Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Aurora and FunWebProducts [RESOLVED]

Started by Roberto_SP , Jun 19 2005 02:38 AM

  • This topic is locked This topic is locked

#1
Roberto_SP
Posted 19 June 2005 - 02:38 AM

Roberto_SP

    Member

  • Member
  • PipPip
  • 19 posts
Hi. I've been trying to get rid of these two spywares (aurora and FunWebProducts) with Spybot and Microsoft anti-spyware with no sucess. Can someone tell me how I can get rid of them?
Thanks a lot.

Logfile of HijackThis v1.99.1
Scan saved at 05:33:29, on 19/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
c:\windows\system32\uwmubnu.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - (no file)
O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [usqnyr] c:\windows\system32\uwmubnu.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\arquivos de programas\newdotnet\newdotnet6_38.dll' missing
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{657D736E-A2BE-4490-ADE1-EDE23FBDD09B}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
  • 0

Advertisements

#2
loophole
Posted 21 June 2005 - 07:59 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Hello :tazz: ,

Sorry for the delay in response as we have been very busy lately.

Since your original Hijack log is a few days old, could you please post a fresh Hijack This log for review.

If you have already gotten your machine fixed, please respond here and let us know.

Thanks
  • 0

#3
Roberto_SP
Posted 22 June 2005 - 10:37 AM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi loophole! Thanks a lot for your help. Here is the new hijack this log:



Logfile of HijackThis v1.99.1
Scan saved at 13:33:39, on 22/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\arquivos de programas\newdotnet\newdotnet6_38.dll' missing
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{657D736E-A2BE-4490-ADE1-EDE23FBDD09B}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
  • 0

#4
loophole
Posted 22 June 2005 - 08:46 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Hello Roberto_SP ;)

Lets get you fixed up :tazz:

From a computer that has Internet access, click on the following link:
http://www.new.net/s...install6_76.exe.
· Download and save uninstall6_76.exe to Local Disc C
· Click on Start.
· Click on Run.
· In the Open window type, C:\uninstall6_76.exe.
· Click on the OK button.
· After removal, you may be prompted to reboot. Please reboot if not prompted

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

Please download Nailfix from here:
http://www.noidea.us...050515010747824
Unzip it to the desktop but please do NOT run it yet.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
http://www.pchell.co.../safemode.shtml


Once in Safe Mode, please double-click on Nailfix.cmd. Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.

Then please run Ewido, and run a full scan. Save the logfile from the scan.

Next please run HijackThis, click Scan, and check (if present):

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Close all open windows except for HijackThis and click Fix Checked.

Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
  • 0

#5
Roberto_SP
Posted 23 June 2005 - 12:31 AM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi loophole. Thanks again. :tazz: I followed the procedure and the new logs are:


Logfile of HijackThis v1.99.1
Scan saved at 03:21:03, on 23/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} (CAtmCap Object) - https://netbanking2....reControl2k.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe




---------------------------------------------------------
ewido security suite - Relatório de verificação
---------------------------------------------------------

+ Criado em: 03:15:00, 23/6/2005
+ Relatório-Checksum: 970E0ADF

+ Data da base de dados: 22/6/2005
+ Versão do motor de verificação: v3.0

+ Duração: 26 min
+ Ficheiros Verificados: 67990
+ Velocidade: 42.11 Ficheiros/Segundo
+ Ficheiros infectados: 8
+ Ficheiros removidos: 8
+ Ficheiros postos em quarentena: 8
+ Ficheiros que não podem ser abertos: 0
+ Ficheiros que não podem ser limpos: 0

+ Binder: Sim
+ Crypter: Sim
+ Arquivos: Sim

+ Itens verificados:
C:\
C:\Temp
C:\WINDOWS\system32
C:\Documents and Settings\USUARIO\Desktop

+ Resultado da verificação:
C:\Documents and Settings\USUARIO\Cookies\usuario@advertising[1].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@atdmt[2].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@cgi-bin[1].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\[email protected][1].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@sexlist[2].txt -> Spyware.Tracking-Cookie -> Limpo com backup
C:\Documents and Settings\USUARIO\Cookies\usuario@tradedoubler[1].txt -> Spyware.Tracking-Cookie -> Limpo com backup


::Fim do Relatório



I've just realised that the ewido report is not in english. ;) Sorry about that, but I think you'll be able to understand it. Anyway, in order to make it easier, I translate three key words of the log:
- verificado = verified
- ficheiro = file
- resultado da verificação = scan results

Finally, I was not connected to the internet when I ran hijack this, so aurora couldn't "regenerate"...

