Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

hiroshirox

[Arquivado] Problemas com site de Scan Online

Recommended Posts

Bom Tarde.

 

Meu problema é que não consigo abrir sites de Scan Online como Virustotal, Kapersky , Bitdefender , etc .. nenhum. Sites da microsoft eu não estava conseguindo , porem segui instruções de um site e acabo funcionando

 

Tambem não consigo abrir o Gerenciador de Tarefas ( Ctrl + Alt + Delete ) não sei se isso pode ser do mesmo malware

 

É isso , se puderem me ajudar agradeço.

 

Sou um pouco leigo no assunto , li as instruções e acho que tenho que postar isso

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:17:30, on 28/5/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [startCCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223

O17 - HKLM\System\CCS\Services\Tcpip\..\{0623425D-9377-4A41-AF0B-B568E6BC055D}: NameServer = 200.204.0.10 200.204.0.138

O17 - HKLM\System\CS1\Services\Tcpip\..\{0623425D-9377-4A41-AF0B-B568E6BC055D}: NameServer = 200.204.0.10 200.204.0.138

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 2604 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! hiroshirox

 

<@> Abra o HijackThis --> Clique: Do a system scan only

 

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

 

<@> Marque,àcima,esta entrada.

<@> Clique em Fix checked --> Sim!

<><><><><><><><><><>

<@> Nas Diretivas de grupo,verifique se o Gerenciador de tarefas está como Não-configurado.

<@> Vá em Iniciar --> Executar --> Digite: gpedit.msc --> Clique OK.

<@> Duplo-clique em: Configurações do usuário --> Modelos administrativos --> Sistema --> Opções de Ctrl+Alt+Del.

<@> Duplo-clique em: Remover 'Gerenciador de tarefas'

<@> Se estiver como "Não-configurado",modifique para "Desativado". <-- Condição para injetar correções!

<@> Se estiver como "Desativado",modifique para "Não-configurado" --> Reinicie e teste o funcionamento do Gerenciador de tarefas!

<@> Para a correção,baixe este Fix: < taskmanager.reg >

<@> Salve-o no desktop!

<@> Entre em Modo de Segurança e execute-o,uma única vez,com um duplo-clique.

<@> Reinicie e verifique a funcionalidade,do Gerenciador de tarefas.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boita Noite DigRam

 

Segui os passos que você disse , porém foi impossivel apos o < taskmanager.reg > pelos seguintes motivos:

 

- O Regedit esta desativado (desculpe , tinha esquecido de avisar )

- O Modo de Segurança . quando tento entrar , ele reinicia o computador

 

 

E o Gerenciador ainda não funciona =/

O que faço agora?

 

 

 

Obrigado pelo seu tempo.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boita Noite DigRam

 

Segui os passos que você disse , porém foi impossivel apos o < taskmanager.reg > pelos seguintes motivos:

 

- O Regedit esta desativado (desculpe , tinha esquecido de avisar )

- O Modo de Segurança . quando tento entrar , ele reinicia o computador

 

 

E o Gerenciador ainda não funciona =/

O que faço agora?

 

 

 

Obrigado pelo seu tempo.

<><><><><><><><><>

Opa! hiroshirox

 

<!> Poste um novo log do HijackThis.

<><><><><><><><><>

<@> Baixe: < SafeBootKeyRepair >

<@> Salve-a,diretamente,no Disco-local ©.

<@> Execute-a!E,ao terminar,gerará um relatório: C:\SafeBoot_Repair.txt <-- Não poste!

<@> Verifique se já pode entrar,em Modo de Segurança!

<><><><><><><><><>

<@> Baixe: < Kaspersky Virus Removal Tool >

<@> Salve-o em Arquivos de Programas,e instale-o aí mesmo!

<@> Reinicie o computador,em Modo de Segurança! <-- Importante!

<@> Dê início ao exame,clicando em "Scan".

<@> A verificação é muito demorada. <-- Aguarde!

<@> Caso seja encontrada infecções,clique em "disinfect".

<@> Terminando,clique na aba Events.

<@> Desmarque a caixa de seleção "Show all events".

<@> Clique em "Save to file".

<@> Nomeie-o e salve-o no desktop! <-- Relatório para postagem!

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro DigRam , não estou conseguindo baixar o Kapersky Virus Removal Tool !

 

O malware deve ta bloqueando (como todos sites de anti-virus)

 

 

outra duvida , o hijackthis log eh antes ou depois de eu fazer o procedimento?

Compartilhar este post


Link para o post
Compartilhar em outros sites
Caro DigRam , não estou conseguindo baixar o Kapersky Virus Removal Tool !

 

O malware deve ta bloqueando (como todos sites de anti-virus)

 

 

outra duvida , o hijackthis log eh antes ou depois de eu fazer o procedimento?

<><><><><><><><><><>

Opa! hiroshirox

 

<!> Utilize outro computador,para baixar a ferramenta. Copie-a para um CD-ROM e passando-a,à seguir,para seu computador.

<!> A utilização do HijackThis,será feita após os procedimentos.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite DigRam

 

Desculpe a demora para postar , é que foi um pouco complicado essa etapa e alem disso fiz mais algumas trapalhadas ( novidade ¬¬ )

 

Bom , quando passei o Kaspersky pela primeira vez somente dexei para escanear os lugares que ja vieram marcados "System Memory , Startup Objects e Disk boot sectors" vendo que foi muito rapido , reparei que algo estava errado ¬¬ , então depois de escaneado,desinfetado e salvado o log , fiz o mesmo procedimento com os que faltavam...

