Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
o ccleaner eu abro e ele fecha automaticamente no mesmo momento
desinstalações de alguns programas sozinhos
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:11, on 29/9/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\wkego.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winoqvhmw.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Meus documentos\Downloads\HiJackThis.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: 199.180.132.192 www.hotmail.com
O1 - Hosts: 199.180.132.192 hotmail.com
O1 - Hosts: 199.180.132.192 msn.com
O1 - Hosts: 199.180.132.192 www.msn.com
O1 - Hosts: 199.180.132.192 live.com
O1 - Hosts: 199.180.132.192 www.live.com
O1 - Hosts: 173.0.61.235 www4.itau.com.br
O1 - Hosts: 173.0.61.235 itau.com.br
O1 - Hosts: 173.0.61.235 www.itau.com.br
O1 - Hosts: 173.0.61.235 www.bancoitau.com.br
O1 - Hosts: 173.0.61.235 bancoitau.com.br
O1 - Hosts: 173.0.61.235 www.itaupersonnalite.com.br
O1 - Hosts: 173.0.61.235 itaupersonnalite.com.br
O1 - Hosts: 199.180.132.197 bb.com.br
O1 - Hosts: 199.180.132.197 www.bb.com.br
O1 - Hosts: 199.180.132.197 www.bancodobrasil.com.br
O1 - Hosts: 199.180.132.197 bancodobrasil.com.br
O1 - Hosts: 208.89.213.119 www.santander.com.br
O1 - Hosts: 208.89.213.119 www4.santander.com.br
O1 - Hosts: 208.89.213.119 santander.com.br
O1 - Hosts: 208.89.213.119 www.santandernet.com.br
O1 - Hosts: 208.89.213.119 santandernet.com.br
O1 - Hosts: 208.89.213.119 www.banespa.com.br
O1 - Hosts: 199.180.132.65 www.cef.com.br
O1 - Hosts: 199.180.132.65 cef.com.br
O1 - Hosts: 199.180.132.65 www.caixa.gov.br
O1 - Hosts: 199.180.132.65 caixa.gov.br
O1 - Hosts: 199.180.132.65 www.caixa.com.br
O1 - Hosts: 199.180.132.65 caixa.com.br
O1 - Hosts: 199.180.132.65 www.caixaeconomica.com.br
O1 - Hosts: 199.180.132.65 caixaeconomica.com.br
O1 - Hosts: 199.180.132.65 www.caixaeconomica.gov.br
O1 - Hosts: 199.180.132.65 caixaeconomica.gov.br
O1 - Hosts: 199.180.132.65 www.caixaeconomicafederal.com.br
O1 - Hosts: 199.180.132.65 caixaeconomicafederal.com.br
O1 - Hosts: 199.180.132.65 www.caixaeconomicafederal.gov.br
O1 - Hosts: 199.180.132.65 caixaeconomicafederal.gov.br
O1 - Hosts: 199.180.132.209 www.sicredi.com.br
O1 - Hosts: 199.180.132.209 sicredi.com.br
O1 - Hosts: 199.180.132.58 bradesco.com.br
O1 - Hosts: 199.180.132.58 www.bradesco.com.br
O1 - Hosts: 199.180.132.58 www4.bradesco.com.br
O1 - Hosts: 199.180.132.58 www.prime.com.br
O1 - Hosts: 199.180.132.58 prime.com.br
O1 - Hosts: 199.180.132.58 www.bradescoprime.com.br
O1 - Hosts: 199.180.132.58 bradescoprime.com.br
O1 - Hosts: 199.180.132.56 www.serasa.com.br
O1 - Hosts: 199.180.132.56 serasa.com.br
O1 - Hosts: 199.180.132.54 www.banrisul.com.br
O1 - Hosts: 199.180.132.54 www4.banrisul.com.br
O1 - Hosts: 199.180.132.54 banrisul.com.br
O1 - Hosts: 199.180.132.52 www2.americanexpress.com.br
O1 - Hosts: 199.180.132.52 www.americanexpress.com.br
O1 - Hosts: 199.180.132.52 americanexpress.com.br
O1 - Hosts: 199.180.132.52 www.americanexpress.com
O1 - Hosts: 199.180.132.52 americanexpress.com
O1 - Hosts: 199.180.133.2 www.hsbc.com.br
O1 - Hosts: 199.180.133.2 hsbc.com.br
O1 - Hosts: 199.180.133.200 www.cetelem.com.br
O1 - Hosts: 199.180.133.200 cetelem.com.br
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 10596 bytes
Norman Malware Cleaner v2.02.01
Copyright © 1990 - 2011, Norman ASA.
Windows is running in safe mode.
Note that some functionality is not available in safe mode.
Please run in normal mode if possible.
Norman Scanner Engine Version: 6.07.10
nvcbin.def: Version: 6.07.00, Date: 2011/09/26 17:23:06, Variants: 11989929
nvcmacro.def: Version: 6.07.00, Date: 2011/02/01 12:21:31, Variants: 20465
Operating System: Windows XP Service Pack 3
Switches: /iagree /nomt
Running without NSAK
Scan started: 2011/09/29 17:02:55
Running pre-scan cleanup routine...
Potentially unwanted registry value: 'HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001'
Deleted registry value: HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001
Potentially unwanted registry value: 'HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001'
Deleted registry value: HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001
Potentially unwanted registry value: 'HKU\S-1-5-21-1708537768-1364589140-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001'
Deleted registry value: HKU\S-1-5-21-1708537768-1364589140-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001
Number of malicious objects found: 3
Number of malicious objects cleaned: 3
Scanning time: 0s
Scanning system for FakeAV...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s
Scanning system for active rootkit activity...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s
Scanning running processes and process memory...
Number of objects found: 371
Number of objects scanned: 371
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 31s
Running custom scan...
