scan-160628-084138.txt

Document joint : FFCnBkq5kpF_scan-160628-084138.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþEmsisoft Anti-Malware Free - Versão 11.0
Última atualização 28/06/2016 08:35:28
User account: LOUI\loui

Configuração do exame:

Tipo de exame: Exame Personalizado
arquivos: Rootkits, Memória, Rastros, C:\

Detect PUPs: Ligado
Análise de arquivos: Ligado
Análise de ADS: Ligado
Extensão de arquivo: Desligado
Caching avançado: Ligado
Acesso direto ao disco: Desligado

Início do exame: 28/06/2016 08:41:38
C:\windows\System32\rundll32.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll detectados: Application.Win32.Agent (A)
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll detectados: Riskware.Win32.CrackTool (A)
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll detectados: Riskware.Win32.CrackTool (A)
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll detectados: Riskware.Win32.CrackTool (A)
C:\Windows\servicing\TrustedInstaller.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\alg.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\appidcertstorecheck.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\DFDWiz.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\FXSSVC.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\ieetwcollector.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\Locator.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\MRT\156D44C7-D356-4303-B9D2-9B782FE4A304\FilesStash\65AF88ED-435B-389D-468E-A4417226A731_1d1af732f02d81b detectados: Gen:Variant.Symmi.64964 (B)
C:\Windows\System32\msdtc.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\msiexec.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\rundll32.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\snmptrap.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\SpaceAgent.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\UI0Detect.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\vds.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\VSSVC.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\wbem\WmiApSrv.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\System32\wbengine.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\SysWOW64\perfhost.exe detectados: Gen:Variant.Symmi.64964 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-alg_31bf3856ad364e35_6.3.9600.17415_none_99f44d072edbfc38\alg.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-appid_31bf3856ad364e35_6.3.9600.18002_none_485ebbe085df7c11\appidcertstorecheck.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.3.9600.18227_none_d4e406f2d383c9c7\wbengine.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.3.9600.17415_none_0a5dfdcc33c06e7e\msdtc.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.3.9600.17415_none_b63ffffcd96c6f03\DFDWiz.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-fax-service_31bf3856ad364e35_6.3.9600.17415_none_9e2e94a45406df6d\FXSSVC.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-ie-ieetwcollector_31bf3856ad364e35_11.0.9600.18283_none_c6e6e364e5b32081\ieetwcollector.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-installer-executable_31bf3856ad364e35_6.3.9600.17905_none_3a97491d59cf2b73\msiexec.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-rpc-locator_31bf3856ad364e35_6.3.9600.17415_none_c03f8e13c055683c\Locator.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-rundll32_31bf3856ad364e35_6.3.9600.17415_none_c9104c767ea805e0\rundll32.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-s..ces-backgroundagent_31bf3856ad364e35_6.3.9600.17415_none_eba15991ae6b26e0\SpaceAgent.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-session0viewer_31bf3856ad364e35_6.3.9600.17415_none_d2f1e2e91a6b716e\UI0Detect.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.3.9600.17415_none_c095f9c413254d84\snmptrap.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.3.9600.17415_none_82182e6b20e428f7\TrustedInstaller.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.17415_none_5bf5cd86ce6c0f35\vds.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.3.9600.18229_none_4bd0e005eb998763\VSSVC.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.17415_none_aa5efdfbf35612ef\WmiApSrv.exe detectados: Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\wow64_microsoft-windows-p..structure-minkernel_31bf3856ad364e35_6.3.9600.16384_none_d4080be6bf216ea6\perfhost.exe detectados: Gen:Variant.Symmi.64964 (B)

Analisados: 359538
Achado 42

Fim do exame: 28/06/2016 10:51:46
Duração do exame: 2:10:08

C:\Windows\WinSxS\wow64_microsoft-windows-p..structure-minkernel_31bf3856ad364e35_6.3.9600.16384_none_d4080be6bf216ea6\perfhost.exe Gen:Variant.Symmi.64964 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.17415_none_aa5efdfbf35612ef\WmiApSrv.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.3.9600.18229_none_4bd0e005eb998763\VSSVC.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.17415_none_5bf5cd86ce6c0f35\vds.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.3.9600.17415_none_82182e6b20e428f7\TrustedInstaller.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.3.9600.17415_none_c095f9c413254d84\snmptrap.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-session0viewer_31bf3856ad364e35_6.3.9600.17415_none_d2f1e2e91a6b716e\UI0Detect.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-s..ces-backgroundagent_31bf3856ad364e35_6.3.9600.17415_none_eba15991ae6b26e0\SpaceAgent.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-rundll32_31bf3856ad364e35_6.3.9600.17415_none_c9104c767ea805e0\rundll32.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-rpc-locator_31bf3856ad364e35_6.3.9600.17415_none_c03f8e13c055683c\Locator.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-installer-executable_31bf3856ad364e35_6.3.9600.17905_none_3a97491d59cf2b73\msiexec.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-ie-ieetwcollector_31bf3856ad364e35_11.0.9600.18283_none_c6e6e364e5b32081\ieetwcollector.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-fax-service_31bf3856ad364e35_6.3.9600.17415_none_9e2e94a45406df6d\FXSSVC.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.3.9600.17415_none_b63ffffcd96c6f03\DFDWiz.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.3.9600.17415_none_0a5dfdcc33c06e7e\msdtc.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.3.9600.18227_none_d4e406f2d383c9c7\wbengine.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-appid_31bf3856ad364e35_6.3.9600.18002_none_485ebbe085df7c11\appidcertstorecheck.exe Win32.Virtob.Gen.12 (B)
C:\Windows\WinSxS\amd64_microsoft-windows-alg_31bf3856ad364e35_6.3.9600.17415_none_99f44d072edbfc38\alg.exe Win32.Virtob.Gen.12 (B)
C:\Windows\System32\MRT\156D44C7-D356-4303-B9D2-9B782FE4A304\FilesStash\65AF88ED-435B-389D-468E-A4417226A731_1d1af732f02d81b Gen:Variant.Symmi.64964 (B)
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll Riskware.Win32.CrackTool (A)
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll Riskware.Win32.CrackTool (A)
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll Riskware.Win32.CrackTool (A)
C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll Application.Win32.Agent (A)

Em quarentena 23

Signaler le contenu de ce document