 

Ai esta os logs do Kasperspy

 

Scan

----

Scanned: 1264

Detected: 5

Untreated: 0

Start time: 31/5/2009 18:35:35

Duration: 00:02:01

Finish time: 31/5/2009 18:37:36

 

 

Detected

--------

Status Object

------ ------

disinfected: virus Virus.Win32.Sality.aa File: c:\arquivos de programas\ati technologies\ati.ace\core-static\clistart.exe

disinfected: virus Virus.Win32.Sality.aa File: c:\arquivos de programas\java\jre6\bin\jusched.exe

disinfected: virus Virus.Win32.Sality.aa File: c:\arquivos de programas\msn messenger\msnmsgr.exe

deleted: virus Virus.Win32.Sality.aa File: c:\arquivos de programas\messenger\msmsgs.exe

disinfected: virus Virus.Win32.Sality.aa File: c:\windows\downloaded program files\fp_ax_cab_installer.exe

 

 

Events

------

Time Name Status Reason

---- ---- ------ ------

31/5/2009 18:36:21 File: c:\arquivos de programas\ati technologies\ati.ace\core-static\clistart.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:36:21 File: c:\arquivos de programas\ati technologies\ati.ace\core-static\clistart.exe not disinfected postponed

31/5/2009 18:36:22 File: c:\arquivos de programas\java\jre6\bin\jusched.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:36:22 File: c:\arquivos de programas\java\jre6\bin\jusched.exe not disinfected postponed

31/5/2009 18:36:22 File: c:\arquivos de programas\msn messenger\msnmsgr.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:36:26 File: c:\arquivos de programas\msn messenger\msnmsgr.exe not disinfected postponed

31/5/2009 18:36:59 File: c:\arquivos de programas\messenger\msmsgs.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:00 File: c:\arquivos de programas\messenger\msmsgs.exe not disinfected postponed

31/5/2009 18:37:02 File: c:\windows\downloaded program files\fp_ax_cab_installer.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:02 File: c:\windows\downloaded program files\fp_ax_cab_installer.exe not disinfected postponed

31/5/2009 18:37:06 File: c:\arquivos de programas\ati technologies\ati.ace\core-static\clistart.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:15 File: c:\arquivos de programas\ati technologies\ati.ace\core-static\clistart.exe disinfected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:15 File: c:\arquivos de programas\java\jre6\bin\jusched.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:15 File: c:\arquivos de programas\java\jre6\bin\jusched.exe disinfected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:16 File: c:\arquivos de programas\msn messenger\msnmsgr.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:16 File: c:\arquivos de programas\msn messenger\msnmsgr.exe disinfected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:16 File: c:\arquivos de programas\messenger\msmsgs.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:17 File: c:\arquivos de programas\messenger\msmsgs.exe not disinfected cannot be disinfected

31/5/2009 18:37:35 Startup object: HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MSMSGS.EXE\ disinfected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:35 Startup object: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted

31/5/2009 18:37:35 File: c:\arquivos de programas\messenger\msmsgs.exe deleted

31/5/2009 18:37:35 File: c:\windows\downloaded program files\fp_ax_cab_installer.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:37:36 File: c:\windows\downloaded program files\fp_ax_cab_installer.exe disinfected virus 'Virus.Win32.Sality.aa'

 

 

Statistics

----------

Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted

------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

 

 

Settings

--------

Parameter Value

--------- -----

Security Level Recommended

Action Prompt for action when the scan is complete

Run mode Manually

File types Scan all files

Scan only new and changed files No

Scan archives All

Scan embedded OLE objects All

Skip if object is larger than No

Skip if scan takes longer than No

Parse email formats No

Scan password-protected archives No

Enable iChecker technology No

Enable iSwift technology No

Show detected threats on "Detected" tab Yes

Rootkits search Yes

Deep rootkits search No

Use heuristic analyzer Yes

 

 

Quarantine

----------

Status Object Size Added

------ ------ ---- -----

 

 

Backup

------

Status Object Size

------ ------ ----

 

 

 

SEGUNDO LOG

 

Scan

----

Scanned: 252972

Detected: 60

Untreated: 0

Start time: 31/5/2009 18:46:46

Duration: 01:58:03

Finish time: 31/5/2009 20:44:49

 

 

Detected

--------

Status Object

------ ------

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Meus documentos\9-3_xp32_dd_ccc_wdm_enu.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Meus documentos\GarenaBR_setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Meus documentos\mirc635.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Meus documentos\vuze.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Meus documentos\wrar380br.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Arquivos comuns\InstallShield\engine\6\Intel 32\IKernel.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CLI.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\MOM.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLI.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\ATI Technologies\UninstallAll\AtiCimUn.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Garena\update.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\mIRC\mirc.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\MSN Messenger\livecall.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\MSN Messenger\msvs.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\MSN Messenger\Device Manager\dpinst.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\MSN Messenger\Device Manager\msgrdvmn.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Vuze\Azureus.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\BNUpdate.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\euroloader.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\Frozen Throne.exe

deleted: Trojan program Trojan.Win32.Autoit.dp File: C:\Arquivos de programas\Warcraft III\laavtr.exe

deleted: Trojan program Trojan.Win32.Autoit.xp File: C:\Arquivos de programas\Warcraft III\lnniru.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\W3DR.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\War3.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\Warcraft III.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\World Editor.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Arquivos de programas\Warcraft III\worldedit.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\AtiCimUn.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CheckVer.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\issetup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Blizzard\setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CatalystRegistration\setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CCC\setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Driver\Setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\WDM_ALL\Setup.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Desktop\mplayerc.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Desktop\Garena\uninst.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Desktop\Garena\update.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\Hiroshi\Desktop\Hiroshi\NTSD_beta1.8\NTSD beta1.8.exe

deleted: virus Net-Worm.Win32.Kido.ih File: C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5\41YRK5UR\tmsvvytm[1].bmp//PE_Patch.UPX//UPX

disinfected: virus Virus.Win32.Sality.aa File: C:\RECYCLER\S-1-5-21-436374069-484061587-839522115-1003\Dc2.8\NTSD beta1.8.exe

disinfected: virus Virus.Win32.Sality.aa File: C:\TempEI4\EI40_\XML4REG.EXE

disinfected: virus Virus.Win32.Sality.aa File: C:\WINDOWS\system32\infocardcpl.cpl

deleted: virus Net-Worm.Win32.Kido.ih File: C:\WINDOWS\system32\pxeqog.dll//PE_Patch.UPX//UPX

disinfected: virus Virus.Win32.Sality.aa File: C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe

deleted: Trojan program Trojan.Win32.Autoit.dp File: c:\arquivos de programas\warcraft iii\laavtr.exe//PE_Patch.UPX//UPX//script.au3