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE: File infected with W32/Sality.AN
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE: Repaired
C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe: Repaired
C:\Arquivos de programas\Internet Explorer\iexplore.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Internet Explorer\iexplore.exe: Repaired
C:\Arquivos de programas\Java\jre6\bin\jucheck.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Java\jre6\bin\jucheck.exe: Repaired
C:\Arquivos de programas\Java\jre6\bin\jusched.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Java\jre6\bin\jusched.exe: Repaired
C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic\mplayerc.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic\mplayerc.exe: Repaired
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe: Repaired
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe: Repaired
C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE: File infected with W32/Sality.AN
C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE: Repaired
C:\Arquivos de programas\Microsoft Office\Office12\Moc.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Microsoft Office\Office12\Moc.exe: Repaired
C:\Arquivos de programas\Real\RealPlayer\realplay.exe: File infected with W32/Sality.BV
Deleted registry value: HKCR\Applications\RealPlay.exe\shell\open\command --> (Default) = "C:\Arquivos de programas\Real\RealPlayer\realplay.exe" "%1"
Deleted registry value: HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec
Deleted registry value: HKLM\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec
Deleted registry value: HKLM\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec
Deleted file: C:\Arquivos de programas\Real\RealPlayer\realplay.exe
C:\Arquivos de programas\Real\RealPlayer\recordingmanager.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Real\RealPlayer\recordingmanager.exe: Repaired
C:\Arquivos de programas\Real\RealPlayer\Update\realsched.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Real\RealPlayer\Update\realsched.exe: RepairedC:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe: Repaired
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe: Repaired
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGallery.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGallery.exe: Repaired
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe: Repaired
C:\Arquivos de programas\Windows Media Player\setup_wm.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Media Player\setup_wm.exe: Repaired
C:\Arquivos de programas\Windows Media Player\wmplayer.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Windows Media Player\wmplayer.exe: Repaired
C:\Arquivos de programas\WinRAR\Uninstall.exe: File infected with W32/Suspicious_Gen.ACU
Removed registry key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall (--> WinRAR archiver)
Deleted file: C:\Arquivos de programas\WinRAR\Uninstall.exe
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusDesktop.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusDesktop.exe: Repaired
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe: File infected with W32/Sality.AN
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe: Repaired
C:\Documents and Settings\Administrador\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Documents and Settings\Administrador\ntuser.dat.LOG: Error opening file for read: 0x00000020
C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_0001.0003_none_f6c591a8ff607af4\GoogleUpdateSetup.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_0001.0003_none_f6c591a8ff607af4\GoogleUpdateSetup.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_frame_helper.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_frame_helper.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_launcher.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_launcher.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Installer\setup.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Installer\setup.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_frame_helper.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_frame_helper.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_launcher.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_launcher.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Installer\setup.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Installer\setup.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleCrashHandler.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleCrashHandler.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdate.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdate.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateBroker.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateBroker.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateOnDemand.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateOnDemand.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.69\GoogleUpdateSetup.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.69\GoogleUpdateSetup.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\14.0.835.186\chrome_updater.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\14.0.835.186\chrome_updater.exe: RepairedC:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG: Error opening file for read: 0x00000020
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\Uninstall.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\Uninstall.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityBugReporter.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityBugReporter.exe: Repaired
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityWebPlayerUpdate.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityWebPlayerUpdate.exe: Repaired
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file
C:\Documents and Settings\Administrador\Meus documentos\Downloads\FileFormatConverters.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Meus documentos\Downloads\FileFormatConverters.exe: Repaired
C:\Documents and Settings\Administrador\Meus documentos\Downloads\RealPlayer_br.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Meus documentos\Downloads\RealPlayer_br.exe: Repaired
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Shockwave_Installer_Slim.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Meus documentos\Downloads\Shockwave_Installer_Slim.exe: Repaired
C:\Documents and Settings\Administrador\Meus documentos\Downloads\SP27213.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Meus documentos\Downloads\SP27213.exe: Repaired
C:\Documents and Settings\Administrador\Meus documentos\Downloads\UnityWebPlayer.exe: File infected with W32/Sality.AN
C:\Documents and Settings\Administrador\Meus documentos\Downloads\UnityWebPlayer.exe: Repaired
C:\Documents and Settings\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Documents and Settings\NetworkService\ntuser.dat.LOG: Error opening file for read: 0x00000020
C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG: Error opening file for read: 0x00000020
C:\DriveKey\HPUSBF.EXE: File infected with W32/Sality.AN
C:\DriveKey\HPUSBF.EXE: Repaired
C:\DriveKey\HPUSBFW.EXE: File infected with W32/Sality.AN
C:\DriveKey\HPUSBFW.EXE: Repaired
C:\HijackThis\HiJackThis.exe: File infected with W32/Sality.AN
C:\HijackThis\HiJackThis.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000001.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000001.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000002.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000002.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000003.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000003.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000005.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000005.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000006.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000006.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000007.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000007.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000008.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000008.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000024.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000024.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000025.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000025.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000026.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000026.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000027.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000027.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000028.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000028.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000030.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000030.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000031.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000031.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000032.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000032.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000033.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000033.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000036.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000036.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000037.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000037.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000038.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000038.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000040.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000040.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000041.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000041.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000042.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000042.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000044.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000044.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000045.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000045.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000046.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000046.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000047.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000047.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000048.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000048.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000049.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000049.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000050.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000050.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000051.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000051.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000054.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000054.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000055.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000055.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000056.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000056.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000069.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000069.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000070.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000070.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000071.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000071.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000072.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000072.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000073.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000073.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000074.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000074.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000077.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000077.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000078.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000078.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000079.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000079.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000080.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000080.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000082.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000082.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000083.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000083.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000084.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000084.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000086.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000086.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000087.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000087.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000088.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000088.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000091.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000091.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000093.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000093.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000094.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000094.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000095.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000095.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000096.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000096.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000097.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000097.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000098.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000098.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000099.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000099.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000100.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000100.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000101.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000101.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000116.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000116.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000117.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000117.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000118.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000118.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000119.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000119.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000120.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000120.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000122.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000122.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000123.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000123.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000124.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000124.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000126.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000126.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000127.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000127.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000129.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000129.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000130.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000130.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000131.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000131.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000133.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000133.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000134.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000134.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000135.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000135.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000138.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000138.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000141.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000141.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000142.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000142.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000143.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000143.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000144.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000144.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000145.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000145.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000146.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000146.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000147.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000147.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000148.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000148.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000149.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000149.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000151.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000151.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000172.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000172.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000173.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000173.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000182.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000182.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000183.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000183.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000187.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000187.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000191.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000191.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000203.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000203.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000205.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000205.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000208.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000208.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000209.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000209.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000211.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000211.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000212.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000212.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000213.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000213.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000215.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000215.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000216.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000216.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000217.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000217.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000218.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000218.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000220.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000220.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000221.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000221.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000222.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000222.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000224.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000224.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000225.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000225.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000226.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000226.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000228.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000228.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000229.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000229.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000230.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000230.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000231.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000231.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000232.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000232.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000233.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000233.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000234.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000234.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000237.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000237.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000238.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000238.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000239.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000239.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000250.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000250.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000267.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000267.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000269.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000269.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000271.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000271.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000273.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000273.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000274.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000274.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000275.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000275.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000276.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000276.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000277.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000277.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000280.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000280.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000281.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000281.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000282.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000282.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000286.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000286.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000287.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000287.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000288.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000288.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000290.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000290.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000291.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000291.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000292.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000292.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000295.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000295.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000298.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000298.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000299.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000299.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000300.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000300.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000301.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000301.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001267.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001267.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001269.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001269.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001271.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001271.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001274.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001274.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001275.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001275.