[Resolvido] &nbspInfecção - Pode estar infectado por um vírus desconhe

[rmoralez 0]

Boa tarde!

 

No AVG em quarentena apareceram 3 ocorrências para "Infecção - Pode estar infectado por um vírus desconhecido Win32/DH.CAFF82025D".

 

Será vírus? ou pode ser falso positivo?

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:57:11, on 21/06/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\HP\HP UT\bin\hppusg.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\aetcrss1.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\1\Downloads\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avgbrasil.com.br/br-pt.special-uninstallation-feedback-appf?lic=NFVIMlctM1NYM0UtR0hHWDktQUZISjMtUFcyUU4tWjlLSDQ"&"inst=NzctNjM1MjA4MDkyLVFJWDErNC1YMjAxMCsyLUxJQysxMS1GTDEwKzEtU1AxKzEtU1AxVEIrMS1TVUQrMS1TMUkrMS1TVTMrMQ"&"prod=90"&"ver=10.0.1382

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-21-2753892991-3215369525-407128404-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LogMeInRemoteUser')

O4 - HKUS\S-1-5-21-2753892991-3215369525-407128404-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LogMeInRemoteUser')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{193B1C6F-AE12-4414-B380-A916AE1A9430}: NameServer = 200.204.0.10 200.204.0.138

O17 - HKLM\System\CS1\Services\Tcpip\..\{193B1C6F-AE12-4414-B380-A916AE1A9430}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 7464 bytes

 

Caso algum participante do fórum tenha como me auxiliar, desde já agradeço!

 

Obrigado,

 

[]´s

[wings 22]

Olá rmoralez

 

 

*Baixe o Kaspersky Virus Removal Tool e salve-o no desktop

*Instale o programa

*Selecione a opção:

[X] Meu Computador

*Clique na frase "Perguntar o que fazer" e selecione "Perguntar ao concluir"

 

 

*Clique [iniciar verificação]

*Ao término do scan, caso encontre algo, selecione:

[x] Aplicar para todos os arquivos

e clique "Ignorar"

 

 

*Ao término, clique [Relatório]

*Clique no sinal + ao lado de Verificação automática: concluído para expandir o relatório

 

 

*Clique com o botão direito do mouse no relatório e selecione a opção Selecionar tudo

*Clique novamente com o botão direito do mouse no relatório e selecione a opção Copiar

 

 

*Abra o bloco de notas, cole (Ctrl+v) e salve no desktop como log.txt

*Feche a janela e na janela principal do programa clique [sair] > [Não]

*Cole o relatório log.txt salvo no desktop

[rmoralez 0]

Olá Wings,

 

Fiz o procedimento solicitado e durante o processamento o AVG que ficou ativo fez algumas notificações, assim estou colocando aqui a lista de problemas apresentado por ele.

 

Dados do AVG

 

"Infecção";"Pode estar infectado por um vírus desconhecido Win32/DH.CAFF82025D";"c:\phoenix\kbzpeh.exe";"N/D";"12/06/2011, 12:56:58"

"Infecção";"Pode estar infectado por um vírus desconhecido Win32/DH.CAFF82025D";"c:\FIEL\kbzpeh.exe";"N/D";"12/06/2011, 12:56:58"