 

 

Events

------

Time Name Status Reason

---- ---- ------ ------

31/5/2009 18:47:36 File: C:\Documents and Settings\Hiroshi\Meus documentos\9-3_xp32_dd_ccc_wdm_enu.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:47:36 File: C:\Documents and Settings\Hiroshi\Meus documentos\9-3_xp32_dd_ccc_wdm_enu.exe not disinfected postponed

31/5/2009 18:47:37 File: C:\Documents and Settings\Hiroshi\Meus documentos\GarenaBR_setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:47:37 File: C:\Documents and Settings\Hiroshi\Meus documentos\GarenaBR_setup.exe not disinfected postponed

31/5/2009 18:47:37 File: C:\Documents and Settings\Hiroshi\Meus documentos\mirc635.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:47:37 File: C:\Documents and Settings\Hiroshi\Meus documentos\mirc635.exe not disinfected postponed

31/5/2009 18:47:38 File: C:\Documents and Settings\Hiroshi\Meus documentos\vuze.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:47:38 File: C:\Documents and Settings\Hiroshi\Meus documentos\vuze.exe not disinfected postponed

31/5/2009 18:47:38 File: C:\Documents and Settings\Hiroshi\Meus documentos\wrar380br.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:47:38 File: C:\Documents and Settings\Hiroshi\Meus documentos\wrar380br.exe not disinfected postponed

31/5/2009 18:49:21 File: C:\Arquivos de programas\Arquivos comuns\InstallShield\engine\6\Intel 32\IKernel.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:21 File: C:\Arquivos de programas\Arquivos comuns\InstallShield\engine\6\Intel 32\IKernel.exe not disinfected postponed

31/5/2009 18:49:31 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:31 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe not disinfected postponed

31/5/2009 18:49:31 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CLI.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:31 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CLI.exe not disinfected postponed

31/5/2009 18:49:32 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\MOM.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:32 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\MOM.exe not disinfected postponed

31/5/2009 18:49:34 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:35 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe not disinfected postponed

31/5/2009 18:49:36 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:36 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe not disinfected postponed

31/5/2009 18:49:36 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:36 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe not disinfected postponed

31/5/2009 18:49:38 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:38 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe not disinfected postponed

31/5/2009 18:49:38 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:38 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe not disinfected postponed

31/5/2009 18:49:39 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:39 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe not disinfected postponed

31/5/2009 18:49:40 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLI.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:40 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLI.exe not disinfected postponed

31/5/2009 18:49:41 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:41 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe not disinfected postponed

31/5/2009 18:49:42 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:42 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe not disinfected postponed

31/5/2009 18:49:48 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:48 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe not disinfected postponed

31/5/2009 18:49:51 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:51 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe not disinfected postponed

31/5/2009 18:49:55 File: C:\Arquivos de programas\ATI Technologies\UninstallAll\AtiCimUn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:49:55 File: C:\Arquivos de programas\ATI Technologies\UninstallAll\AtiCimUn.exe not disinfected postponed

31/5/2009 18:49:56 File: C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:50:00 File: C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe not disinfected postponed

31/5/2009 18:50:04 File: C:\Arquivos de programas\Garena\mdata.ggz/mh.xml password protected

31/5/2009 18:50:05 File: C:\Arquivos de programas\Garena\update.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:50:05 File: C:\Arquivos de programas\Garena\update.exe not disinfected postponed

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/default_cn.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/dota65x_cn.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/dota648b_cn.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/lang.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/server.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn_s.ggz/lang.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\cn_s.ggz/server.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/default.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/dota65x.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/dota648b.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/lang.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/server.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en_s.ggz/lang.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\en_s.ggz/server.xml password protected

31/5/2009 18:50:07 File: C:\Arquivos de programas\Garena\GarenaTV\id_s.ggz/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/default_tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/dota65x_tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/dota648b_tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw_s.ggz/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\GarenaTV\tw_s.ggz/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.cn/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.en/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.tw/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.br/Garena.exe.br.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.cn/Garena.exe.cn.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.en/Garena.exe.en.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.id/Garena.exe.id.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.ru/Garena.exe.ru.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.sp/Garena.exe.sp.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.th/Garena.exe.th.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.tw/Garena.exe.tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.vn/Garena.exe.vn.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.cn/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.cn/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.en/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.en/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.id/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.id/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.tw/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.tw/server.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\update.exe.cn/update.exe.cn.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\update.exe.tw/update.exe.tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\update2.exe.cn/update2.exe.cn.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\update2.exe.tw/update2.exe.tw.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.cn/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.en/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.tw/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.vn/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.cn/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.en/lang.xml password protected

31/5/2009 18:50:08 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.tw/lang.xml password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/garenatv.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVBtnOff.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVBtnOn.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVDetailsBG.png password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVHighlight.png password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVLVIcons.png password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVPanel.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Header.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/menu.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarBgH.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarBgV.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarH.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarV.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/rateempty.png password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ratefull.png password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Tab.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/TabBg.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ui.xml password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Window.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/GameIconsBig.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/goldmem.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Header.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/login_gg_logo.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/login_header_bar.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Logo.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/menu.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/messagetab.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Others.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/outbar_lab.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/panel.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarBgH.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarBgV.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarH.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarV.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollBarArrows.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollBarArrowsHBg.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollNews.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_gm.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_gm_type.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_magic_item.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Skin.xml password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/skinmsn.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/split_h.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/split_v.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/splitter_h.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Tab.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/TabBg.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ui.xml password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Window.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/0.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/1.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/100.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/11.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/2.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/3.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/4.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/5.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/6.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/Thumbs.db password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Arrow_Down.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Arrow_Up.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Button.bmp password protected