Roberto_SP
  • 0

#6
loophole
Posted 23 June 2005 - 12:22 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
No worries ;) . I can read it good enough to know you have no problems :tazz:

Do this every couple of days:

Right click Internet explorer Click cookies click OK click delete files check the delete offline content box click ok

your system is clean

Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:

Detect and Remove Programs:
  • How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
  • How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
Prevention Programs:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
Other necessary Programs:
  • AntiVirus Program<= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kapersky, this is a must have.
  • Firewall<= A firewall is definatley a must have. Two good free versions are Sygate and ZoneLabs.
  • More Secure Browser<= Internet Explorer is not the most secure and best browser. There are safer and better alternatives available. I recommend Firefox, however Opera and SlimBrowsers are good as well.
And also see TonyKlein's good advice
So how did I get infected in the first place? and Spyware Aid's spyware article: Spyware, Adware, Malware: What it is, how it got on my computer, how to get rid of it, and how to prevent it.
  • 0

#7
Roberto_SP
Posted 23 June 2005 - 02:01 PM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Great job, loophole! :tazz: Aurora is gonne...

But Spybot still detects FunWebProducts and is not able to clean it. ;)

Thanks again.
  • 0

#8
loophole
Posted 23 June 2005 - 06:55 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
No problem Roberto_SP :tazz:

Does Spybot tell you the full file path to FunWebProducts ,if it does post them here if not run this san ActiveScan

Copy the results of the ActiveScan and paste them here with a new hijack log
  • 0

#9
Roberto_SP
Posted 23 June 2005 - 08:01 PM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
;) Here we go again...



Incident Status Location

Adware:Adware/eZula No disinfected Windows Registry
Spyware:Spyware/AdClicker No disinfected C:\WINDOWS\usta33.ini
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\unstall.exe
Adware:Adware/Need2Find No disinfected Windows Registry
Adware:Adware/eZula No disinfected C:\Arquivos de programas\Microsoft AntiSpyware\Quarantine\24FD4921-131D-47E1-A231-CB9F28\E08DF792-1935-49B6-AAB2-362010
Adware:Adware/eZula No disinfected C:\Arquivos de programas\Microsoft AntiSpyware\Quarantine\24FD4921-131D-47E1-A231-CB9F28\E0BEEEFD-1D46-4A08-9C35-69724B
Adware:Adware/eZula No disinfected C:\Arquivos de programas\Microsoft AntiSpyware\Quarantine\C53B78B5-84CE-469F-B788-4611D2\8FF67649-56E9-47C2-8B95-F7A616
Adware:Adware/Need2Find No disinfected C:\Arquivos de programas\Need2Find\bar\4.bin\NPND2FN.DLL
Virus:Trj/WmvDownloader.A Disinfected C:\Beto\musicas\Nova pasta\O Cold Water.wma
Adware:Adware/Transponder No disinfected C:\WINDOWS\igggecx.exe
Spyware:Spyware/Media-motor No disinfected C:\WINDOWS\unstall.exe
Spyware:Spyware/AdClicker No disinfected C:\WINDOWS\usta33.ini





Logfile of HijackThis v1.99.1
Scan saved at 23:00:00, on 23/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
C:\Arquivos de programas\SpywareGuard\sgmain.exe
C:\Arquivos de programas\SpywareGuard\sgbhp.exe
C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\eMule\emule.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Arquivos de programas\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: SpywareGuard.lnk = C:\Arquivos de programas\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} (CAtmCap Object) - https://netbanking2....reControl2k.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{657D736E-A2BE-4490-ADE1-EDE23FBDD09B}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe



Thanks again, loophole. :tazz:
  • 0

#10
loophole
Posted 23 June 2005 - 08:14 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Hello roberto :tazz:

Well you do have a couple random files to fix. I dont see Funwebproducts though

Please print out these directions

Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).

Please uninstall the following(if present) Click Start>>>control panel>>>add/remove (if present)
Need2Find
Funwebproducts

Using windows explorer( right click start, left click explore)
Search for and delete these files and folders (If found)
C:\WINDOWS\usta33.ini
C:\WINDOWS\unstall.exe
C:\WINDOWS\igggecx.exe
C:\Arquivos de programas\Need2Find

Scan with Spybot and let it fix anything it finds

Reboot ,post a Hijack log and tell me if Spybot still detects anything

Edited by loophole, 23 June 2005 - 08:14 PM.