"Infecção";"Pode estar infectado por um vírus desconhecido Win32/DH.CAFF82025D";"c:\SharedDocs\kbzpeh.exe";"N/D";"12/06/2011, 12:56:59"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\FIEL\Phoenix\PHBackup.exe";"N/D";"22/06/2011, 13:17:00"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\FIEL\Phoenix\folha.exe";"N/D";"22/06/2011, 13:17:01"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\adm\instalar.exe";"N/D";"22/06/2011, 13:17:02"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\Adm.exe";"N/D";"22/06/2011, 13:17:03"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\arqCprn.exe";"N/D";"22/06/2011, 13:17:03"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\BAckupP.exe";"N/D";"22/06/2011, 13:17:04"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\contabil\Instalar.exe";"N/D";"22/06/2011, 13:17:04"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\Estacao.EXE";"N/D";"22/06/2011, 13:17:04"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\escrita\Instalar.exe";"N/D";"22/06/2011, 13:17:05"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\folha\Instalar.exe";"N/D";"22/06/2011, 13:17:05"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\gescon\Instalar.exe";"N/D";"22/06/2011, 13:17:05"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\irpj\Instalar.exe";"N/D";"22/06/2011, 13:17:06"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\Gescon.exe";"N/D";"22/06/2011, 13:17:06"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\JrPgDAS.exe";"N/D";"22/06/2011, 13:17:07"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\LimpaADM.exe";"N/D";"22/06/2011, 13:17:08"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\PgwC.exe";"N/D";"22/06/2011, 13:17:08"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\PgwJr.exe";"N/D";"22/06/2011, 13:17:10"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\PHBackup.exe";"N/D";"22/06/2011, 13:17:11"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\Start.exe";"N/D";"22/06/2011, 13:17:12"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\phoenix\RegAsm.exe";"N/D";"22/06/2011, 13:17:13"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\cht\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:14"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\cs\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:15"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\el\kb888111xpsp2.exe";"N/D";"22/06/2011, 13:17:15"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fr\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:15"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\ger\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:15"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\hu\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:16"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\jpn\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:16"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\nl\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:17"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pl\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:17"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\ru\kb888111xpsp2.exe";"N/D";"22/06/2011, 13:17:18"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\us\kb888111xpsp1.exe";"N/D";"22/06/2011, 13:17:18"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\RtlUpd.exe";"N/D";"22/06/2011, 13:17:18"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\SetCDfmt.exe";"N/D";"22/06/2011, 13:17:18"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\Setup.exe";"N/D";"22/06/2011, 13:17:19"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\Alcmtr.exe";"N/D";"22/06/2011, 13:17:19"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\AlcWzrd.exe";"N/D";"22/06/2011, 13:17:19"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\RtlUpd.exe";"N/D";"22/06/2011, 13:17:20"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\SoundMan.exe";"N/D";"22/06/2011, 13:17:20"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Chipset\Chipset\VN890\INSTMSIA.EXE";"N/D";"22/06/2011, 13:17:21"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Chipset\Chipset\VN890\Setup.exe";"N/D";"22/06/2011, 13:17:22"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Video fdp\Video\VN896_15131509_XP_w12x8_logod\s3minset.exe";"N/D";"22/06/2011, 13:17:22"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Video fdp\Video\VN896_15131509_XP_w12x8_logod\S3TrayP.exe";"N/D";"22/06/2011, 13:17:22"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Video fdp\Video\VN896_15131509_XP_w12x8_logod\setup.exe";"N/D";"22/06/2011, 13:17:22"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Video fdp\Video\VN896_15131509_XP_w12x8_logod\VModes.exe";"N/D";"22/06/2011, 13:17:23"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\Raul\irpf2007v2.0.exe";"N/D";"22/06/2011, 13:17:23"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\Rbs\balanco.exe";"N/D";"22/06/2011, 13:17:24"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\Rbs\PERDCOMPv2.2.EXE";"N/D";"22/06/2011, 13:17:24"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\DACON Mensal-Semestral\DACONMS21.exe";"N/D";"22/06/2011, 13:17:24"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\DACON Mensal-Semestral\Desinstalar21\Desinstalar21.exe";"N/D";"22/06/2011, 13:17:25"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\DIPJ2009V10\DIPJ2009V10.exe";"N/D";"22/06/2011, 13:17:26"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\DIPJ2009V20\DIPJ2009V20.exe";"N/D";"22/06/2011, 13:17:26"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\DIPJ2009V21\DIPJ2009V21.exe";"N/D";"22/06/2011, 13:17:26"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\IRPF2009\IRPF2009.EXE";"N/D";"22/06/2011, 13:17:27"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Simone Rbs\IRPF2009\UNWISE.EXE";"N/D";"22/06/2011, 13:17:27"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Site RBS\Transfer Pricing\Custeio.exe";"N/D";"22/06/2011, 13:17:28"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\SP Vacinas\Formulario para protesto.exe";"N/D";"22/06/2011, 13:17:28"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\VERIFICA\Verifica Equipamento\maquina.exe";"N/D";"22/06/2011, 13:17:28"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\cs\kb888111xpsp2.exe";"N/D";"22/06/2011, 15:42:25"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\cht\kb888111xpsp2.exe";"N/D";"22/06/2011, 15:42:26"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\MicCal.exe";"N/D";"22/06/2011, 15:42:27"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\RTHDCPL.exe";"N/D";"22/06/2011, 15:42:28"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Modem\Modem\1456R3\HXFSetup.exe";"N/D";"22/06/2011, 15:42:29"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Video fdp\Video\VN896_15131509_XP_w12x8_logod\VTTimer.exe";"N/D";"22/06/2011, 15:42:29"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\ger\kb888111xpsp2.exe";"N/D";"24/06/2011, 09:54:44"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\da\kb888111xpsp1.exe";"N/D";"24/06/2011, 09:54:45"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\RTLCPL.exe";"N/D";"24/06/2011, 09:54:45"