31/5/2009 18:50:11 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/comment_header.bmp password protected

31/5/2009 18:50:15 File: C:\Arquivos de programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:50:15 File: C:\Arquivos de programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe not disinfected postponed

31/5/2009 18:50:19 File: C:\Arquivos de programas\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:50:19 File: C:\Arquivos de programas\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe not disinfected postponed

31/5/2009 18:52:51 File: C:\Arquivos de programas\mIRC\mirc.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:52:53 File: C:\Arquivos de programas\mIRC\mirc.exe not disinfected postponed

31/5/2009 18:53:01 File: C:\Arquivos de programas\MSN Messenger\livecall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:53:01 File: C:\Arquivos de programas\MSN Messenger\livecall.exe not disinfected postponed

31/5/2009 18:53:03 File: C:\Arquivos de programas\MSN Messenger\msvs.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:53:03 File: C:\Arquivos de programas\MSN Messenger\msvs.exe not disinfected postponed

31/5/2009 18:53:05 File: C:\Arquivos de programas\MSN Messenger\Device Manager\dpinst.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:53:05 File: C:\Arquivos de programas\MSN Messenger\Device Manager\dpinst.exe not disinfected postponed

31/5/2009 18:53:06 File: C:\Arquivos de programas\MSN Messenger\Device Manager\msgrdvmn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:53:06 File: C:\Arquivos de programas\MSN Messenger\Device Manager\msgrdvmn.exe not disinfected postponed

31/5/2009 18:53:15 File: C:\Arquivos de programas\Vuze\Azureus.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:53:15 File: C:\Arquivos de programas\Vuze\Azureus.exe not disinfected postponed

31/5/2009 18:54:31 File: C:\Arquivos de programas\Warcraft III\BNUpdate.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:31 File: C:\Arquivos de programas\Warcraft III\BNUpdate.exe not disinfected postponed

31/5/2009 18:54:32 File: C:\Arquivos de programas\Warcraft III\euroloader.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:32 File: C:\Arquivos de programas\Warcraft III\euroloader.exe not disinfected postponed

31/5/2009 18:54:32 File: C:\Arquivos de programas\Warcraft III\Frozen Throne.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:33 File: C:\Arquivos de programas\Warcraft III\Frozen Throne.exe not disinfected postponed

31/5/2009 18:54:34 File: C:\Arquivos de programas\Warcraft III\laavtr.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:35 File: C:\Arquivos de programas\Warcraft III\laavtr.exe not disinfected postponed

31/5/2009 18:54:35 File: C:\Arquivos de programas\Warcraft III\lnniru.exe detected Trojan program 'Trojan.Win32.Autoit.xp'

31/5/2009 18:54:35 File: C:\Arquivos de programas\Warcraft III\lnniru.exe not disinfected postponed

31/5/2009 18:54:36 File: C:\Arquivos de programas\Warcraft III\W3DR.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:36 File: C:\Arquivos de programas\Warcraft III\W3DR.exe not disinfected postponed

31/5/2009 18:54:37 File: C:\Arquivos de programas\Warcraft III\War3.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:38 File: C:\Arquivos de programas\Warcraft III\War3.exe not disinfected postponed

31/5/2009 18:54:39 File: C:\Arquivos de programas\Warcraft III\Warcraft III.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:40 File: C:\Arquivos de programas\Warcraft III\Warcraft III.exe not disinfected postponed

31/5/2009 18:54:40 File: C:\Arquivos de programas\Warcraft III\World Editor.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:40 File: C:\Arquivos de programas\Warcraft III\World Editor.exe not disinfected postponed

31/5/2009 18:54:41 File: C:\Arquivos de programas\Warcraft III\worldedit.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:54:44 File: C:\Arquivos de programas\Warcraft III\worldedit.exe not disinfected postponed

31/5/2009 18:55:18 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\AtiCimUn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:19 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\AtiCimUn.exe not disinfected postponed

31/5/2009 18:55:19 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CheckVer.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:19 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CheckVer.exe not disinfected postponed

31/5/2009 18:55:20 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\issetup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:20 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\issetup.exe not disinfected postponed

31/5/2009 18:55:22 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Blizzard\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:22 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Blizzard\setup.exe not disinfected postponed

31/5/2009 18:55:23 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CatalystRegistration\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:23 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CatalystRegistration\setup.exe not disinfected postponed

31/5/2009 18:55:24 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CCC\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:24 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CCC\setup.exe not disinfected postponed

31/5/2009 18:55:47 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Driver\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:47 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Driver\Setup.exe not disinfected postponed

31/5/2009 18:55:56 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\WDM_ALL\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 18:55:56 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\WDM_ALL\Setup.exe not disinfected postponed

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/default_cn.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/dota65x_cn.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/dota648b_cn.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn_s.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn_s.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/default.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/dota65x.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/dota648b.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en_s.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en_s.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\id_s.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/default_tw.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/dota65x_tw.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/dota648b_tw.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw_s.ggz/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw_s.ggz/server.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.cn/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.en/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.tw/lang.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.br/Garena.exe.br.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.cn/Garena.exe.cn.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.en/Garena.exe.en.xml password protected

31/5/2009 19:06:49 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.id/Garena.exe.id.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.ru/Garena.exe.ru.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.sp/Garena.exe.sp.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.th/Garena.exe.th.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.tw/Garena.exe.tw.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.vn/Garena.exe.vn.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.cn/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.cn/server.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.en/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.en/server.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.tw/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.tw/server.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update.exe.cn/update.exe.cn.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update.exe.tw/update.exe.tw.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update2.exe.cn/update2.exe.cn.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update2.exe.tw/update2.exe.tw.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ass.dll.cn/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ass.dll.en/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ass.dll.tw/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ass.dll.vn/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ladder.dll.cn/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ladder.dll.en/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\WC3Ladder.dll.tw/lang.xml password protected