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001276.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001276.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001277.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001277.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001278.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001278.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001280.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001280.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001281.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001281.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001282.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001282.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001283.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001283.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001285.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001285.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001287.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001287.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001291.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001291.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001292.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001292.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001293.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001293.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001296.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001296.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001298.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001298.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001299.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001299.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001300.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001300.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001301.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001301.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001302.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001302.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001303.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001303.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001304.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001304.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001305.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001305.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001306.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001306.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001308.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001308.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001314.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001314.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001317.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001317.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001327.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001327.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001328.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001328.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001330.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001330.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001334.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001334.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001335.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001335.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001336.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001336.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001337.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001337.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001338.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001338.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001339.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001339.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001340.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001340.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001341.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001341.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001343.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001343.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001344.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001344.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001345.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001345.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001347.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001347.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001348.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001348.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001349.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001349.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001350.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001350.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001351.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001351.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001352.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001352.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001353.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001353.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001356.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001356.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001357.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001357.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001358.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001358.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001360.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001360.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001361.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001361.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001372.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001372.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001374.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001374.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001384.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001384.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001385.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001385.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001388.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001388.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001391.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001391.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001392.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001392.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001393.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001393.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001394.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001394.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001395.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001395.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001399.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001399.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001400.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001400.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001401.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001401.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001402.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001402.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001404.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001404.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001405.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001405.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001406.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001406.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001408.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001408.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001409.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001409.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001410.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001410.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001411.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001411.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001412.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001412.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001413.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001413.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001414.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001414.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001417.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001417.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001418.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001418.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001419.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001419.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001421.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001421.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001422.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001422.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001423.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001423.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001434.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001434.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001435.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001435.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001439.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001439.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001440.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001440.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001441.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001441.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001443.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001443.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001444.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001444.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001448.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001448.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001450.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001450.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001451.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001451.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001452.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001452.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001454.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001454.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001455.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001455.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001456.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001456.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001458.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001458.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001461.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001461.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001462.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001462.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001463.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001463.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001464.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001464.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001465.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001465.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001466.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001466.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001467.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001467.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001468.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001468.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001469.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001469.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001470.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001470.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001472.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001472.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001473.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001473.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001474.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001474.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001475.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001475.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001476.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001476.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001477.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001477.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001478.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001478.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001482.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001482.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001498.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001498.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001510.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001510.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001535.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001535.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001553.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001553.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001554.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001554.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001558.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001558.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001559.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001559.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001560.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001560.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001563.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001563.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001564.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001564.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001565.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001565.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001569.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001569.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001570.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001570.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001571.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001571.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001572.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001572.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001573.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001573.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001575.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001575.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001576.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001576.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001577.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001577.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001579.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001579.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001582.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001582.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001583.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001583.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001584.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001584.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001585.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001585.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001586.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001586.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001587.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001587.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001588.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001588.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001589.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001589.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001590.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001590.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001592.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001592.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001593.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001593.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001607.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001607.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001608.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001608.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001612.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001612.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001613.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001613.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001614.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001614.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001616.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001616.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001617.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001617.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001621.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001621.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001622.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001622.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001624.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001624.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001625.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001625.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001626.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001626.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001628.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001628.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001629.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001629.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001630.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001630.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001632.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001632.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001636.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001636.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001637.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001637.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001638.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001638.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001639.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001639.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001640.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001640.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001641.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001641.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001642.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001642.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001643.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001643.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001644.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001644.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001645.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001645.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001647.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001647.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001648.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001648.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001657.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001657.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001658.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001658.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001662.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001662.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001663.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001663.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001664.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001664.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001666.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001666.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001668.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001668.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001670.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001670.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001673.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001673.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001674.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001674.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001675.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001675.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001676.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001676.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001677.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001677.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001679.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001679.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001680.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001680.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001681.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001681.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001683.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001683.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001686.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001686.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001687.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001687.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001688.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001688.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001689.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001689.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001690.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001690.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001691.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001691.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001692.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001692.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001693.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001693.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001694.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001694.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001696.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001696.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001697.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001697.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001714.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001714.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001715.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001715.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001719.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001719.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001721.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001721.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001722.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001722.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001723.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001723.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001725.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001725.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001726.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001726.