"Infecção";"Vírus identificado Win32/Gaelicum.A ";"c:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Chipset\Chipset\VN890\INSTMSIW.EXE";"N/D";"24/06/2011, 09:54:46"

"Malware";"PE_TENGA.A";"C:\SHAREDDOCS\RAUL\NOTBOOK VENDIDO AO BOLA\GILCONSULT\DRIVERS MICROBOARD\AUDIO\AUDIO\AZALIA\SETUP.EXE";"N/D";"22/06/2011, 13:18:09"

"Malware";"Win32.Tenga.a";"C:\SHAREDDOCS\RAUL\NOTBOOK VENDIDO AO BOLA\GILCONSULT\DRIVERS MICROBOARD\AUDIO\AUDIO\AZALIA\WDM\ALCMTR.EXE";"N/D";"22/06/2011, 13:18:43"

"Malware";"W32/Stanit";"C:\SHAREDDOCS\RAUL\NOTBOOK VENDIDO AO BOLA\GILCONSULT\DRIVERS MICROBOARD\VIDEO FDP\VIDEO\VN896_15131509_XP_W12X8_LOGOD\SETUP.EXE";"N/D";"22/06/2011, 13:19:17"

"Malware";"PE_TENGA.A";"C:\SHAREDDOCS\RAUL\NOTBOOK VENDIDO AO BOLA\GILCONSULT\DRIVERS MICROBOARD\AUDIO\AUDIO\AZALIA\SETCDFMT.EXE";"N/D";"22/06/2011, 13:17:53"

 

Log do processamento:

 

Verificação automática: concluído 2 minutos atrás (eventos: 2, objetos: 488758, hora: 01:25:10)

24/06/2011 09:00:49 Tarefa iniciada Ação padrão selecionada

24/06/2011 10:25:59 Tarefa concluída Ação padrão selecionada

 

Fico aguardando instruções!

 

Obrigado pela ajuda,

 

[]´s

[wings 22]

Talvez possa ser falso positivo...

 

1.

*Abra a pasta Virus Removal Tool, localizada no desktop, execute o atalho Start

*Clique [sair] > [sim] > [sim] > [sim]

*O PC será reiniciado

*Delete o arquivo setup do Kaspersky e o(s) relatório(s) salvo(s) no desktop

 

2.

*Baixe o Norman Malware Cleaner e salve-o no desktop

*Desative o AVG temporariamente

*Execute-o e instale o programa

*Clique [Add] e selecione as partições do seu HD (C:\, D:\...)

*Clique [start Scan]

*Ao finalizar, clique [Quit]

*Caso seja questionado se deseja reiniciar o computador (Do you want restart now?) clique [sim]

*Cole o relatório criado no desktop (NFix_data.txt)

[rmoralez 0]

Olá Wings,

 

 

Norman Malware Cleaner v2.01.00

Copyright © 1990 - 2011, Norman ASA.

 

Norman Scanner Engine Version: 6.07.10

nvcbin.def: Version: 6.07.00, Date: 2011/06/24 22:16:01, Variants: 12442949

nvcmacro.def: Version: 6.07.00, Date: 2011/02/01 12:21:31, Variants: 20465

 

Operating System: Windows 7 Service Pack 1

 

Switches: /iagree

 

Scan started: 2011/06/27 09:02:26

 

Running pre-scan cleanup routine...

Modified registry value: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows --> AppInit_DLLs from '(null)' to ''

Deleted registry value: HKU\S-1-5-21-2753892991-3215369525-407128404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System --> DisableRegistryTools = 0x00000000

Deleted registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System --> DisableRegistryTools = 0x00000000

Deleted registry value: HKU\S-1-5-21-2753892991-3215369525-407128404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoDrives = 0x00000000

Deleted registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoDrives = 0x00000000

 

Number of malicious objects found: 5

Number of malicious objects cleaned: 5

Scanning time: 0s

 

Scanning system for FakeAV...

 

Number of malicious objects found: 0

Number of malicious objects cleaned: 0

Number of malicious files found: 0

Number of malicious files cleaned: 0

Scanning time: 0s

 

Scanning system for active rootkit activity...

 

Number of malicious objects found: 0

Number of malicious objects cleaned: 0

Number of malicious files found: 0

Number of malicious files cleaned: 0

Scanning time: 0s

 

Scanning running processes and process memory...