31/5/2009 19:06:50 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\mdata.ggz/mh.xml password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/outbar_lab.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/panel.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ProgressBarBgH.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ProgressBarBgV.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ProgressBarH.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ProgressBarV.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ScrollBarArrows.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ScrollBarArrowsHBg.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ScrollNews.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/shop_gm.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/shop_gm_type.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/shop_magic_item.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Skin.xml password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/skinmsn.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/split_h.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/split_v.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/splitter_h.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Tab.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/TabBg.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/ui.xml password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Window.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/0.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/1.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/100.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/11.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/2.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/3.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/4.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/5.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/6.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/usertype/Thumbs.db password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Arrow_Down.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Arrow_Up.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Button.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/comment_header.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/GameIconsBig.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/goldmem.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Header.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/login_gg_logo.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/login_header_bar.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Logo.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/menu.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/messagetab.bmp password protected

31/5/2009 19:06:53 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Skin\Skin.ggz/Others.bmp password protected

31/5/2009 19:06:54 File: C:\Documents and Settings\Hiroshi\Desktop\mplayerc.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:06:57 File: C:\Documents and Settings\Hiroshi\Desktop\mplayerc.exe not disinfected postponed

31/5/2009 19:07:03 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\mdata.ggz/mh.xml password protected

31/5/2009 19:07:04 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\uninst.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:07:04 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\uninst.exe not disinfected postponed

31/5/2009 19:07:04 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\update.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:07:04 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\update.exe not disinfected postponed

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn.ggz/default_cn.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn.ggz/dota65x_cn.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn.ggz/dota648b_cn.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn.ggz/lang.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn.ggz/server.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn_s.ggz/lang.xml password protected

31/5/2009 19:07:07 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\cn_s.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en.ggz/default.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en.ggz/dota65x.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en.ggz/dota648b.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en.ggz/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en_s.ggz/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\en_s.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\id_s.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw.ggz/default_tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw.ggz/dota65x_tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw.ggz/dota648b_tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw.ggz/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw_s.ggz/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\GarenaTV\tw_s.ggz/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\FPSGame.dll.cn/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\FPSGame.dll.en/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\FPSGame.dll.tw/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.br/Garena.exe.br.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.cn/Garena.exe.cn.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.en/Garena.exe.en.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.id/Garena.exe.id.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.ru/Garena.exe.ru.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.sp/Garena.exe.sp.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.th/Garena.exe.th.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.tw/Garena.exe.tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\Garena.exe.vn/Garena.exe.vn.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.cn/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.cn/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.en/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.en/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.id/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.id/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.tw/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\GarenaTV_UI.dll.tw/server.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\update.exe.cn/update.exe.cn.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\update.exe.tw/update.exe.tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\update2.exe.cn/update2.exe.cn.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\update2.exe.tw/update2.exe.tw.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ass.dll.cn/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ass.dll.en/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ass.dll.tw/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ass.dll.vn/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ladder.dll.cn/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ladder.dll.en/lang.xml password protected

31/5/2009 19:07:08 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Languages\WC3Ladder.dll.tw/lang.xml password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/outbar_lab.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/panel.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ProgressBarBgH.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ProgressBarBgV.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ProgressBarH.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ProgressBarV.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ScrollBarArrows.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ScrollBarArrowsHBg.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ScrollNews.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/shop_gm.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/shop_gm_type.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/shop_magic_item.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Skin.xml password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/skinmsn.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/split_h.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/split_v.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/splitter_h.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Tab.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/TabBg.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/ui.xml password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Window.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/0.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/1.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/100.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/11.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/2.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/3.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/4.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/5.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/6.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/usertype/Thumbs.db password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Arrow_Down.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Arrow_Up.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Button.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/comment_header.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/GameIconsBig.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/goldmem.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Header.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/login_gg_logo.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/login_header_bar.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Logo.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/menu.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/messagetab.bmp password protected

31/5/2009 19:07:12 File: C:\Documents and Settings\Hiroshi\Desktop\Garena\Skin\Skin.ggz/Others.bmp password protected

31/5/2009 19:09:04 File: C:\Documents and Settings\Hiroshi\Desktop\Hiroshi\NTSD_beta1.8\NTSD beta1.8.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:08 File: C:\Documents and Settings\Hiroshi\Desktop\Hiroshi\NTSD_beta1.8\NTSD beta1.8.exe not disinfected postponed

31/5/2009 19:09:44 File: C:\Documents and Settings\Hiroshi\Meus documentos\9-3_xp32_dd_ccc_wdm_enu.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:44 File: C:\Documents and Settings\Hiroshi\Meus documentos\9-3_xp32_dd_ccc_wdm_enu.exe not disinfected postponed

31/5/2009 19:09:44 File: C:\Documents and Settings\Hiroshi\Meus documentos\GarenaBR_setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:44 File: C:\Documents and Settings\Hiroshi\Meus documentos\GarenaBR_setup.exe not disinfected postponed

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\mirc635.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\mirc635.exe not disinfected postponed

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\vuze.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\vuze.exe not disinfected postponed

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\wrar380br.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:45 File: C:\Documents and Settings\Hiroshi\Meus documentos\wrar380br.exe not disinfected postponed

31/5/2009 19:09:53 File: C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5\41YRK5UR\tmsvvytm[1].bmp//PE_Patch.UPX//UPX detected virus 'Net-Worm.Win32.Kido.ih'

31/5/2009 19:09:53 File: C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5\41YRK5UR\tmsvvytm[1].bmp//PE_Patch.UPX//UPX not disinfected postponed

31/5/2009 19:09:53 File: C:\RECYCLER\S-1-5-21-436374069-484061587-839522115-1003\Dc2.8\NTSD beta1.8.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:09:58 File: C:\RECYCLER\S-1-5-21-436374069-484061587-839522115-1003\Dc2.8\NTSD beta1.8.exe not disinfected postponed

31/5/2009 19:10:17 File: C:\TempEI4\EI40_\XML4REG.EXE detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:10:17 File: C:\TempEI4\EI40_\XML4REG.EXE not disinfected postponed