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001730.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001730.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001731.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001731.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001733.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001733.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001734.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001734.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001735.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001735.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001737.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001737.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001738.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001738.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001739.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001739.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001741.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001741.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001742.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001742.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001743.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001743.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001744.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001744.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001745.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001745.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001746.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001746.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001747.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001747.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001748.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001748.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001749.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001749.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001750.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001750.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001751.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001751.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001752.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001752.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001753.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001753.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001754.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001754.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001755.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001755.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001759.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001759.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001760.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001760.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001764.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001764.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001768.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001768.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001769.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001769.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001770.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001770.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001783.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001783.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001784.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001784.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001797.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001797.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001798.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001798.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001802.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001802.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001803.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001803.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001804.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001804.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001806.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001806.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001808.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001808.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001809.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001809.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001814.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001814.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001815.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001815.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001817.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001817.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001818.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001818.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001820.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001820.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001821.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001821.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001822.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001822.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001823.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001823.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001826.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001826.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001827.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001827.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001828.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001828.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001831.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001831.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001833.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001833.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001834.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001834.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001835.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001835.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001836.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001836.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001837.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001837.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001838.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001838.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001843.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001843.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001847.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001847.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001848.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001848.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001849.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001849.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001850.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001850.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001853.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001853.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001854.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001854.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001858.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001858.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001861.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001861.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001869.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001869.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001870.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001870.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001871.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001871.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001872.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001872.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001885.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001885.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001886.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001886.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001887.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001887.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001888.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001888.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001889.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001889.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001890.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001890.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001891.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001891.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001892.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001892.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001894.scr: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001894.scr: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001896.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001896.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001899.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001899.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001900.exe: File infected with W32/Sality.BV
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001900.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001901.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001901.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001902.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001902.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001903.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001903.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001904.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001904.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001906.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001906.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001907.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001907.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001909.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001909.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001910.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001910.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001913.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001913.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001914.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001914.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001916.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001916.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001917.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001917.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001918.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001918.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001919.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001919.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001920.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001920.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001921.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001921.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001922.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001922.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001923.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001923.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001924.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001924.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001925.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001925.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001926.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001926.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001927.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001927.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001928.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001928.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001929.exe: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001929.exe: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001930.exe: File infected with W32/Suspicious_Gen.ACU
Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001930.exe
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001931.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001931.EXE: Repaired
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001932.EXE: File infected with W32/Sality.AN
C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001932.EXE: Repaired
C:\WINDOWS\ALCMTR.EXE: File infected with W32/Sality.AN
C:\WINDOWS\ALCMTR.EXE: Repaired
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe: File infected with W32/Sality.AN
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe: Repaired
C:\WINDOWS\system32\ctfmon.exe: File infected with W32/Sality.AN
C:\WINDOWS\system32\ctfmon.exe: Error opening file for write: 0x00000020
C:\WINDOWS\system32\mspaint.exe: File infected with W32/Sality.AN
C:\WINDOWS\system32\mspaint.exe: Repaired
C:\WINDOWS\system32\notepad.exe: File infected with W32/Sality.AN
C:\WINDOWS\system32\notepad.exe: Repaired
C:\WINDOWS\system32\nwiz.exe: File infected with W32/Sality.AN
C:\WINDOWS\system32\nwiz.exe: Repaired
C:\WINDOWS\system32\rundll32.exe: File infected with W32/Sality.AN
C:\WINDOWS\system32\rundll32.exe: Repaired
C:\WINDOWS\system32\shimgvw.dll: File infected with W32/Sality.AN
C:\WINDOWS\system32\shimgvw.dll: Repaired
C:\WINDOWS\system32\sstext3d.scr: File infected with W32/Sality.AN
C:\WINDOWS\system32\sstext3d.scr: Repaired
C:\WINDOWS\system32\config\default: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\default.LOG: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\SAM: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\SAM.LOG: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\SECURITY: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\SECURITY.LOG: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\software: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\software.LOG: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\system: Error opening file for read: 0x00000020
C:\WINDOWS\system32\config\system.LOG: Error opening file for read: 0x00000020
D:\Downloads\ccsetup309.exe: File infected with W32/Sality.AN
D:\Downloads\ccsetup309.exe: Repaired
D:\Downloads\revosetup.exe: File infected with W32/Sality.AN
D:\Downloads\revosetup.exe: Repaired
D:\Downloads\Setup-MsgPlus-503.exe: File infected with W32/Sality.AN
D:\Downloads\Setup-MsgPlus-503.exe: Repaired
D:\Downloads\Silverlight.exe: File infected with W32/Sality.AN
D:\Downloads\Silverlight.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000020.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000020.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000021.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000021.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000022.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000022.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000023.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000023.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000065.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000065.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000066.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000066.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000067.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000067.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000068.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000068.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000112.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000112.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000113.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000113.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000114.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000114.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000115.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000115.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000190.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000190.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000192.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000192.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000193.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000193.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000194.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000194.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000201.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000201.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000202.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000202.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000204.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000204.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000206.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000206.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000264.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000264.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000265.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000265.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000266.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000266.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000268.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000268.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001264.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001264.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001265.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001265.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001266.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001266.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001268.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001268.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001325.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001325.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001329.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001329.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001331.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001331.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001332.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001332.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001383.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001383.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001386.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001386.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001387.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001387.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001389.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001389.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001433.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001433.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001436.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001436.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001437.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001437.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001438.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001438.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001534.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001534.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001552.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001552.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001555.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001555.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001556.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001556.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001557.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001557.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001606.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001606.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001609.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001609.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001610.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001610.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001611.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001611.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001656.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001656.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001659.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001659.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001660.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001660.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001661.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001661.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001713.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001713.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001716.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001716.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001717.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001717.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001718.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001718.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001761.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001761.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001782.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001782.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001785.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001785.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001786.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001786.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001788.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001788.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001796.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001796.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001799.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001799.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001800.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001800.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001801.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001801.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001844.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001844.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001846.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001846.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001851.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001851.exe: Repaired
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001852.exe: File infected with W32/Sality.AN
D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001852.exe: Repaired
Number of files found: 18577
Number of archives unpacked: 631
Number of objects found: 70855
Number of objects scanned: 70837
Number of objects not scanned: 18
Number of malicious objects found: 602
Number of malicious objects cleaned: 601
Number of malicious files found: 597
Number of malicious files cleaned: 22
Scanning time: 1h 50m 18s
Running post-scan cleanup routine...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s
Results:
Total number of files found: 18577
Total number of archives unpacked: 631
Total number of objects found: 71226
Total number of objects scanned: 71208
Total number of objects not scanned: 18
Total number of malicious objects found: 605
Total number of malicious objects cleaned: 604
Total number of malicious files found: 597
Total number of malicious files cleaned: 22
Total number of objects quarantined: 30
Total scanning time: 1h 50m 49s
--------------------------------------
LOg do HijackThis \/
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:13:53, on 29/9/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winubram.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winjxaet.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7675 bytes
:) Vários arquivos foram desinfectados pelo Norman.
