010 12:05:01 AM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe

6/5/2010 12:05:01 AM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\JeuPHi6STI9w.exe Skipped by user

6/5/2010 12:05:01 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe

6/5/2010 12:05:01 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\AppData\Local\Temp\uZJ3BibLjaD8.exe Skipped by user

6/5/2010 12:05:01 AM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe

6/5/2010 12:05:01 AM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\AppData\Local\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/5/2010 12:05:01 AM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe

6/5/2010 12:05:01 AM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Local\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/5/2010 12:06:17 AM Detected: Trojan-Downloader.Java.Agent.af C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class

6/5/2010 12:06:17 AM Untreated: Trojan-Downloader.Java.Agent.af C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a3d7b8a-7188ccb7/Downloader.class Skipped by user

6/5/2010 12:06:17 AM Detected: Trojan-Downloader.Java.Agent.au C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class

6/5/2010 12:06:17 AM Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Vítor Dultra\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1991cf9b-2f4f4b9b/Inicio.class Skipped by user

6/5/2010 12:06:19 AM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Roaming\ant0.exe

6/5/2010 12:06:19 AM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\AppData\Roaming\ant0.exe Skipped by user

6/5/2010 12:06:19 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\kzwivxq.exe

6/5/2010 12:06:19 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\kzwivxq.exe Skipped by user

6/5/2010 12:06:20 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\sclqwem.exe

6/5/2010 12:06:20 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\AppData\Roaming\sclqwem.exe Skipped by user

6/5/2010 12:09:49 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe

6/5/2010 12:09:49 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe

6/5/2010 12:09:49 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\Ayqu9X1Y6NDB.exe Skipped by user

6/5/2010 12:09:49 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\angBulIaG3aW.exe Skipped by user

6/5/2010 12:09:49 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe

6/5/2010 12:09:50 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\f0uOn3hj2Z28.exe Skipped by user

6/5/2010 12:09:50 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe

6/5/2010 12:09:50 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\h9AhfY0cSZKj.exe Skipped by user

6/5/2010 12:09:50 AM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe

6/5/2010 12:09:50 AM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\JeuPHi6STI9w.exe Skipped by user

6/5/2010 12:09:50 AM Detected: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe

6/5/2010 12:09:50 AM Untreated: Trojan-Downloader.MSIL.Agent.np C:\Users\Vítor Dultra\Configurações locais\Temp\uZJ3BibLjaD8.exe Skipped by user

6/5/2010 12:09:51 AM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe

6/5/2010 12:09:51 AM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Configurações locais\Temp\wlWCF8Ou3bWL.exe Skipped by user

6/5/2010 12:09:51 AM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe

6/5/2010 12:09:51 AM Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Users\Vítor Dultra\Configurações locais\Temp\UU9Eb4kP4m2l.exe Skipped by user

6/5/2010 12:11:35 AM Detected: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Dados de aplicativos\ant0.exe

6/5/2010 12:11:35 AM Untreated: Worm.Win32.VBNA.b C:\Users\Vítor Dultra\Dados de aplicativos\ant0.exe Skipped by user

6/5/2010 12:11:35 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\kzwivxq.exe

6/5/2010 12:11:35 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\kzwivxq.exe Skipped by user

6/5/2010 12:11:36 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\sclqwem.exe

6/5/2010 12:11:36 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Users\Vítor Dultra\Dados de aplicativos\sclqwem.exe Skipped by user

6/5/2010 12:21:30 AM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/5/2010 12:21:30 AM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Documents\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/5/2010 12:23:47 AM Detected: Trojan-GameThief.Win32.Magania.dhlh C:\Users\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll

6/5/2010 12:23:47 AM Untreated: Trojan-GameThief.Win32.Magania.dhlh C:\Users\Vítor Dultra\Downloads\Heroes.exe/ko-KR/bin/FileSystem_Stdio.dll Write not supported

6/5/2010 12:24:38 AM Detected: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll

6/5/2010 12:24:38 AM Untreated: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\Kastien-system.rar/system/nophx.dll Write not supported

6/5/2010 12:24:42 AM Detected: Trojan.Win32.VB.aaer C:\Users\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe

6/5/2010 12:24:42 AM Untreated: Trojan.Win32.VB.aaer C:\Users\Vítor Dultra\Downloads\Ninfetinha.zip/Ninfetinha.exe Skipped by user

6/5/2010 12:24:44 AM Detected: Trojan-Downloader.NSIS.Agent.gl C:\Users\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003

6/5/2010 12:24:44 AM Untreated: Trojan-Downloader.NSIS.Agent.gl C:\Users\Vítor Dultra\Downloads\Proxifier_2.91.rar/Proxifier 2.91/proxifier-setup.exe/data0003 Write not supported

6/5/2010 12:24:55 AM Detected: HEUR:Trojan.Win32.Generic C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe

6/5/2010 12:24:55 AM Untreated: HEUR:Trojan.Win32.Generic C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/l2.exe Write not supported

6/5/2010 12:24:56 AM Detected: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll

6/5/2010 12:24:56 AM Untreated: Trojan.Win32.Genome.iwmt C:\Users\Vítor Dultra\Downloads\systemKastienBeta.rar/system/nophx.dll Write not supported

6/5/2010 12:44:47 AM Detected: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe

6/5/2010 12:44:47 AM Untreated: Trojan-PSW.Win32.Dybalom.lk C:\Users\Vítor Dultra\Meus documentos\wow\WwW.DownloadPresent.Com_World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.rar/World.of.Warcraft.PvP.Guide.UPLOADED.25.05.09.exe Write not supported

6/5/2010 12:53:09 AM Detected: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe

6/5/2010 12:53:09 AM Untreated: Backdoor.Win32.IRCNite.ia C:\Windows\System32\activedsi.exe Skipped by user

6/5/2010 12:53:09 AM Detected: Trojan.Win32.Zmunik.vf C:\Windows\System32\ADVAPI16.dll/ASPack

6/5/2010 12:53:09 AM Untreated: Trojan.Win32.Zmunik.vf C:\Windows\System32\ADVAPI16.dll/ASPack Skipped by user

6/5/2010 12:57:37 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00002.SPL

6/5/2010 12:57:37 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00002.SPL Skipped by user

6/5/2010 12:57:37 AM Detected: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00003.SPL

6/5/2010 12:57:37 AM Untreated: Trojan-Downloader.MSIL.Agent.nm C:\Windows\System32\spool\PRINTERS\00003.SPL Skipped by user

6/5/2010 1:10:06 AM Task completed

 

Feito.

*Engraçado, tem arquivos que eu nunca coloquei ou vi nesse computador.

Compartilhar este post


Link para o post
Compartilhar em outros sites

*Abra a pasta Virus Removal Tool, localizada no desktop, duplo clique no atalho Start

*A tela principal do Kaspersky será aberta novamente

*Selecione a opção:

[] Meu Computador

*Clique em [start scan]....aguarde. Pode demorar.

*Caso encontre algo, clique em [Disinfect], caso não seja possível, clique em [Delete]

*Ao término do scan, clique em [Report]

*Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados

*Clique com o botão direito do mouse e selecione "Select all"

*Clique novamente com o botão direito do mouse e selecione "Copy"

*Abra o bloco de notas e cole (Ctrl+v) e salve o arquivo no desktop como log2.txt

*Feche a janela "Detailed report" do Kasperky

*Na tela principal do Kaspersky clique em [Exit] > [No]

*Cole o relatório (log2.txt) salvo no desktop na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.