31/5/2009 19:19:18 File: C:\WINDOWS\system32\infocardcpl.cpl detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:19:18 File: C:\WINDOWS\system32\infocardcpl.cpl not disinfected postponed

31/5/2009 19:20:00 File: C:\WINDOWS\system32\pxeqog.dll//PE_Patch.UPX//UPX detected virus 'Net-Worm.Win32.Kido.ih'

31/5/2009 19:20:00 File: C:\WINDOWS\system32\pxeqog.dll//PE_Patch.UPX//UPX not disinfected postponed

31/5/2009 19:30:12 File: C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:30:12 File: C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe not disinfected postponed

31/5/2009 19:44:42 File: C:\Arquivos de programas\Arquivos comuns\InstallShield\engine\6\Intel 32\IKernel.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:42 File: C:\Arquivos de programas\Arquivos comuns\InstallShield\engine\6\Intel 32\IKernel.exe not disinfected postponed

31/5/2009 19:44:52 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:52 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe not disinfected postponed

31/5/2009 19:44:53 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CLI.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:53 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\CLI.exe not disinfected postponed

31/5/2009 19:44:53 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\MOM.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:53 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Branding\MOM.exe not disinfected postponed

31/5/2009 19:44:56 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:56 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe not disinfected postponed

31/5/2009 19:44:57 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:57 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe not disinfected postponed

31/5/2009 19:44:58 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:58 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe not disinfected postponed

31/5/2009 19:44:59 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:44:59 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe not disinfected postponed

31/5/2009 19:45:00 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:00 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe not disinfected postponed

31/5/2009 19:45:00 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:00 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe not disinfected postponed

31/5/2009 19:45:02 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLI.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:02 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLI.exe not disinfected postponed

31/5/2009 19:45:03 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:03 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe not disinfected postponed

31/5/2009 19:45:03 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:03 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe not disinfected postponed

31/5/2009 19:45:09 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:09 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe not disinfected postponed

31/5/2009 19:45:12 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:12 File: C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe not disinfected postponed

31/5/2009 19:45:17 File: C:\Arquivos de programas\ATI Technologies\UninstallAll\AtiCimUn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:17 File: C:\Arquivos de programas\ATI Technologies\UninstallAll\AtiCimUn.exe not disinfected postponed

31/5/2009 19:45:17 File: C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:17 File: C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe not disinfected postponed

31/5/2009 19:45:20 File: C:\Arquivos de programas\Garena\mdata.ggz/mh.xml password protected

31/5/2009 19:45:21 File: C:\Arquivos de programas\Garena\update.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:21 File: C:\Arquivos de programas\Garena\update.exe not disinfected postponed

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/default_cn.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/dota65x_cn.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/dota648b_cn.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn_s.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\cn_s.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/default.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/dota65x.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/dota648b.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en_s.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\en_s.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\id_s.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/default_tw.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/dota65x_tw.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/dota648b_tw.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw_s.ggz/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\GarenaTV\tw_s.ggz/server.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.cn/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.en/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\FPSGame.dll.tw/lang.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.br/Garena.exe.br.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.cn/Garena.exe.cn.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.en/Garena.exe.en.xml password protected

31/5/2009 19:45:23 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.id/Garena.exe.id.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.ru/Garena.exe.ru.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.sp/Garena.exe.sp.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.th/Garena.exe.th.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.tw/Garena.exe.tw.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\Garena.exe.vn/Garena.exe.vn.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.cn/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.cn/server.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.en/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.en/server.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.id/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.id/server.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.tw/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\GarenaTV_UI.dll.tw/server.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\update.exe.cn/update.exe.cn.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\update.exe.tw/update.exe.tw.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\update2.exe.cn/update2.exe.cn.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\update2.exe.tw/update2.exe.tw.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.cn/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.en/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.tw/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ass.dll.vn/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.cn/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.en/lang.xml password protected

31/5/2009 19:45:24 File: C:\Arquivos de programas\Garena\Languages\WC3Ladder.dll.tw/lang.xml password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/garenatv.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVBtnOff.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVBtnOn.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVDetailsBG.png password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVHighlight.png password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVLVIcons.png password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/GTVPanel.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Header.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/menu.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarBgH.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarBgV.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarH.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ProgressBarV.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/rateempty.png password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ratefull.png password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Tab.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/TabBg.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/ui.xml password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\garenatv.ggz/Window.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/GameIconsBig.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/goldmem.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Header.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/login_gg_logo.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/login_header_bar.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Logo.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/menu.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/messagetab.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Others.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/outbar_lab.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/panel.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarBgH.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarBgV.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarH.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ProgressBarV.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollBarArrows.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollBarArrowsHBg.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ScrollNews.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_gm.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_gm_type.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/shop_magic_item.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Skin.xml password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/skinmsn.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/split_h.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/split_v.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/splitter_h.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Tab.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/TabBg.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/ui.xml password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Window.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/0.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/1.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/100.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/11.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/2.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/3.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/4.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/5.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/6.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/usertype/Thumbs.db password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Arrow_Down.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Arrow_Up.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/Button.bmp password protected

31/5/2009 19:45:28 File: C:\Arquivos de programas\Garena\Skin\Skin.ggz/comment_header.bmp password protected

31/5/2009 19:45:31 File: C:\Arquivos de programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:31 File: C:\Arquivos de programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe not disinfected postponed

31/5/2009 19:45:36 File: C:\Arquivos de programas\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:45:36 File: C:\Arquivos de programas\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe not disinfected postponed

31/5/2009 19:48:16 File: C:\Arquivos de programas\mIRC\mirc.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:16 File: C:\Arquivos de programas\mIRC\mirc.exe not disinfected postponed

31/5/2009 19:48:25 File: C:\Arquivos de programas\MSN Messenger\livecall.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:25 File: C:\Arquivos de programas\MSN Messenger\livecall.exe not disinfected postponed

31/5/2009 19:48:29 File: C:\Arquivos de programas\MSN Messenger\msvs.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:29 File: C:\Arquivos de programas\MSN Messenger\msvs.exe not disinfected postponed