__________________
:seta: Para evitar que os virus voltem, desative a restauração do sistema e mantenha ela desativada até que o problema tenha sido totalmente resolvido. Para isso, vá no menu: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Marque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok.
__________________
:seta: Depois disto siga esta dica:
Na sua próxima resposta poste este log do Dr. Web CureIt juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.
Ficamos no aguardo.
não consigo acessar esse Tutorial do Dr. Web CureIt pois quando cliko ou abro em outra aba ele fecha o navegador todo
ja tentei no crhome e no I.E e não consegui pois abre o site e fecha automaticamente
Para usá-lo corretamente é só seguir as dicas abaixo:
* Faça o download do Dr. Web CureIt e renomeie-o para qualquer nome antes de salvá-lo respeitando a extensão .cmd (como por exemplo: Golden.cmd), (esta medida é importante para evitar que virus e/ou malwares bloqueiem o download e/ou execução do Dr. Web CureIt ou que contaminem o instalador deste programa) e salve-o no Desktop (área de trabalho do seu PC). Para isto é só seguir as dicas:
Primeiramente clique neste link abaixo:
ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe
Surgirá a tela de confirmação do download, onde você irá confirmar o download do programa:
Veja nesta imagem abaixo que na opção Nome do arquivo: você digitará Golden.cmd
Clicará no botão Desktop (para que ele seja salvo na sua área de trabalho)
Na opção Salvar como tipo: você selecionará a opção Todos os arquivos (.)
E depois disto clicará no botão Salvar. Isto é mostrado na imagem abaixo:
/applications/core/interface/imageproxy/imageproxy.php?img=http://4.bp.blogspot.com/_CqAiOUviMh0/Sz9w21hn9HI/AAAAAAAACFU/W6muuSFxUGQ/s320/cureit13.jpg&key=b4a65c475b5018151e2e0bac689ff2305876b12f8a15a749187d566507e1a99b" alt="cureit13.jpg" />
Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:
* Reinicie o computador em Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança);
* Caso não seja possível reiniciar o computador em Modo Seguro, faça o escaneamento no modo normal.
* Dê um duplo clique em Golden.cmd e será aberta esta tela abaixo na qual você clicará no botão OK:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz5cp1vjknI/AAAAAAAACDk/0r31nQ61p0k/s320/cureit1.jpg&key=7cc3542aff074e0590d63f47750670c97108c26d319b8fdb4da4cfdce3c0d743" alt="cureit1.jpg" />
* Mais esta tela abaixo aparecerá, e você clicará no botão OK:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz5eQ2IHDAI/AAAAAAAACD0/ggCXLVgSTDI/s320/cureit3.jpg&key=ba5b69d62c51f1eee7e56ca2f04807fff422b32e01b3b511922432c65060faf6" alt="cureit3.jpg" />
* Surgirá esta tela abaixo, onde você clicará em Iniciar.
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz5dVGDQraI/AAAAAAAACDs/r2_Ja__clo8/s320/cureit2.jpg&key=82d8be1aac3a711eaf474d816ae4f2e1d0269c1c6465bde282b9978d54eb397e" alt="cureit2.jpg" />
* Aguarde o scan inicial das áreas vitais do sistema terminar.