  • 0

Advertisements

#11
Roberto_SP
Posted 24 June 2005 - 10:31 AM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hello loophole! How are you doing? Thanks again for your help.

I think FunWebProducts is finally gonne. :tazz: Yesterday, after posting the hjt log, I erased in the windows registry all the lines related to FunWebProducts I found. Now Spybot doesn't find anything.

I followed the procedure you suggested but I had problems with the Need2find. When I tried to remove it through the control panel, I got an error message saying the file was not found. However, I found it with windows explorer and try to remove it manually but I got another message saying "denied access". ;)



Logfile of HijackThis v1.99.1
Scan saved at 13:20:00, on 24/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
C:\Arquivos de programas\SpywareGuard\sgmain.exe
C:\Arquivos de programas\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Arquivos de programas\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: SpywareGuard.lnk = C:\Arquivos de programas\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} (CAtmCap Object) - https://netbanking2....reControl2k.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{657D736E-A2BE-4490-ADE1-EDE23FBDD09B}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe


;)
  • 0

#12
loophole
Posted 24 June 2005 - 01:28 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Hey roberto ;)

Im doing fine and how are you? ;)

Good job on getting rid of funwebproducts :tazz:

Lets get a second opinion on this.

Please run an on-line virus scan at Kaspersky OnLine Scan

Post the results from the scan and a new Hijack log. we are almost done
  • 0

#13
Roberto_SP
Posted 24 June 2005 - 03:40 PM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi loophole! I'm fine, thanks. ;) I realized you're from Indiana. Have you been to the Formula 1 GrandPrix? :tazz:

Here is what you asked for:

-------------------------------------------------------------------------------
KASPERSKY ANTI-VIRUS WEB SCANNER REPORT
Friday, June 24, 2005 18:32:13
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Anti-Virus Web Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 24/06/2005
Kaspersky Anti-Virus database records: 127637
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 65644
Number of viruses found: 45
Number of infected objects: 750
Number of suspicious objects: 27
Duration of the scan process: 2427 sec