31/5/2009 19:48:30 File: C:\Arquivos de programas\MSN Messenger\Device Manager\dpinst.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:30 File: C:\Arquivos de programas\MSN Messenger\Device Manager\dpinst.exe not disinfected postponed

31/5/2009 19:48:31 File: C:\Arquivos de programas\MSN Messenger\Device Manager\msgrdvmn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:31 File: C:\Arquivos de programas\MSN Messenger\Device Manager\msgrdvmn.exe not disinfected postponed

31/5/2009 19:48:40 File: C:\Arquivos de programas\Vuze\Azureus.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:48:40 File: C:\Arquivos de programas\Vuze\Azureus.exe not disinfected postponed

31/5/2009 19:49:55 File: C:\Arquivos de programas\Warcraft III\BNUpdate.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:55 File: C:\Arquivos de programas\Warcraft III\BNUpdate.exe not disinfected postponed

31/5/2009 19:49:55 File: C:\Arquivos de programas\Warcraft III\euroloader.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:55 File: C:\Arquivos de programas\Warcraft III\euroloader.exe not disinfected postponed

31/5/2009 19:49:56 File: C:\Arquivos de programas\Warcraft III\Frozen Throne.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:56 File: C:\Arquivos de programas\Warcraft III\Frozen Throne.exe not disinfected postponed

31/5/2009 19:49:57 File: C:\Arquivos de programas\Warcraft III\laavtr.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:57 File: C:\Arquivos de programas\Warcraft III\laavtr.exe not disinfected postponed

31/5/2009 19:49:57 File: C:\Arquivos de programas\Warcraft III\lnniru.exe detected Trojan program 'Trojan.Win32.Autoit.xp'

31/5/2009 19:49:57 File: C:\Arquivos de programas\Warcraft III\lnniru.exe not disinfected postponed

31/5/2009 19:49:58 File: C:\Arquivos de programas\Warcraft III\W3DR.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:58 File: C:\Arquivos de programas\Warcraft III\W3DR.exe not disinfected postponed

31/5/2009 19:49:59 File: C:\Arquivos de programas\Warcraft III\War3.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:49:59 File: C:\Arquivos de programas\Warcraft III\War3.exe not disinfected postponed

31/5/2009 19:50:00 File: C:\Arquivos de programas\Warcraft III\Warcraft III.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:00 File: C:\Arquivos de programas\Warcraft III\Warcraft III.exe not disinfected postponed

31/5/2009 19:50:01 File: C:\Arquivos de programas\Warcraft III\World Editor.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:01 File: C:\Arquivos de programas\Warcraft III\World Editor.exe not disinfected postponed

31/5/2009 19:50:01 File: C:\Arquivos de programas\Warcraft III\worldedit.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:01 File: C:\Arquivos de programas\Warcraft III\worldedit.exe not disinfected postponed

31/5/2009 19:50:34 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\AtiCimUn.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:34 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\AtiCimUn.exe not disinfected postponed

31/5/2009 19:50:35 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CheckVer.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:35 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CheckVer.exe not disinfected postponed

31/5/2009 19:50:35 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\issetup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:35 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\issetup.exe not disinfected postponed

31/5/2009 19:50:37 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Blizzard\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:37 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Blizzard\setup.exe not disinfected postponed

31/5/2009 19:50:38 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CatalystRegistration\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:38 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CatalystRegistration\setup.exe not disinfected postponed

31/5/2009 19:50:39 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CCC\setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:50:39 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\CCC\setup.exe not disinfected postponed

31/5/2009 19:51:01 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Driver\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:51:01 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\Driver\Setup.exe not disinfected postponed

31/5/2009 19:51:10 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\WDM_ALL\Setup.exe detected virus 'Virus.Win32.Sality.aa'

31/5/2009 19:51:10 File: C:\ATI\Support\9_3_xp32_dd_ccc_wdm_enu\Driver\WDM_ALL\Setup.exe not disinfected postponed

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/default_cn.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/dota65x_cn.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/dota648b_cn.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn_s.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\cn_s.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/default.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/dota65x.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/dota648b.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en_s.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\en_s.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\id_s.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/default_tw.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/dota65x_tw.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/dota648b_tw.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw.ggz/server.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw_s.ggz/lang.xml password protected

31/5/2009 20:01:38 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\GarenaTV\tw_s.ggz/server.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.cn/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.en/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\FPSGame.dll.tw/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.br/Garena.exe.br.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.cn/Garena.exe.cn.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.en/Garena.exe.en.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.id/Garena.exe.id.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.ru/Garena.exe.ru.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.sp/Garena.exe.sp.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.th/Garena.exe.th.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.tw/Garena.exe.tw.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\Garena.exe.vn/Garena.exe.vn.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.cn/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.cn/server.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.en/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.en/server.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.tw/lang.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\GarenaTV_UI.dll.tw/server.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update.exe.cn/update.exe.cn.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update.exe.tw/update.exe.tw.xml password protected

31/5/2009 20:01:39 File: C:\Documents and Settings\Hiroshi\Desktop\Garena.rar/Garena\Languages\update2.exe.cn/update2.exe.cn.xml password protected

31/5/2009 20:01:

Compartilhar este post


Link para o post
Compartilhar em outros sites

(EDIT) Consegui acessar sites de Scan Online , muito obrigado !, mas o regedit e o gerenciador ainda nao funcionam (EDIT)

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:51:44, on 31/5/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [startCCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - Startup: is-KLIQB.lnk = C:\Documents and Settings\Hiroshi\Desktop\Virus Removal Tool\is-KLIQB\startup.exe

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 2302 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! hiroshirox

 

<!> A infecção é pelo Sality,que infecta executáveis, e de difícil remoção/desinfecção.

<><><><><><><><><><>

<@> Vá à este endereço,e execute a vacina antisality.