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz5foP3Yp1I/AAAAAAAACD8/8y-vfvEDzXk/s320/cureit4.jpg&key=f493bfac6a33f8d1bff2ad47fd5d060aecf11f956c216ff70da98cd660e17ca4" alt="cureit4.jpg" />
* Quando a verificação rápida terminar, caso seja detectado algum problema, clique no botão Seleccionar todos, como mostra esta imagem:
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz9ZzWdutKI/AAAAAAAACEE/V9bMAQ3Eb54/s320/cureit5.jpg&key=9d64f0e85f3495d9f27da06cb4942c41d42447ff1c662297291864357d9c2950" alt="cureit5.jpg" />
* Clique, então, no botão Curar:
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz9axQUeM2I/AAAAAAAACEM/fRV3PbzfdyM/s320/cureit6.jpg&key=47d58e6ab3485dbcfe84da4d449cdde980a94f3cef5c041f31ca437d9653355b" alt="cureit6.jpg" />
* O Dr. Web CureIt tentará curar o(s) arquivo(s) contaminado(s). Caso não seja possível desinfectá-lo, surgirá uma pequena janela com várias opções, na qual você escolherá a opção Mover incurável (ou Mover incuráveis), para que o(s) arquivo(s) infectado(s) seja(m) enviado(s) para a quarentena do Dr. Web CureIt como mostra esta imagem:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz9b4W8Qt-I/AAAAAAAACEU/LslPQ26p-fU/s320/cureit7.jpg&key=bcba75f0fbc04d1f7f980c536d5c80b5fc5ae246f5ba883ad5fe3a93e84b3a48" alt="cureit7.jpg" />
* Poderá então aparecer uma mensagem pedindo para reiniciar o computador, clique em Não:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz9ogNchA3I/AAAAAAAACFE/-59EW4L-4L0/s320/cureit11.jpg&key=22f64955ade9045ddbc31cd9f43ba09c70c84d3d19264519a56dc1bdc942b811" alt="cureit11.jpg" />
* Depois disto clique em Opções > Alterar Definições:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz9ehM1JiOI/AAAAAAAACEc/xwm4DDFbsYY/s320/cureit8.jpg&key=0d1f7f120a6458dda12a27f70e370cbe4f48006cddd6653ef7670ea736d7612b" alt="cureit8.jpg" />
* Na aba Verificar desmarque a opção Análise Heurística e clique no botão Ok:
/applications/core/interface/imageproxy/imageproxy.php?img=http://4.bp.blogspot.com/_CqAiOUviMh0/Sz9fY3Obw6I/AAAAAAAACEs/8tJrVmt3Nes/s320/cureit9.jpg&key=2e0edf0be7ee12071d14118c9e73b78b234757cab3b4dc0d7b2a7adf94e3cbf3" alt="cureit9.jpg" />
* Depois disto, marque a opção Verificação Completa e clique na seta verde:
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz9gLBYLLcI/AAAAAAAACE0/clkaYe82t_k/s320/cureit10.jpg&key=9d7713f5699a58468bcd8dc3b23b3e0aef7b5fc71b0b6988ec45641e05f48c8c" alt="cureit10.jpg" />
* Se durante a verificação for encontrado alguma ameaça, surgirá uma janela parecida com esta abaixo perguntando se você deseja curar/mover o arquivo, na qual você clicará na opção Sim para todos:
/applications/core/interface/imageproxy/imageproxy.php?img=http://2.bp.blogspot.com/_CqAiOUviMh0/Sz-JmPF0G1I/AAAAAAAACFc/W3H0SQW2qaY/s320/cureit14.jpg&key=7fd06a3f5acf431308395e996d8d446af1fd7fa5b1b9d58acbc0f8172cc46cb7" alt="cureit14.jpg" />
* Caso o programa não possa curar os arquivos infectados, ele irá movê-los para a pasta Quarentena, no diretório do DoctorWeb.
* Assim que for concluida esta Verificação Completa, caso ainda exista algum problema que não tenha sido curado ou movido para a quarentena, clique no botão Seleccionar todos, como mostra esta imagem:
/applications/core/interface/imageproxy/imageproxy.php?img=http://4.bp.blogspot.com/_CqAiOUviMh0/Sz-9g1HPf_I/AAAAAAAACGM/_yro-Ipvk7g/s320/cureit15.jpg&key=09b4e57c19ea4a12d2414861d6bcc9c1c05b40580bc142a68c0c9260b22caabd" alt="cureit15.jpg" />
* Clique, então, no botão Curar:
/applications/core/interface/imageproxy/imageproxy.php?img=http://4.bp.blogspot.com/_CqAiOUviMh0/Sz--OluwdpI/AAAAAAAACGU/ajhWVD59yNQ/s320/cureit16.jpg&key=81a16941bc24ccdcfc79f3912a83d9f8b4ab668251e6c09c613a857125e62ff3" alt="cureit16.jpg" />
* O Dr. Web CureIt tentará curar o(s) arquivo(s) contaminado(s). Caso não seja possível desinfectá-lo, surgirá uma pequena janela com várias opções, na qual você escolherá a opção Mover incurável (ou Mover incuráveis), para que o(s) arquivo(s) infectado(s) seja(m) enviado(s) para a quarentena do Dr. Web CureIt como mostra esta imagem:
/applications/core/interface/imageproxy/imageproxy.php?img=http://4.bp.blogspot.com/_CqAiOUviMh0/Sz--2lGoDjI/AAAAAAAACGc/JnLAK9CQjdg/s320/cureit17.jpg&key=2b24e63333e373026cbd4df485a7d9eefc8a2e443098e5513607cd86e16c31f8" alt="cureit17.jpg" />
* Vá no menu superior esquerdo e clique na opção Ficheiro > Guardar lista de relatórios.
/applications/core/interface/imageproxy/imageproxy.php?img=http://1.bp.blogspot.com/_CqAiOUviMh0/Sz-_SOqPiZI/AAAAAAAACGk/xKn6YYShtz0/s320/cureit18.jpg&key=d305ae444945b2b36cfa91197d71ba6578b7dbe5600192482ec93f66920d3990" alt="cureit18.jpg" />
* Salve a lista na sua área de trabalho (Desktop). A lista deverá ser salva como DrWeb.csv, como mostra esta imagem:
/applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_CqAiOUviMh0/Sz-_yz56GAI/AAAAAAAACGs/jLDtEKw6G_A/s320/cureit19.jpg&key=28b2d01528c8591e45bfb922b8162ad5fde849a4cc143a8401666a80a4c7a00b" alt="cureit19.jpg" />
* Feche o programa.
* Reinicie seu computador para que o programa termine de desinfectar/mover os arquivos infectados.
E depois poste os logs pedidos aqui no seu tópico.
Continua Fechando esses links
eu clico carrega mais fecha antes de dar tempo pra algo
mais é so com esses sites que tem sobre esse progrma pq tentei baixar em outro sites e tbm fechou
mais em relação as outras coisas e outros sites não fexa
>
Continua Fechando esses links
eu clico carrega mais fecha antes de dar tempo pra algo
mais é so com esses sites que tem sobre esse progrma pq tentei baixar em outro sites e tbm fechou
mais em relação as outras coisas e outros sites não fexa
São os malwares que ficam fazendo estes bloqueios. Hospedei o programa no endereço abaixo:
http://www.4shared.com/file/N31ySmm_/amigo.html
Baixe-o, descompacte-o e execute-o seguindo as dicas que te passei na resposta anterior. Mas só há uma diferença: é que no começo (depois que você o descompacta e o executa) ele mostra umas frases em inglês começando pela palavra ATTENTION, aí nesta tela você clica em OK e segue o restante das dicas que te passei para usá-lo.