Infected Object Name - Virus Name
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\00FD734D.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\012E38D0.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0186002E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\019545D1.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0197521C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\01B42CB9.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\01C47EA7.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\01EF3FBB.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\01FF11A9.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\026327C5.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\027803E1.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\028855CF.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\02C3498E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\02D31B7D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\030D365E Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\031E717E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03220B26.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03221B7A.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03325D14.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\036F79C0.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03823D1A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\038F1A4D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\039722CE.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03A73DB3.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03AB6E8F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03BB407D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\03E048FE.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04003232.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04100420.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04560E2D.class Infected: Trojan-Downloader.Java.OpenStream.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04C93A0D.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04C93A0D.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04CC640A.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04D00E06.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04D33802.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04D33802.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\04D661FF.class Infected: Trojan-Dropper.Java.Small.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\05CD2B58.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\05DD118B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\05F849B0.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\068B09F6.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07045A4C.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07050801.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\073973B1.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07572A84.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07824C56.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07921E44.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\079E0961.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07C90DC6.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07D061BF.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\07D95FB4.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\089E34EE.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\093D4156.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\09C84928 Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0A1B7558.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0A2B0ACB.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0A384E50.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0A384E50.exe Infected: Trojan.Win32.StartPage.ta
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0A3C5CB9.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0AB920CC.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0AC972BA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0AEC762D.class Infected: Trojan-Downloader.Java.OpenStream.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0AF73E88.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0B0A3A72.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0B1C4954.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0C472316.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0C6172F9.jar/Counter.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0C6172F9.jar/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0C6172F9.jar/Parser.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0C6172F9.jar Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0CE922E8.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D777B55.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7A2551.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D7D4F4E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D80794A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D80794A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D842346.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0D842346.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0DE12FF8.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0E0351E2.class Infected: Trojan.Java.ClassLoader.u
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0E091036.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0E565845.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0F7451AF.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0F7451AF.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0F990BCA.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0FB53C64.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\0FCC624B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\10416BC3.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\10A15DA8.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1186066B Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\11B00C46.class Infected: Trojan.Java.Needy.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\12180EA5.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\123D4E2C.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\12422BD2.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1308104E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\130C239E Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\132C5F77 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\139976A5 Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\13FC0CAB.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\13FE62B4 Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\14E201D7.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\156617C9.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\156C0ED2 Infected: Trojan.Win32.Agent.cp
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\15D6394F.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\160338C7.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\16260114.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\166A3922.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\168C42DD.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\173E0690.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\17CE5B44.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\180F6C57.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\18665A18.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\190B4FEE.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\193256BD Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\195E61B1.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\19987587.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\199D67D7.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\19AD45AF.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\19C65691 Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\19CD0610.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A3E2148.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A4B577D.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A4B577D.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A4B577D.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A4B577D.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A5A3A22.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1A5A5665 Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1AC77DF3.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1AEE5639 Infected: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1B130210.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1B1A5609.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1B277DFA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1B5B1C61.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1B697744.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1CEA3EB4 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D050EBB.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D46180C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D494208.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D533FFE.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D5423A4.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1D727AC5.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1DD123AB Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1ED227E8.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1F231789.exe Infected: Trojan-Downloader.Win32.Small.akj
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1F382BC2.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\1FC30FCD Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\20034BB6.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\20C25C21.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\20C823DE.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\20C823DE.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\212301B7.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\21276680.class Infected: Trojan.Java.ClassLoader.z
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\213B6FB2.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\21657D2D.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\21C37AFD.ani Suspicious: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\21EB45D2.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\228C1636.class Infected: Trojan.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\228E4430.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\22BF05B2.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\22CE428F.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\22CE428F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\22E66BDB.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\230B6083.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\231D3C9F.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\23A534E1.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\23C40D4A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\23DB38CE.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\23DF62CA.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\23F9597C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24002D75.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24092B6A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\241625EB.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24495C42.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24856E86 Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\248C645E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\248C645E.js Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24B17ED7 Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\24C86E2F.dll Infected: Trojan.Win32.Delf.gh
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\251A0CEA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\252B5ED8.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\25482C3A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\258658A1.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\258723E4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\25BE7EEA Infected: Exploit.VBS.Phel.i
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\26AE7934.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\26BD4EE2 Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\27160007.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\27231DB2.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\272C7CE6.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\27DF2F15.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\27EA6375.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\28415DC7.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\28582695.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\288251EA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\289D21CD.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\28E75B57.class Infected: Trojan.Java.ClassLoader.z
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\29334643.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\29431831.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\29504023.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\29AC4A63 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2A43312C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2A740C32.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3782E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2AD74935.htm Infected: Trojan-Downloader.JS.Psyme.ap