 

< Win32_Sality >

 

<@> Execute estas instruções:

 

Win32/Sality

 

<!> Baixe os três arquivos,para a pasta: C:\Sality <-- Crie esta pasta!

 

<1> rmsality.exe

<2> rmsality.nt

<3> rmsality.dos

 

<!> Execute o arquivo: rmsality.exe

<!> Você também pode especificar os discos,para restaurar,como parâmetro de um comando.

<!> Exemplo: C:\Sality\rmsality C: D:

<!> Se o comando é usado sem parâmetros,será restaurado todos os discos no computador.

<!> Ps: O êxito do removedor,necessita de direitos administrativos.

<!> Para a funcionalidade apropriada do removedor,é necessário salvar o rmsality.nt e o rmsality.dos,na mesma pasta que o rmsality.exe.

<!> Ps: Caso possua ficheiro(s) infectados,execute o procedimento logo abaixo.

<!> Vá em Iniciar --> Executar --> Digite: c:\Sality\rmsality c:\windows\explorer.exe --> Aperte Enter.

<><><><><><><><><><>

<@> Baixe: < DrWebCureIt >

<@> Salve-o no desktop!

<@> Reinicie o computador em Modo de Segurança.

<@> Inicie a instalação/execução,com um duplo-clique em drweb-cureit.

<@> Na janela que abrir,clique em Iniciar --> OK.

<@> Será dado início a "Verificação rápida" --> Feche a janela de propaganda!

<@> Terminando,marque a caixa de "Verificação Completa".

<@> Click em "Options" --> Em Change settings,desmarque a "Heuristic analysis".

 

Neste modo são verificados os seguintes objectos:

 

* Sectores de Arranque de Todos os Discos. <--

 

* Todas as Unidades Removíveis. <--

 

* Todos os Discos Locais. <--

<@> Clique em "Iniciar verificação" --> Aguarde!

<@> Surgindo mensagens para mover ou desinfectar arquivos,clique em Sim.

<@> Terminando,clique em "Ficheiro" --> "Guardar lista de relatórios".

<@> Procure salvá-lo em um local adequado. ( DrWeb.csv ) <-- Texto!

<@> Poste: DrWeb.csv + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

(EDIT)Apenas encontrei o arquivo .exe no site da AVG (a vacina eh o rmsality.exe ) ? -----

Eu tinha gravado um arquivo no MP3 , porem ja deletei TUDO presente nele , tem perigo de estar infectado? ()

 

Caro DigRam , o site do avg indica essa seguinte instrução

 

"Se o computador infectado estiver conectado à LAN, desconecte-o e reconecte-o somente depois que todos os demais computadores tiverem sido verificados e limpos."

 

O PC da minha irmã , apresenta o mesmo vírus (alias , acho que peguei dela ao fazer um backup la )

O estado do PC dela esta MUITO ruim , não consegui nem usar o arquivo para entrar em modo de segurança , pretendo desconectar la e formatar para tentar desinfectar o meu , porém la possui fotos que precisam ser salvas , como o sality afeta arquivos .exe , as fotos estão 'limpas' ? ha algum perigo de eu perder fotos no procedimento?

 

O que seria ficheiros infectados ?

 

Grato.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! hiroshirox

 

(EDIT)Apenas encontrei o arquivo .exe no site da AVG (a vacina eh o rmsality.exe ) ?

<!> É importante que voçê baixe os 3 ficheiros,e os aloque em uma mesma pasta.

 

<1> rmsality.exe <--

<2> rmsality.nt <--

<3> rmsality.dos <--

 

Eu tinha gravado um arquivo no MP3 , porem ja deletei TUDO presente nele , tem perigo de estar infectado? ()

<!> Provavelmente...não!

 

Caro DigRam , o site do avg indica essa seguinte instrução

 

"Se o computador infectado estiver conectado à LAN, desconecte-o e reconecte-o somente depois que todos os demais computadores tiverem sido verificados e limpos."

<!> Creio que não é o seu caso. Certo?

 

O PC da minha irmã , apresenta o mesmo vírus (alias , acho que peguei dela ao fazer um backup la )

O estado do PC dela esta MUITO ruim , não consegui nem usar o arquivo para entrar em modo de segurança , pretendo desconectar la e formatar para tentar desinfectar o meu , porém la possui fotos que precisam ser salvas , como o sality afeta arquivos .exe , as fotos estão 'limpas' ? ha algum perigo de eu perder fotos no procedimento?

<!> Recomendo que descarte qualquer backup! Mesmo em se tratando de fotos.

 

O que seria ficheiros infectados ?

<!> Genericamente,trata-se de todo tipo de arquivo,que esteja infectado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites
<!> Creio que não é o seu caso. Certo?

Bom , esta em lan com o da minha irmã :P

 

As fotos são muito importantes , então passei um Scan nelas , tava tudo limpo e gravei em um dvd ... espero que tenha feito a decisão certa xD

 

 

Bom , ja desconectei o PC de lá , farei os procedimentos , em breve posto os logs .

Obrigado!

 

PS* Sites de Scan Online novamente nao esta dando para acessar

 

DrWebCureIt nao esta funfando o dl ali , meus amigos conseguem u.u ... vou tentar pegar com alguem u.u

Compartilhar este post


Link para o post
Compartilhar em outros sites
<!> Creio que não é o seu caso. Certo?

Bom , esta em lan com o da minha irmã :P

 

As fotos são muito importantes , então passei um Scan nelas , tava tudo limpo e gravei em um dvd ... espero que tenha feito a decisão certa xD

 

 

Bom , ja desconectei o PC de lá , farei os procedimentos , em breve posto os logs .

Obrigado!

 

PS* Sites de Scan Online novamente nao esta dando para acessar

 

DrWebCureIt nao esta funfando o dl ali , meus amigos conseguem u.u ... vou tentar pegar com alguem u.u

<><><><><><><><>

Boa Noite! hiroshirox

 

<!> Após as vacinas,execute: DrWebCureIt + Kaspersky Virus Removal Tool.

<!> Poste seus relatórios.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.