 

Number of objects found: 1861

Number of objects scanned: 1861

Number of objects not scanned: 0

Number of malicious memory objects found: 0

Number of malicious objects cleaned: 0

Number of malicious files found: 0

Number of malicious files cleaned: 0

Scanning time: 1m 18s

 

Running full scan...

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$R79GQ0V.exe/noname.zip/Instalar.exe/file72: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$R2SYYLT.exe/noname.zip/Instalar.exe/file51: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RDI68GI.exe/noname.zip/Instalar.exe/file170: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RJ4UL2P.exe/noname.zip/Instalar.exe/file78: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RDP8MO8.exe/noname.zip/Instalar.exe/file83: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RJ4UL2P.exe/noname.zip/Instalar.exe/file78/file12: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RLF3U96.exe/noname.zip/Instalar.exe/file50: I/O error scanning file: 0x00220005

C:\$RECYCLE.BIN\S-1-5-21-2753892991-3215369525-407128404-1000\$RU1YAUC.exe/noname.zip/Instalar.exe/file169: I/O error scanning file: 0x00220005

C:\phoenix\Empresas\AUGAZO\0\00000001.001: Error opening file for read: 0x00000020

C:\Program Files\HP\HP LaserJet M1120 MFP\LJM1120.cab: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\driver.cab: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\Manuals\Digital Imaging\HH_HELPHOME.chm: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\Manuals\Digital Imaging\TR_SCAN.chm: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\Manuals\Digital Imaging\TR_TROUBLESHOOTINTRO.chm: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\Manuals\Digital Imaging\UT_SCAN.chm: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\Manuals\HP1120UG.chm: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\PrntDriver\LJM1120.cab: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\Portugues\ScanDriver\support.cab: Error opening file for read: 0x00000005

C:\Program Files\HP\HP LaserJet M1120 MFP\support.cab: Error opening file for read: 0x00000005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0: I/O error scanning file: 0x00000026

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/attention.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgabout.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgpostinstx.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgresf.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgsbgx.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgtray.exe: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avgui.exe: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avguiadv.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avguilog.cfg: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/avguires.dll: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/bg_bottom.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/bg_plain.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/flyout.css: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/Flyout.html: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/flyout_bg.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/gadget.css: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/gadget.html: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/Gadget.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/gadget.xml: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/icon.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/imagesprite.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/loading.gif: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localize.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizecs.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeda.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizede.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeen_US.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizees.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizees_LA.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizefr.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizehi.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizehu.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeid.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeit.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeja.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeko.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizems.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizenl.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizepl.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizept.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizept_BR.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizeru.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizesk.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizesr.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizetr.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizezh_CN.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/localizezh_TW.js: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/logo.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/progress_paused.gif: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/progress_running.gif: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/protected.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/searchbox.png: I/O error scanning file: 0x00220005

C:\ProgramData\MFAData\pack\bins\f10guix1382xn.bin/data/file0/twitter_logo.png: I/O error scanning file: 0x00220005

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\da\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\da\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\el\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\el\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\es\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\es\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\es\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\es\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fi\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fi\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fi\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fi\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fr\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\fr\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\heb\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\heb\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\heb\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\heb\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\hu\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\hu\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\it\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\it\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\it\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\it\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\jpn\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\jpn\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\kor\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\kor\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\kor\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\kor\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\nl\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\nl\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\no\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\no\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\no\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\no\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pl\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pl\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pt\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pt\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pt\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\pt\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\ru\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\ru\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\sv\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\sv\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\sv\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\sv\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\tr\kb888111xpsp1.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\tr\kb888111xpsp1.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\tr\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\tr\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\us\kb888111xpsp2.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\MSHDQFE\Win2K_XP\us\kb888111xpsp2.exe: Repaired

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\SkyTel.exe: File infected with W32/Gael.A

C:\SharedDocs\Raul\Notbook Vendido ao Bola\GilConsult\drivers microboard\Audio\Audio\AZALIA\WDM\SkyTel.exe: Repaired

C:\Users\1\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020

C:\Users\1\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020

C:\Users\1\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020

C:\Users\1\AppData\Local\VirtualStore\Program Files\HP\HP UT\LogFiles\UTLog.log: Error opening file for read: 0x00000020

C:\Users\1\NTUSER.DAT: Error opening file for read: 0x00000020

C:\Users\1\ntuser.dat.LOG1: Error opening file for read: 0x00000020

C:\Users\1\ntuser.dat.LOG2: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\NTUSER.DAT: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\ntuser.dat.LOG1: Error opening file for read: 0x00000020

C:\Users\LogMeInRemoteUser\ntuser.dat.LOG2: Error opening file for read: 0x00000020