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2ADE1D2E.class Infected: Trojan.Java.Needy.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2AE8705E.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2B3C1ABB/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2B3C1ABB/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2B3C1ABB/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2B3C1ABB Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2BB47AFC.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2BEB5FEF.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2BFB31DD.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2C585FDD.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2C585FDD.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2D437056.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E07088D.class Infected: Trojan.Java.ClassLoader.z
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E3377A7.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E3621A3.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E394BA0.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E556FFE.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2E565014.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2EF44F80.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2F1448AF.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2F1B1CA8.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2F316A4C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\2FC639D5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\30177FE3.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\301D205C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\301D205C.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\30764346.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\30773486 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\30995037 Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\30E52A7E Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\315A677D.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\317C10EF.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\31E4259B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\32141727.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\32256915.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\32A15130.class Infected: Trojan.Java.ClassLoader.Dummy.e
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\33D832D5.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\340E39E2.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\34C75C84.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3533323F.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\355C1D21 Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\361A5B7E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\36565ECE.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\365908CA.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\36B63B07.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\36B772B0.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\36C5168C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\36CF1C45 Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\373D0C4C.class Infected: Trojan-Downloader.Java.OpenStream.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\37BE6106.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\37BE6106.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\37F1189C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38017CB1 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38A51E97.htm Infected: Trojan-Downloader.JS.Weis.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38BB447E.htm Infected: Trojan-Downloader.JS.Weis.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38C21877.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38D26A65.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\38DC685A.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3919435F Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3936454E.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\397A3703.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3994575B.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3A0E71DE.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3A2B2602.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3A2F387B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3ABB2315 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3ACA0FE9.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3B531FA4.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3B531FA4.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3B546BD6.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3BCA7CD1.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3BE55A38.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3BEC09BE.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3C10130C.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3C202C4F.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3CEB2F26.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3CF1031F.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3D825C0D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3DAE5711.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3DC01E31.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3E6B525F.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3E733167.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3EB6540E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3EC828EA.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3EDF3302.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3EE70DDF Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3F082F12.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\3FAF1A0B.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\40401F44 Infected: Trojan-Downloader.Java.OpenStream.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\40537966.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\40AD027D.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\40EC5920 Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\411B58EB.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\417C5B49.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\42526A6C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\428B2B58.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\428F7578.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\429C1D6A.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\42A04766.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\42AE1DF7.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\42C57553.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\430457F7 Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\431F2B2C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4369585C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\436D0258.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\440A79A4.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\447657BE.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\44D532F6.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\450F71F4.class Infected: Trojan.Java.ClassLoader.Dummy.e
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\45300993.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\45BD4BEC.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\461834E4 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\464D564A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46804019.exe Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46976600.exe Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46BB014C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46C25545.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46C25545.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\46C3394B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\47677B29 Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\47AC72A2.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\481360A2.ani Infected: Trojan-Downloader.Win32.Ani.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\481360A2.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48160A9E.ani Infected: Trojan-Downloader.Win32.Ani.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48160A9E.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48160A9E.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48160A9E.js Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4819349B.ani Infected: Trojan-Downloader.Win32.Ani.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4819349B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4819349B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4819349B.js Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\481D5E97.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\481D5E97.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\488B7C32.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48977862 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\48C10561.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\494349B1.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\49491DAA.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\49AB509E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\49CE7952.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\49E234A2.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4A6D539E.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4A763476.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4AC11813.htm Infected: Trojan-Downloader.JS.Weis.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4AC54210.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4AC86C0C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4AED4FF5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4AF52CC2.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4B0A344A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4B305588.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4B950958.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4CE6505A.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4CEF2DE9.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4D7D4EC5 Infected: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4D8078C2 Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4D8322BE Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4D874CBA Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4DD1333A.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4DD1333A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\4DEA5765 Infected: Trojan-Dropper.Win32.Agent.jm
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\501973C6.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\501973C6.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\504455F1.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\50A77B4A Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\50CD1C7B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\511E7936.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5154195C.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51752891.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51752891.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\517B6FCB Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51A000A1.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51B60C5E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51EA4133 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\51FB55EA.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\52566E51.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\52B859F4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\52D31058.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\54121FEA.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\54A84C7E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\54CA0E25.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\54E030C9.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\54E604C2.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\55D0698E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\55ED4FFD.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\56635105.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\56982038.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\572F603F.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\57A97973.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\58340E3F.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\586234FF.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\591A026B Infected: Trojan.Java.ClassLoader.f
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\591A1FA9.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\592C6DD5 Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\59312852 Infected: Trojan-Downloader.Win32.Small.ayl
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\598463AD.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\59870DA9.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5A7F573A.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5AA938A9.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5B3A6529.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Anti