Ai depois você posta o log dele juntamente com novo log do Hijackthis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:22:19, on 1/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Arquivos de programas\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winlaxga.exe
C:\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5595 bytes
Agr Do DrWeb
Processos em memória: C:\WINDOWS\Explorer.EXE:1768 Win32.Sector.8 Erradicado.
notepad.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado.
nwiz.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado.
sstext3d.scr C:\WINDOWS\system32 Win32.Sector.5 Desinfectado.
winhoma.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp Trojan.DownLoad2.22436 Eliminado.
winjkscej.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp Trojan.Spambot.9926 Eliminado.
FileFormatConverters.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
Firefox Setup 3.6.23.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
RealPlayer_br.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
Shockwave_Installer_Slim (1).exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
Shockwave_Installer_Slim.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
SP27213.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
UnityWebPlayer.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
wlsetup-custom.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado.
mbamgui.exe c:\arquivos de programas\malwarebytes' anti-malware Win32.Sector.5 Desinfectado.
msnmsgr.exe c:\arquivos de programas\windows live\messenger Win32.Sector.5 Desinfectado.
googleupdate.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\update Win32.Sector.5 Desinfectado.
winhoma.exe c:\documents and settings\administrador\configurações locais\temp Trojan.DownLoad2.22436 Eliminado.
alcmtr.exe c:\windows Win32.Sector.5 Desinfectado.
nwiz.exe c:\windows\system32 Win32.Sector.5 Desinfectado.
mbamgui.exe c:\arquivos de programas\malwarebytes' anti-malware Win32.Sector.5 Desinfectado.
msnmsgr.exe c:\arquivos de programas\windows live\messenger Win32.Sector.5 Desinfectado.
old_chrome.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\chrome\application Win32.Sector.5 Desinfectado.
googleupdate.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\update Win32.Sector.5 Desinfectado.
alcmtr.exe c:\windows Win32.Sector.5 Desinfectado.
nwiz.exe c:\windows\system32 Win32.Sector.5 Desinfectado.
Foxit Reader.exe C:\Arquivos de programas\Foxit Software\Foxit Reader Win32.Sector.5 Desinfectado.
iexplore.exe C:\Arquivos de programas\Internet Explorer Win32.Sector.5 Desinfectado.
mplayerc.exe C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic Win32.Sector.5 Desinfectado.
mbam.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado.
mbamgui.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado.
wloobe.exe C:\Arquivos de programas\Windows Live\Installer Win32.Sector.5 Desinfectado.
msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger Win32.Sector.5 Desinfectado.
WLXPhotoGallery.exe C:\Arquivos de programas\Windows Live\Photo Gallery Win32.Sector.5 Desinfectado.
setup_wm.exe C:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado.
wmplayer.exe C:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado.
Log Viewer.exe C:\Arquivos de programas\Yuna Software\Messenger Plus! Win32.Sector.5 Desinfectado.
PlusDesktop.exe C:\Arquivos de programas\Yuna Software\Messenger Plus! Win32.Sector.5 Desinfectado.
GoogleUpdateSetup.exe C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_000 Win32.Sector.5 Desinfectado.
chrome_frame_helper.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163 Win32.Sector.5 Desinfectado.
chrome_launcher.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163 Win32.Sector.5 Desinfectado.
setup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Instal Win32.Sector.5 Desinfectado.
chrome_frame_helper.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186 Win32.Sector.5 Desinfectado.
chrome_launcher.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186 Win32.Sector.5 Desinfectado.
setup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Instal Win32.Sector.5 Desinfectado.
GoogleUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update Win32.Sector.5 Desinfectado.
GoogleCrashHandler.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado.
GoogleUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado.
GoogleUpdateBroker.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado.
GoogleUpdateOnDemand.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado.
GoogleUpdateSetup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA Win32.Sector.5 Desinfectado.
chrome_updater.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5 Win32.Sector.5 Desinfectado.
chrome_updater.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5 Win32.Sector.5 Desinfectado.Uninstall.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado.
UnityBugReporter.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado.
UnityWebPlayerUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado.
winhoma.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.DownLoad2.22436 Eliminado.
winjkscej.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.Spambot.9926 Eliminado.
winpdiixd.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.DownLoad2.22436 Eliminado.
winwfisvl.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.Spambot.9926 Eliminado.
HPUSBF.EXE C:\DriveKey Win32.Sector.5 Desinfectado.
HPUSBFW.EXE C:\DriveKey Win32.Sector.5 Desinfectado.
HiJackThis.exe C:\HijackThis Win32.Sector.5 Desinfectado.
ALCMTR.EXE C:\WINDOWS Win32.Sector.5 Desinfectado.
shimgvw.dll C:\WINDOWS\$NtUninstallKB2483185$ Win32.Sector.5 Desinfectado.
wordpad.exe C:\WINDOWS\$NtUninstallKB923561$ Win32.Sector.5 Desinfectado.
mspaint.exe C:\WINDOWS\$NtUninstallKB978706$ Win32.Sector.5 Desinfectado.
nwiz.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado.
ccsetup309.exe D:\Downloads Win32.Sector.5 Desinfectado.
revosetup.exe D:\Downloads Win32.Sector.5 Desinfectado.
Setup-MsgPlus-503.exe D:\Downloads Win32.Sector.5 Desinfectado.
Silverlight.exe D:\Downloads Win32.Sector.5 Desinfectado.
:) Vários arquivos foram desinfectados pelo Dr. Web.