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\APEX.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\APEX.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ASPECT.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ASPECT.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CIVIC.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CIVIC.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONCOURSE.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONCOURSE.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EQUITY.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EQUITY.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FLOW.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FLOW.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FOUNDRY.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FOUNDRY.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDIAN.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDIAN.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\METRO.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\METRO.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MODULE.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MODULE.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OPULENT.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OPULENT.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ORIEL.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ORIEL.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ORIGIN.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ORIGIN.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PAPER.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PAPER.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOLSTICE.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOLSTICE.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TECHNIC.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TECHNIC.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TREK.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TREK.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\URBAN.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\URBAN.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VERVE.EFTX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VERVE.THMX: Error opening file for read: 0x00000005

C:\Windows\Installer\$PatchCache$\Managed\00002109E60061400000000000F01FEC\12.0.4518\XLATE_COMPLETE.XSN_1046: Error opening file for read: 0x00000005

C:\Windows\Installer\10e10f.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\10e134.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\10e14e.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\19d88.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b260fc.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26112.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26128.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b2613d.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26153.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26172.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26173.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26196.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b261bd.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b261d3.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b261fc.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b261fd.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26216.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b2622e.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26244.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b2625a.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26270.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b26286.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b2629c.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b262b8.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b262d2.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1b262e8.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\1fc1abf.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\21ed1d3.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d1885.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d18a1.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d18b7.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d18cd.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d18da.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d18ff.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d1906.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d1922.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\22d1938.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\2ec0e7.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\2ec0fd.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\476b7.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\476c0.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\47881.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\4788b.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\47894.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\4789b.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\55985fe.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\5598613.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\559861b.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\5598625.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\5598640.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\559866b.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\61218f.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\791e6.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf89b8.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf89db.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf89e2.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf89e9.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf89f0.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf8a06.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\79bf8a1c.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\96470a.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\964720.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\c2a0f.msp: Error opening file for read: 0x00000005

C:\Windows\Installer\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}\1046.mst: Error opening file for read: 0x00000005

C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F83216024FF}\sp1046.MST: Error opening file for read: 0x00000005

C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\1046.mst: Error opening file for read: 0x00000005

C:\Windows\Installer\{6347401C-C260-4B30-9816-8F5A1419CC49}\1046.MST: Error opening file for read: 0x00000005

C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\1046.mst: Error opening file for read: 0x00000005

C:\Windows\Installer\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}\1046.MST: Error opening file for read: 0x00000005

C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\2070.MST: Error opening file for read: 0x00000005

C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\ShellUI.MST: Error opening file for read: 0x00000005

C:\Windows\Installer\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}\1046.mst: Error opening file for read: 0x00000005

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020

C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020

C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020

C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020

C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020

C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020

C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020

C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020

C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020

C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020

C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020

C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020

C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020

C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020

C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020

C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020

C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020

C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020

C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl: Error opening file for read: 0x00000020

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020

 

Number of files found: 170337

Number of archives unpacked: 6988

Number of objects found: 414431

Number of objects scanned: 414192

Number of objects not scanned: 239

Number of malicious objects found: 28

Number of malicious objects cleaned: 28

Number of malicious files found: 28

Number of malicious files cleaned: 0

Scanning time: 2h 21m 59s

 

Running post-scan cleanup routine...

 

Number of malicious objects found: 0

Number of malicious objects cleaned: 0

Scanning time: 0s

 

Results:

Total number of files found: 170337

Total number of archives unpacked: 6988

Total number of objects found: 416292

Total number of objects scanned: 416053

Total number of objects not scanned: 239

Total number of malicious objects found: 33

Total number of malicious objects cleaned: 33

Total number of malicious files found: 28

Total number of malicious files cleaned: 0

Total scanning time: 2h 23m 17s

 

Fico no aguardo, obrigado!

 

[]´s

[wings 22]

OK...

 

Como está o PC?

 

Realmente foram encontrados arquivos com problemas e foram reparados.

 

Caso não tenha mais nada, desinstale o Norman Malware Cleaner e um abraço.

[rmoralez 0]

Olá Wings,

 

A máquina aparentemente esta normal!

 

Em Options Quarantine tem 5 elementos que foram inseridos durante o scan, qual procedimento a adotar antes da instalação?

 

Fico no aguardo, obrigado!

 

[]´s

[wings 22]

Se estão na quarentena, são arquivos contaminados e que devem ter sido reparados.

 

Nada a fazer.

 

Basta desinstalar o Norman.

 

 

Um abraço.

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.