Edited by Roberto_SP, 24 June 2005 - 03:44 PM.

  • 0

#14
Roberto_SP
Posted 24 June 2005 - 03:45 PM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Not enough space in the last post... :tazz: Here is what follows:


C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5B723CEE.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5B803ED5.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5BA162B1.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5BA736AA.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5BCB16C6.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5C076C59.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5C607029.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5C780D65 Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5CD70B62.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5CDE6001.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5CEA074C.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5D06648F.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5D170AE3.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5D223E79.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5DAE3A59.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5DF834A2 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5DFB5E9F Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5E5707EA.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5E9458AC/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5E9458AC/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5E9458AC/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5E9458AC Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5EBF4644.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5ED3422F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5EDA1627.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5EDE6452.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5EF4660B.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5EF71007.class Infected: Trojan.Java.ClassLoader.h
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5FBF1D8B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\5FF877F6.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\60302A56.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\60F44151/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\60F44151/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\60F44151/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\60F44151 Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\61237A61.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6172622A.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\62BC3342.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\62C53AD5.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\631C01A3.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\63265B6C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\633A5757.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\634F2F29.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\637B6248.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\63C010C3.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\63D062B2.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64072C74.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64140C28.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64145466.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\643F7637.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\644F4825.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6459461B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\645C02D0.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\645C02D0.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64691809.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\649439DA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64A40BC8.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\64C9443E.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65124A98.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\651F125F.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65203FDE.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\652369DA.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6534432A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65473F14.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EE4A8F.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EE4A8F.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EE4A8F.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EE4A8F.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EF7187.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EF7187.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\65EF7187.html Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66026D71.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66026D71.html Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66101563.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66101563.html Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\663D66E6 Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\669001DD.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\669823A2.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66A87590.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66AC74B6.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66BE515F.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66C070A1.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66C24573.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66F7136B.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66FA3D68.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66FA3D68.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66FA3D68.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\66FA3D68.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67294258.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673B0520.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673B0520.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673B0520.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673B0520.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673B0520.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\673D36DE Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67502803.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67502803.html Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\676323ED.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\676323ED.html Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\678E72DF.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67976E8A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67AA6A74.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67B56AB4.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\67FC041A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68061054.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\680C5608.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6833388A.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68364A25 Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\685F71F9.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68621BF5.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68621BF5.exe Infected: Trojan-Downloader.Win32.Small.amq
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68844637.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\68F44465.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\695B3A0D.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\69A67AB2.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\69CE2079.class Infected: Trojan.Java.ClassLoader.z
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A1B01C5 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A53750D.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A54425D.ani Infected: Trojan-Downloader.Win32.Ani.b
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A54425D.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A54425D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6A6A6456 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6ABC4D3D Infected: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6ABE00F7.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6AD84340.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6ADF1738.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6AE9152E.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6AEC3F2A.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6AEC3F2A.exe Infected: Trojan-Downloader.Win32.Small.amq
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6B4E674E Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6B732A77.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6B765474.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6B837C65.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6B9E4021.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6BC5441E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6BC9031E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C8A6641.ani Suspicious: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C8A6641.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C913A3A.ani Suspicious: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C913A3A.class Infected: Trojan.Java.ClassLoader.f
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C946436.ani Suspicious: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C970E33.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6C9B382F.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CA10C28.ani Suspicious: Exploit.Win32.IMG-ANI.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CA10C28.class Infected: Trojan.Java.ClassLoader.f
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CA53624.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CA86021.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CD10441.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CEE7A9A.htm Infected: Trojan.JS.Seeker
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6CF0618B.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6D840598.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6DB1265D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6DC1784B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6DC25852.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6DD6583F.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6DF26E15.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E024003.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E0B54D4.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E3C1AD3.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E4044CF.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E4731B7.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E5016BD.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E504EB2.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E5703A5.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6E834455 Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6EBA4861.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F073089.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F284926.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F2B7323.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F381B14.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F63767F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F73486D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F8E1850.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F943F22 Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F97658A.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\6F9E6A3E.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\702179AE.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\70314B9C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\705B700F.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\707869EE.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\707B13EB.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\707C114A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\708C6338.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\709145C0.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\709F091D.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\70C14098.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\71B43739.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72203DDC.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72203DDC.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72692B0A.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72817AE6.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72884EDF.class Infected: Trojan.Java.ClassLoader.u