_______________
:seta: Só confirmando com você: Você desativou a restauração do sistema, não é mesmo? Pois é preciso que ela fique desativada até o fim de nosso trabalho para evitar que os problemas voltem.
______________
:seta: Baixe o SalityKiller no link abaixo e salve-o no desktop (área de trabalho):
http://support.kaspersky.com/downloads/utils/salitykiller.zip
*Extraia para C:\
*Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -m
*Clique [OK]
*Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a.
*Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -y -x -j -l sality.txt -v
*Clique [OK]
*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.
*Cole o resumo localizado no final do arquivo C:\sality.txt, conforme mostrado abaixo:
23:57:51:0 Infected files: 823:57:51:0 Infected processes: 0
23:57:51:0 Infected threads: 2
23:57:51:0 Cured files: 8
23:57:51:0 Executed registry scripts: 1
17:44:02:593 5180 Infected files: 45
17:44:02:593 5180 Infected processes: 1
17:44:02:593 5180 Infected threads: 10
17:44:02:593 5180 Cured files: 43
17:44:02:593 5180 Will be cured on reboot: 2
17:44:02:593 5180 Executed registry scripts: 1
e confirmando esta desativado a restauração de sistema
:seta: Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:
Tutorial do antivirus Nod32 Online
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.
O Ccleaner Ja Esta Abrindo Normal
O pc esta rodando normal parece q os erros q eu tinha notado sumiram
agr tem uma coisa meu pc antes iniciava diretamente agr aprece uma caixa com o nome administrador e pra colocar a senha msm nao tendo senha tem como desativar isso? tipo pra quando eu ligar ele ligar diretamente .
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Administrador\Meus documentos\FormtXP.iso multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Desktop\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Menu Iniciar\Programas\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:02, on 3/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5697 bytes
agr tem uma coisa meu pc antes iniciava diretamente agr aprece uma caixa com o nome administrador e pra colocar a senha msm nao tendo senha tem como desativar isso? tipo pra quando eu ligar ele ligar diretamente
:seta: Para mudar esta opção é só seguir as dicas do site abaixo:
http://rainydayss.com/como-iniciar-windows-7-sem-colocar-nome-e-senha-tutorial/
__________________
:seta: Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
____________________
:seta: Siga também, por gentileza, estas dicas:
Tutorial do Malwarebytes Anti-Malware
______________________
:seta: Na sua próxima resposta poste um novo log do Hijackthis, o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log, o log do Malwarebytes e nos diga como está o seu PC após estes procedimentos.
Ficamos no aguardo.
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:07:27 on 03/10/2011, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Administrador@SPEED ( )
============== ACTION(S) ==============
(!) -- Temporary files deleted.
============== ADDITIONNAL SCAN ==============
** Internet Explorer Version [8.0.6001.18702] **
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Auxiliar de Conexão do Windows Live" (C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)
========================================
C:\Arquivos de programas\Ad-Remover\Quarantine: 0 File(s)
C:\Arquivos de programas\Ad-Remover\Backup: 13 File(s)
C:\Ad-Report-CLEAN[1].txt - 03/10/2011 20:07:47 (473 Byte(s))
End at: 20:08:30, 03/10/2011
============== E.O.F ==============
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Versão da Base de Dados: 7828
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3/10/2011 19:46:43
mbam-log-2011-10-03 (19-46-43).txt
Tipo de Verificação: Verificação Completa (A:\|C:\|D:\|E:\|F:\|)
Objetos escaneados: 177351
Tempo decorrido: 20 minuto(s), 8 segundo(s)
Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 0
Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)
Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)
Pastas Infectadas:
(Não foram detectados ítens maliciosos)
Arquivos Infectados:
(Não foram detectados ítens maliciosos)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:58, on 3/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe
C:\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5337 bytes
:) Seus logs estão limpos, como está o PC?
Está bem
Acho q pode se dar como resolvido os problemas q estavam foram tds corrigidos
mt obrigado cara
abraço.
Está bemAcho q pode se dar como resolvido os problemas q estavam foram tds corrigidos
mt obrigado cara
abraço.
:) Ficamos felizes que o problema foi resolvido.
___________________
:seta: Abra o Ad-Remover > clique no botão Uninstall e aí é só ir seguindo os passos que ele te mostra para desinstalá-lo.
Pode remover também o Hostsxpert, Norman Malware Cleaner, Dr. Web CureIt e SalityKiller.
___________________
:seta: No seu log está constando que seu PC está sem antivírus e é muito importante ter um. Sugiro um ótimo antivirus gratuito para você, como o Avira AntiVir Personal Edition Classic.
Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais:
Tutorial do Avira AntiVir Personal Edition Classic (Instalação e Configuração)
Tutorial do Avira AntiVir Personal Edition Classic (como usá-lo corretamente)
____________________
:seta: Instale estes programas e use-os agora e semanalmente para fazer uma limpeza do seu PC e para deixá-lo mais eficiente e otimizado:
____________________
:seta: Depois disto ative novamente a restauração do sistema. Para isso vá no menu: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Desmarque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok.
____________________
:thumbsup: Foi um prazer ajudar, conte sempre conosco!
ok ja estou baixando
obrigado denovo !!
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
:) Olá Italo!
:seta: Faça o download do HostsXpert.zip:
http://www.funkytoad.com/download/HostsXpert.zip
• Extraia (unzip) HostsXpert.zip para uma pasta permanente do seu drive (exemplo C:\HostsXpert)
• Duplo clique em HostsXpert.exe para executar o programa.
• Se disponivel, clique em "Make Hosts Writable?" (estará no canto superior direito).
• Clique em "Restore Microsoft's Hosts file" e depois clique em "OK".
• Clique no X para sair do programa.
______________________
:seta: Siga também esta dica:
Tutorial do Norman Malware Cleaner
Na sua próxima resposta poste o conteúdo do log do Norman Malware Cleaner juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois disto.
Ficamos na espera.