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72DA6ACF.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72ED53F2.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72F327EB.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\72FC0915 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73035D0E Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73173257 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\732F0446.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\735A75C4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73A72D25.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73A72D25.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73A72D25.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73A72D25.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73E667AA.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73E667AA.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\73F63998.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\741B018E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\741D4DFE.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\74203EA0.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\742B02A8.class Infected: Trojan.Java.ClassLoader.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\74333A8B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\744A6071.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\744D0A6E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\745F4964.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\74701B52.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\74766F4B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\747A6C20.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\748577DC.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\74864139.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\756806BC.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76081B91.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76186D7F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\761C4291.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\761D5470.jar/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\761D5470.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\761D5470.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\761D5470.jar Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7631505A.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\763E3A17 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\767C699E.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\769D6660.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76A1702B.gif Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76A961D5.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76AD0BD1.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76B035CE.htm Infected: Trojan-Downloader.JS.gen
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76BF4AC8.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76CF1CB6.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76D72DA3.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76DA579F.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76DA579F.exe Infected: Trojan-Downloader.Win32.Small.amq
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76ED3448.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76ED3448.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76F05E45.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\76F05E45.htm Infected: Trojan-Downloader.JS.gen
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7703623B.htm Infected: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\771A01A6.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\772B5394.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\77A83C41.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\77E856C3.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\77F828B1.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7836466D.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7847185B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\787B3822.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\78881BBD.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\788B0A10.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\78CD51C8.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\78DB490F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\78DD23B6.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\795D3A0B.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\79732F11.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\79872AFB.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\79CF46AC.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\79DF189A.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7A631565.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7A653296.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7A7C77ED.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7A8C49DC.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7AC439A5.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7AE5247E.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B002F28/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B002F28/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B002F28/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B002F28 Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B0F25E1.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B247B21 Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7B7B00C4 Infected: Trojan.Win32.Agent.db
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7BB60424.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7BE62C5F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7BFA2849.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7C4A03F8.class Infected: Trojan.Java.ClassLoader.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7C915F02.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7CC02AAD Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7CD52558.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7CE57746.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7CF51CFB.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7D0C6F1B.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7D1C4109.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7DAD3447.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7DEA1BD4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7E4F2BB7.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7E607DA5.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7E6F25C1.anr Infected: Trojan-Downloader.Win32.Ani.c
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7E6F25C1.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7E8956F0.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EAB4353.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EAC50FA.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EBB1541.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7ECA1EA8.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EE12A8D.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EF4549D.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7EF86A76.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F220C47.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F2459E5.class Infected: Exploit.Java.Bytverify
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F433024.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F754F31.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F8477DC.htm Suspicious: Exploit.HTML.Mht
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7F85211F.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7FA81436.class Infected: Trojan.Java.Femad
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7FB30C30.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7FD4300C.htm Infected: Exploit.VBS.Phel.a
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\Quarantine\7FE401FA.htm Infected: Exploit.VBS.Phel.a
C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy\Recovery\Altnet3.zip/asmend.exe Suspicious: Password-protected-EXE
C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy\Recovery\Altnet3.zip Suspicious: Password-protected-EXE
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP100\A0042710.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP100\A0042858.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP100\A0042878.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP103\A0042926.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP103\A0043952.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP105\A0044033.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP110\A0045573.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP113\A0045867.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP115\A0045952.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP118\A0046078.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP120\A0046092.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP120\A0047126.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP126\A0047609.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP127\A0047650.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP128\A0047662.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP133\A0051333.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP136\A0052042.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP136\A0052084.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP139\A0052186.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP141\A0052380.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP141\A0052389.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP141\A0052404.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP142\A0053468.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP143\A0053485.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP143\A0053521.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP145\A0053818.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP149\A0054143.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038383.exe/data0007 Infected: Trojan-Dropper.Win32.Mudrop.o
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038383.exe Infected: Trojan-Dropper.Win32.Mudrop.o
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038597.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038601.exe/data0000 Infected: Trojan.Win32.SecondThought.aa
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038601.exe Infected: Trojan.Win32.SecondThought.aa
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038602.exe/data0000 Infected: Trojan.Win32.SecondThought.aa
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038602.exe Infected: Trojan.Win32.SecondThought.aa
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP95\A0038658.scr Infected: Trojan-Spy.Win32.Banker.ju
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0039938.exe/data0007 Infected: Trojan-Dropper.Win32.Mudrop.o
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0039938.exe Infected: Trojan-Dropper.Win32.Mudrop.o
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0040096.exe Infected: Trojan-Dropper.Win32.Mudrop.o
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0040101.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0040102.EXE Infected: Trojan-Downloader.Win32.Small.asf
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP96\A0040471.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP97\A0040778.exe Infected: Trojan.Win32.Stervis.c
C:\System Volume Information\_restore{D1A1B1ED-8EC1-43EB-8640-D60B8C74D847}\RP97\A0040896.exe Infected: Trojan.Win32.Stervis.c

Scan process completed.
  • 0

#15
Roberto_SP
Posted 24 June 2005 - 03:46 PM

Roberto_SP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
And the HJT log:


Logfile of HijackThis v1.99.1
Scan saved at 18:45:22, on 24/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe
C:\Arquivos de programas\Ahead\InCD\InCD.exe
C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Arquivos de programas\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe
C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe
C:\Arquivos de programas\VIA\RAID\raid_tool.exe
C:\Arquivos de programas\SpywareGuard\sgmain.exe
C:\Arquivos de programas\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\eMule\emule.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Arquivos de programas\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: SpywareGuard.lnk = C:\Arquivos de programas\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Arquivos de programas\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} (CAtmCap Object) - https://netbanking2....reControl2k.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{657D736E-A2BE-4490-ADE1-EDE23FBDD09B}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Arquivos de programas\ewido\security suite\ewidoguard.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe



Thanks again! :tazz:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP