[Resolvido!] Analise de Log do HijHackThis

[Bruno Carazato 0]

Antonio não consegui baixar pois o download não se inicia...e jaja irei verificar se consigo iniciar em modo seguro

[Power Max 54]

Antonio não consegui baixar pois o download não se inicia...

:seta: Tentemos então fazer o seguinte:

 

Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

 

Faça o download do ComboFix

Salve-o no Desktop (área de trabalho).

* Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! )

* Feche todas as janelas e execute a ferramenta.

* Ps: A execução, por comando, também é possível:

* Vá em Iniciar --> Executar --> Digite ou cole:

"%userprofile%\desktop\Combofix.exe" /killall

 

 

* Clique em Ok.

* Na solicitação: "Negação de garantia de software" --> Clique em Sim.

 

 

* Não possuindo o "'>http://support.microsoft.com/kb/307654/pt-br"]Console de Recuperação",aceite optar pela instalação do mesmo.

* Terminando,clique Sim ou Yes. --> Aguarde.

 

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

:!: Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download.

* Salve-a no Desktop,renomeada como: Kombo.exe

* Ps: Nomeie durante o salvamento,e não após salvá-la!

* Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "'>http://forum.imasters.com.br/index.php?/topic/278480-como-iniciar-em-modo-de-seguranca/"]Modo de Segurança". <-- Link!

* Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

 

 

* Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos.

* Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

* Ps: Para evitar problemas, siga todas as recomendações propostas.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

* Abrir-se-á a janela Auto Scan. --> Aguarde!

* Para finalizar remoções, o ComboFix poderá reiniciar o computador.

* Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

* Durante o scan, evite manusear o mouse ou teclado! <-- Importante!

* Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter.

<><><><><><><><><><><><>

 

Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com um novo log do Hijackthis em sua próxima resposta e nos diga como está o seu PC depois disto.

 

Ficamos no aguardo.

[Bruno Carazato 0]

Log do ComboFix

 

ComboFix 09-12-31.01 - ' BRUN!NHO~ 31/12/2009 16:52:37.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.2038.1512 [GMT -2:00]

Executando de: c:\documents and settings\' BRUN!NHO~\Desktop\ComboFix.exe

 

ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\Alcmtr.exe

D:\install.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_ASC3360PR

-------\Service_asc3360pr

 

 

(((((((((((((((( Arquivos/Ficheiros criados de 2009-11-28 to 2009-12-31 ))))))))))))))))))))))))))))

.

 

2009-12-31 18:14 . 2009-12-31 18:23 -------- d-----w- C:\FindyKill

2009-12-31 17:47 . 2006-10-26 21:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2009-12-31 17:47 . 2006-10-26 21:56 32592 ----a-w- c:\windows\system32\msonpmon.dll

2009-12-31 17:42 . 2009-12-31 17:45 -------- d-----w- c:\windows\SHELLNEW

2009-12-31 17:40 . 2009-12-31 17:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2009-12-31 17:39 . 2009-12-31 17:39 -------- d-----r- C:\MSOCache

2009-12-31 17:36 . 1998-11-13 15:18 308224 ----a-w- c:\windows\IsUn0416.exe

2009-12-31 17:17 . 2009-12-31 17:17 -------- d-----w- C:\Level Up! Games

2009-12-31 17:12 . 2004-08-04 01:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2009-12-31 14:54 . 2009-12-31 14:54 -------- d-----w- c:\documents and settings\' BRUN!NHO~\Dados de aplicativos\ProxyCap

2009-12-31 14:51 . 2009-08-19 07:18 107864 ----a-w- c:\windows\system32\tsccvid.dll

2009-12-31 14:51 . 2009-12-31 14:51 -------- d-----w- c:\windows\system32\QuickTime

2009-12-31 14:51 . 2009-12-31 14:51 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\TechSmith

2009-12-31 14:48 . 2009-12-31 14:48 -------- d-----w- c:\arquivos de programas\Proxy Labs

2009-12-31 14:29 . 2009-12-31 14:35 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\WLInstaller

2009-12-31 14:19 . 2009-12-31 14:30 -------- d-----w- c:\windows\system32\CatRoot_bak

2009-12-31 14:11 . 2009-12-31 14:11 -------- d-----w- c:\documents and settings\' BRUN!NHO~\Dados de aplicativos\Malwarebytes

2009-12-31 14:11 . 2009-12-30 16:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-31 14:11 . 2009-12-31 14:11 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-12-31 14:11 . 2009-12-31 14:11 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes

2009-12-31 14:11 . 2009-12-30 16:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-31 14:06 . 2009-12-31 14:06 98304 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\nxgameus.dll

2009-12-31 14:06 . 2009-12-31 14:06 507904 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\NGMDll.dll

2009-12-31 14:06 . 2009-12-31 14:06 335872 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\NGMResource.dll

2009-12-31 14:06 . 2009-12-31 14:06 258352 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\unicows.dll

2009-12-31 14:06 . 2009-12-31 14:06 233472 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe

2009-12-31 14:06 . 2009-12-31 14:06 -------- d-----w- C:\Nexon

2009-12-31 14:06 . 2009-12-31 14:06 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-31 18:21 . 2001-09-06 14:00 48846 ----a-w- c:\windows\system32\perfc016.dat

2009-12-31 18:21 . 2001-09-06 14:00 344734 ----a-w- c:\windows\system32\perfh016.dat

2009-12-31 13:37 . 2009-12-31 13:37 2033896 ----a-w- c:\documents and settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

2009-12-31 13:15 . 2009-12-31 13:15 315392 ----a-w- c:\windows\HideWin.exe

2009-12-31 13:13 . 2009-12-31 13:13 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2009-12-31 13:13 . 2009-12-31 13:12 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Ahead

2009-12-31 13:12 . 2009-12-31 13:09 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield

2009-12-31 13:11 . 2009-12-31 13:11 -------- dcsh--w- c:\arquivos de programas\Arquivos comuns\WindowsLiveInstaller

2009-12-31 13:11 . 2009-12-31 13:11 -------- d-----w- c:\arquivos de programas\Arquivos comuns\TechSmith Shared

2009-12-31 13:11 . 2009-12-31 13:11 -------- d-----w- c:\arquivos de programas\ASUS

2009-12-31 13:11 . 2009-12-31 13:11 -------- d-----w- c:\arquivos de programas\Atheros Communications Inc

2009-12-31 13:11 . 2009-12-31 13:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-12-31 13:11 . 2009-12-31 13:11 -------- d-----w- c:\arquivos de programas\Intel

2009-12-31 13:08 . 2009-12-31 13:08 -------- d-----w- c:\arquivos de programas\Microsoft Works

2009-12-31 13:08 . 2009-12-31 13:08 -------- d-----w- c:\arquivos de programas\MSBuild

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\Nero

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\QuickTime

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\Realtek

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\TechSmith

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\Windows Live

2009-12-31 13:07 . 2009-12-31 13:07 -------- d-----w- c:\arquivos de programas\Your Freedom

2009-12-31 13:02 . 2009-12-31 13:02 -------- d-----w- c:\arquivos de programas\microsoft frontpage

2009-12-31 13:01 . 2009-12-31 13:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-12-31 13:01 . 2009-12-31 13:01 -------- d-----w- c:\arquivos de programas\Serviços on-line

2009-12-31 13:00 . 2009-12-31 13:00 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2009-12-31 12:59 . 2009-12-31 12:59 21844 ----a-w- c:\windows\system32\emptyregdb.dat

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-31 202736]

"ProxyCap"="c:\arquiv~1\PROXYL~1\ProxyCap\ProxyCap.exe" [2008-08-25 356352]

"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2004-08-04 1667584]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]

"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]

"SkyTel"="SkyTel.EXE" [2007-10-11 1908736]

"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Adobe Gamma Loader.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2009-12-31 180224]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Adobe\\Calibration\\Adobe Gamma Loader.exe"=

"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"=

"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe

"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe

"c:\\Level Up! Games\\Grand Chase Season 2\\main.exe"=

"c:\\Arquivos de programas\\Your Freedom\\freedom.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Documents and Settings\\' BRUN!NHO~\\Configurações locais\\Dados de aplicativos\\Google\\Update\\GoogleUpdate.exe"=

"c:\\Documents and Settings\\' BRUN!NHO~\\Configurações locais\\Dados de aplicativos\\Google\\Chrome\\Application\\chrome.exe"=

"c:\\Arquivos de programas\\WinRAR\\WinRAR.exe"=

"c:\\Level Up! Games\\Grand Chase Season 2\\grandchase.exe"= c:\\Level Up! Games\\Grand Chase Season 2\\GrandChase.exe

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\WINDOWS\\SkyTel.EXE"=

"c:\\ARQUIV~1\\PROXYL~1\\ProxyCap\\ProxyCap.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GrooveMonitor.exe"=

"c:\\WINDOWS\\system32\\wscntfy.exe"=

 

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [31/12/2009 11:10 36864]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

 

--- =Outros Serviços/Drivers Na Memória ---

 

*NewlyCreated* - ASC3360PR

.

Conteúdo da pasta 'Tarefas Agendadas'

.

.

------- Scan Suplementar -------

.

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~4\Office12\EXCEL.EXE/3000

LSP: w2pxdrv.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-31 16:55

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'lsass.exe'(748)

c:\windows\system32\w2pxdrv.dll

 

- - - - - - - > 'explorer.exe'(2408)

c:\windows\system32\msi.dll

c:\windows\system32\browselc.dll

c:\arquivos de programas\Microsoft Office\Office12\1046\GrooveIntlResource.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\windows\RTHDCPL.EXE

c:\windows\system32\igfxsrvc.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\imapi.exe

.

**************************************************************************

.

Tempo para conclusão: 2009-12-31 16:56:05 - Máquina reiniciou

ComboFix-quarantined-files.txt 2009-12-31 18:56

 

Pré-execução: 13 pasta(s) 34.897.027.072 bytes disponíveis

Pós execução: 15 pasta(s) 35.597.578.240 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

 

- - End Of File - - 7F18A372A4B6AA178C85375BB353AE73

 

Ainda não consigo instalar o Avira que você me passou o link..

[Power Max 54]

:) Mais alguns problemas foram removidos pelo Combofix.

 

:seta: Siga as dicas deste tutorial:

 

Tutorial do Dr. Web CureIt

 

Na sua próxima resposta poste este log do Dr. Web CureIt juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

 

Ficamos no aguardo.

[Bruno Carazato 0]

Quando clico no link acima o explore fecha e o google chrome tbm..

[Power Max 54]

Quando clico no link acima o explore fecha e o google chrome tbm..

:seta: Tente baixar o programa através de um destes web proxys abaixo:

 

http://www.hrmovie.com/

http://anonymouse.org/anonwww.html

http://texasproxy.com/p.php?q=&hl=0

 

P.S.: Se mesmo através destes web proxys acima não for possível baixar o Dr. Web CureIt, baixe-o no endereço abaixo (onde ele está com o nome de amigo.exe para que os malwares não fiquem bloqueando ele):

http://www.badongo.com/file/19446772

 

Quando acessar este link acima, aguarde alguns momentos e digite os números que aparecem no canto superior direito da página e tecle Enter > aguarde a contagem regressiva > clique no botão Faça o download do seu ficheiro aqui.

[Bruno Carazato 0]

Ok eu baixei mas não consigo acessar o tutorial..

[Power Max 54]

Ok eu baixei mas não consigo acessar o tutorial..

:seta: * Dê um duplo clique no ícone dele e clique em Iniciar. Aguarde o scan inicial das áreas vitais do sistema terminar;

 

* Caso encontre algo, clique em "Sim";

 

* Quando o scan rápido terminar, clique em Opções > Alterar Definições. Na aba Verificar desmarque a opção Análise Heurística e clique no botão Ok.

 

* Depois disto, marque a opção Verificação Completa e clique na seta verde;

 

*Clique sempre na opção "Sim" para a remoção dos problemas encontrados;

 

*Ao término, clique em "Arquivo" e salve o relatório no desktop (área de trabalho);

 

*O relatório terá extensão .csv

 

*Feche o DrWebCureIt e reinicie o PC;

 

* Vá na sua área de trabalho, abra este relatório, selecione-o inteiramente, copie-o e poste-o em sua próxima resposta juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois destes procedimentos;

 

* Ficamos no aguardo.

[Bruno Carazato 0]

Vou fazer isto...e aidna n consigo iniciar em modo seguro..

[Bruno Carazato 0]

Quando dou o uplo clique no amigo.exe aparece os seguintes erros

 

[Power Max 54]

:seta: Antes de fazermos este procedimento abaixo, desative a restauração do sistema e mantenha ela desativada até o final de todos os procedimentos de limpeza de seu PC para evitar que os malwares voltem. Para isso, vá no menu: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Marque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok.

___________________________

 

:seta: Para burlar o bloqueio e infecção que este malware causa nos arquivos executáveis, mudei a extensão do arquivo para .cmd, e para baixar este arquivo amigo.cmd (que é o Dr. WebCureit com o seu nome mudado) acesse o site abaixo:

http://www.badongo.com/file/19466231

 

Quando acessar este link acima, aguarde alguns momentos e digite os números que aparecem no canto superior direito da página e tecle Enter > aguarde a contagem regressiva > clique no botão Faça o download do seu ficheiro aqui.

 

Ai depois é só seguir aqueles procedimentos que tinha te passado para executá-lo corretamente e depois poste o log dele juntamente com novo log do Hijackthis e nos diga como está o PC depois disto.

[Bruno Carazato 0]

Aqui esta o log do DR.WEBCUREIT

 

Processos em memória: C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application Win32.Sector.8 Erradicado.

wgasetup.exe C:\WINDOWS\system32\KB905474 Win32.Sector.5 Desinfectado.

POKEMON RUBY.exe D:\Meus Documentos\Bruno\Jogos\Pokemon Win32.Sector.5 Desinfectado.

ChromeSetup.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

Firefox Setup 3.5.2.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

Menssenger.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

MsgPlusLive-482.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

setup.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

setupeng.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

SUPERAntiSpyware.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

wrar380br.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

Burn 4 Free.exe D:\Meus Documentos\Bruno\Programas\Bun 4FREE Modificação de Win32.Sector.5 Movido.

ScratchInstaller1.4.exe D:\Meus Documentos\Bruno\Programas\Scratch Modificação de Win32.Sector.5 Movido.

amigo.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

ComboFix.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

Setup.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

wlsetup-custom.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

adobe gamma loader.exe c:\arquivos de programas\arquivos comuns\adobe\calibration Win32.Sector.5 Desinfectado.

odserv.exe c:\arquivos de programas\arquivos comuns\microsoft shared\office12 Win32.Sector.5 Desinfectado.

ose.exe c:\arquivos de programas\arquivos comuns\microsoft shared\source engine Win32.Sector.5 Desinfectado.

grooveauditservice.exe c:\arquivos de programas\microsoft office\office12 Win32.Sector.5 Desinfectado.

proxycap.exe c:\arquivos de programas\proxy labs\proxycap Win32.Sector.5 Desinfectado.

wlcomm.exe c:\arquivos de programas\windows live\contacts Win32.Sector.5 Desinfectado.

msnmsgr.exe c:\arquivos de programas\windows live\messenger Win32.Sector.5 Desinfectado.

chrome.exe c:\documents and settings\' brun!nho~\configurações locais\dados de aplicativos\google\chrome\application Win32.Sector.5 Desinfectado.

googleupdate.exe c:\documents and settings\' brun!nho~\configurações locais\dados de aplicativos\google\update Win32.Sector.5 Desinfectado.

curb slow.exe c:\documents and settings\' brun!nho~\dados de aplicativos\meetfindbike Win32.Sector.5 Desinfectado.

curb slow.exe c:\documents and settings\' brun!nho~\dados de aplicativos\meetfindbike Trojan.Swizzor.based Eliminado.

thunk ref less.exe c:\documents and settings\' brun!nho~\dados de aplicativos\meetfindbike Win32.Sector.5 Desinfectado.

thunk ref less.exe c:\documents and settings\' brun!nho~\dados de aplicativos\meetfindbike Trojan.Swizzor.based Eliminado.

name remote.exe c:\documents and settings\all users\dados de aplicativos\comp two long internet Modificação de Win32.Sector.5 Movido.

skytel.exe c:\windows Win32.Sector.5 Desinfectado.

wgasetup.exe c:\windows\system32\kb905474 Win32.Sector.5 Desinfectado.

ImageReady.exe C:\Arquivos de programas\Adobe\Photoshop 7.0 Win32.Sector.5 Desinfectado.

Alteração de Modo Condicional.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Criar Botão.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Criar Tom de Sépia.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Foto Envelhecida.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Moldura de Sombra Projetada.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Restringir a 300 pixels.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Restringir a 64 pixels.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Salvar Como JPEG Medium.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Salvar Como Photoshop PDF.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop Win32.Sector.5 Desinfectado.

Droplet Template.exe C:\Arquivos de programas\Adobe\Photoshop 7.0\Required Win32.Sector.5 Desinfectado.

Adobe Gamma Loader.exe C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration Win32.Sector.5 Desinfectado.

AdobeWorkgroupHelper.exe C:\Arquivos de programas\Arquivos comuns\Adobe\Workflow Win32.Sector.5 Desinfectado.

NeroCheck.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NeroPatentActivation.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NeroScoutOptions.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NeroSearchAdvanced.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NeroUpgrade.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NeTsMan.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NiReg.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMBCWriter.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMBgMonitor.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMIndexingService.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMIndexStoreSvr.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMTVServer.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

NMTvWizard.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib Win32.Sector.5 Desinfectado.

SetupX.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web Win32.Sector.5 Desinfectado.

NeroRemoteCtrlHandler.exe C:\Arquivos de programas\Arquivos comuns\Ahead\RemoteControl Win32.Sector.5 Desinfectado.

IKernel.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32 Win32.Sector.5 Desinfectado.

DW20.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW Win32.Sector.5 Desinfectado.

DWTRIG20.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW Win32.Sector.5 Desinfectado.

EQNEDT32.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\EQUATION Win32.Sector.5 Desinfectado.

OINFOP12.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo Win32.Sector.5 Desinfectado.

ACECNFLT.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12 Win32.Sector.5 Desinfectado.

MSE7.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12 Win32.Sector.5 Desinfectado.

MSOXMLED.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12 Win32.Sector.5 Desinfectado.

OFFDIAG.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12 Win32.Sector.5 Desinfectado.

OFFLB.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12 Win32.Sector.5 Desinfectado.

ODEPLOY.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller Win32.Sector.5 Desinfectado.

SETUP.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller Win32.Sector.5 Desinfectado.

WLLoginProxy.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live Win32.Sector.5 Desinfectado.

uninst.exe C:\Arquivos de programas\Ask Search Assistant Win32.Sector.5 Desinfectado.

MyLogo.exe C:\Arquivos de programas\ASUS\ASUSUpdate Win32.Sector.5 Desinfectado.

Update.exe C:\Arquivos de programas\ASUS\ASUSUpdate Win32.Sector.5 Desinfectado.

WinFlash.exe C:\Arquivos de programas\ASUS\ASUSUpdate Win32.Sector.5 Desinfectado.

AsIoUnins.exe C:\Arquivos de programas\ASUS\IO Win32.Sector.5 Desinfectado.

dev_op_x86.exe C:\Arquivos de programas\Atheros Communications Inc\Atheros Ethernet Utility Win32.Sector.5 Desinfectado.

Uninstall.exe C:\Arquivos de programas\Circle Developeent Win32.Sector.5 Desinfectado.

Uninstall.exe C:\Arquivos de programas\Circle Developeent Trojan.Swizzor.based Eliminado.

setup.exe C:\Arquivos de programas\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06} Win32.Sector.5 Desinfectado.

Setup.exe C:\Arquivos de programas\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C} Win32.Sector.5 Desinfectado.

setup.exe C:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6} Win32.Sector.5 Desinfectado.

setup.exe C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} Win32.Sector.5 Desinfectado.

Setup.exe C:\Arquivos de programas\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166} Win32.Sector.5 Desinfectado.

mbam.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado.

mbamgui.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado.

mbamservice.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado.

Log Viewer.exe C:\Arquivos de programas\Messenger Plus! Live Win32.Sector.5 Desinfectado.

MPTools.exe C:\Arquivos de programas\Messenger Plus! Live Win32.Sector.5 Desinfectado.

Uninstall.exe C:\Arquivos de programas\Messenger Plus! Live Win32.Sector.5 Desinfectado.

CGuard.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Choice Guard Win32.Sector.5 Desinfectado.

CLVIEW.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

CNFNOT32.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

DRAT.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

DSSM.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

EXCEL.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

excelcnv.exe C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

GRAPH.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

GROOVE.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

GrooveClean.exe C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

GrooveMigrator.exe C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

INFOPATH.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSACCESS.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSOHTMED.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSPUB.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSQRY32.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSTORDB.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

MSTORE.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

OIS.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

ONENOTE.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

ONENOTEM.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

REGFORM.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

SCANOST.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

WINWORD.EXE C:\Arquivos de programas\Microsoft Office\Office12 Win32.Sector.5 Desinfectado.

ONELEV.EXE C:\Arquivos de programas\Microsoft Office\Office12\1046 Win32.Sector.5 Desinfectado.

NeDwFileHelper.exe C:\Arquivos de programas\Nero\Nero 7\Core Win32.Sector.5 Desinfectado.

NeroCmd.exe C:\Arquivos de programas\Nero\Nero 7\Core Win32.Sector.5 Desinfectado.

discinfo.exe C:\Arquivos de programas\Nero\Nero 7\Core\SecurDisc Win32.Sector.5 Desinfectado.

InCD.exe C:\Arquivos de programas\Nero\Nero 7\InCD Win32.Sector.5 Desinfectado.

NBHGui.exe C:\Arquivos de programas\Nero\Nero 7\InCD Win32.Sector.5 Desinfectado.

UNNERO.exe C:\Arquivos de programas\Nero\Nero 7\Nero\Uninstall Win32.Sector.5 Desinfectado.

BackItUp.exe C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp Win32.Sector.5 Desinfectado.

NBService.exe C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp Win32.Sector.5 Desinfectado.

NBSFtp.exe C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp Win32.Sector.5 Desinfectado.

NeroHome.exe C:\Arquivos de programas\Nero\Nero 7\Nero Home Win32.Sector.5 Desinfectado.

NeroStartSmart.exe C:\Arquivos de programas\Nero\Nero 7\Nero StartSmart Win32.Sector.5 Desinfectado.

CDSpeed.exe C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit Win32.Sector.5 Desinfectado.

DMAManager.exe C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit Win32.Sector.5 Desinfectado.

DriveSpeed.exe C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit Win32.Sector.5 Desinfectado.

InfoTool.exe C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit Win32.Sector.5 Desinfectado.

NeroBurnRights.exe C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit Win32.Sector.5 Desinfectado.

Alcmtr.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

ChCfg.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

KB888111xpsp2.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

RtlUpd.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

SkyTel.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

SoundMan.exe C:\Arquivos de programas\Realtek\Audio\InstallShield Win32.Sector.5 Desinfectado.

CamMenuMaker.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

CamMenuPlayer.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

CamPlay.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

CamRecorder.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

CamtasiaStudio.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

CamTheater.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

Recovery.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

TscHelp.exe C:\Arquivos de programas\TechSmith\Camtasia Studio 6 Win32.Sector.5 Desinfectado.

wlarp.exe C:\Arquivos de programas\Windows Live\installer Win32.Sector.5 Desinfectado.

wloobe.exe C:\Arquivos de programas\Windows Live\installer Win32.Sector.5 Desinfectado.

msvs.exe C:\Arquivos de programas\Windows Live\Messenger Win32.Sector.5 Desinfectado.

wlcsdk.exe C:\Arquivos de programas\Windows Live\Messenger Win32.Sector.5 Desinfectado.

wlcstart.exe C:\Arquivos de programas\Windows Live\Messenger Win32.Sector.5 Desinfectado.

wmsetsdk.exe C:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado.

freedom.exe C:\Arquivos de programas\Your Freedom Win32.Sector.5 Desinfectado.

Uninstall.exe C:\Arquivos de programas\Your Freedom Win32.Sector.5 Desinfectado.

cleanup.exe C:\Arquivos de programas\Your Freedom\rt\bin Win32.Sector.5 Desinfectado.

unpack200.exe C:\Arquivos de programas\Your Freedom\rt\bin Win32.Sector.5 Desinfectado.

CF32626.cfxxe C:\ComboFix Win32.Sector.5 Desinfectado.

setup.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\3.0.195.38\Installer Win32.Sector.5 Desinfectado.

GoogleCrashHandler.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13 Win32.Sector.5 Desinfectado.

GoogleUpdate.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13 Win32.Sector.5 Desinfectado.

grandchase.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\001D2B87_Rar Win32.Sector.5 Desinfectado.

grandchase.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\001D52A7_Rar Win32.Sector.5 Desinfectado.

36565me.exe C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1 Win32.Sector.5 Desinfectado.

fpupdateax.exe C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax Win32.Sector.5 Desinfectado.

for eq real site.exe C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\MEETFINDBIKE Win32.Sector.5 Desinfectado.

for eq real site.exe C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\MEETFINDBIKE Trojan.Swizzor.based Eliminado.

ifcwrxje.exe C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\MEETFINDBIKE Win32.Sector.5 Desinfectado.

ifcwrxje.exe C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\MEETFINDBIKE Trojan.Swizzor.based Eliminado.

ComboFix.exe C:\Documents and Settings\' BRUN!NHO~\Desktop Win32.Sector.5 Desinfectado.

ComboFix.exe\32788R22FWJFW\List-C.bat C:\Documents and Settings\' BRUN!NHO~\Desktop\ComboFix.exe Provavelmente BATCH.Virus

ComboFix.exe C:\Documents and Settings\' BRUN!NHO~\Desktop O arquivo contém objectos infectados Movido.

NGM.exe C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM Win32.Sector.5 Desinfectado.

fraps.exe C:\Fraps Win32.Sector.5 Desinfectado.

uninstall.exe C:\Fraps Win32.Sector.5 Desinfectado.

HiJackThis.exe C:\HijHackThis Win32.Sector.5 Desinfectado.

grandchase.exe C:\Level Up! Games\Grand Chase Season 2 Win32.Sector.5 Desinfectado.

UninsHs.exe C:\Level Up! Games\Grand Chase Season 2 Win32.Sector.5 Desinfectado.

ose.exe C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C Win32.Sector.5 Desinfectado.

setup.exe C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C Win32.Sector.5 Desinfectado.

DW20.EXE C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C Win32.Sector.5 Desinfectado.

dwtrig20.exe C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C Win32.Sector.5 Desinfectado.

CAV.exe C:\Nexon\Combat Arms Win32.Sector.5 Desinfectado.

CombatArms.exe C:\Nexon\Combat Arms Win32.Sector.5 Desinfectado.

CombatArms_Direct.exe C:\Nexon\Combat Arms Win32.Sector.5 Desinfectado.

EndingBanner.exe C:\Nexon\Combat Arms Win32.Sector.5 Desinfectado.

Engine.exe C:\Nexon\Combat Arms Win32.Sector.5 Desinfectado.

AhnRpt.exe C:\Nexon\Combat Arms\HShield Win32.Sector.5 Desinfectado.

HsLogMgr.exe C:\Nexon\Combat Arms\HShield Win32.Sector.5 Desinfectado.

HSUpdate.exe C:\Nexon\Combat Arms\HShield Win32.Sector.5 Desinfectado.

autoup.exe C:\Nexon\Combat Arms\HShield\Update Win32.Sector.5 Desinfectado.

NGM.exe C:\NGM Win32.Sector.5 Desinfectado.

Alcmtr.exe.vir C:\Qoobox\Quarantine\C\WINDOWS Win32.Sector.5 Desinfectado.

install.exe.vir C:\Qoobox\Quarantine\D Win32.Sector.5 Desinfectado.

download.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

FixPath.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

grep.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

isadmin.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

LS.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

moveex.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

Process.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

Process.exe C:\SDFix\apps Tool.Prockill

psservice.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

RestartIt!.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

sc.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

sed.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

SF.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

shutdown.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

unzip.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

vfind.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

WINMSG.EXE C:\SDFix\apps Win32.Sector.5 Desinfectado.

zip.exe C:\SDFix\apps Win32.Sector.5 Desinfectado.

regedit.exe C:\SDFix\apps\Replace Win32.Sector.5 Desinfectado.

SkyTel.exe C:\WINDOWS Win32.Sector.5 Desinfectado.

SoundMan.exe C:\WINDOWS Win32.Sector.5 Desinfectado.

CLVIEW.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

CNFNOT32.EXE_0004 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

DRAT.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

EXCEL.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

GRAPH.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

GROOVE.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

GROOVEAUDITSERVICE.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

GROOVECLEAN.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

GROOVEMIGRATOR.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

ODEPLOY.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

ODSERV.EXE_0001 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

OFFDIAG.EXE_0001 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

OFFLB.EXE_0001 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

SETUP.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

WINWORD.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

XL12CNV.EXE C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518 Win32.Sector.5 Desinfectado.

wgasetup.exe C:\WINDOWS\system32\KB905474 Win32.Sector.5 Desinfectado.

wmsiexec.exe D:\848e60dfe492d8a87ea7aee41c\sp2qfe\wow Win32.Sector.5 Desinfectado.

msinfo32.exe D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo Win32.Sector.5 Desinfectado.

sapisvr.exe D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Speech Win32.Sector.5 Desinfectado.

setup.exe D:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6} Win32.Sector.5 Desinfectado.

iedw.exe D:\Arquivos de programas\Internet Explorer Win32.Sector.5 Desinfectado.

IEXPLORE.EXE D:\Arquivos de programas\Internet Explorer Win32.Sector.5 Desinfectado.

icwconn1.exe D:\Arquivos de programas\Internet Explorer\Connection Wizard Win32.Sector.5 Desinfectado.

icwconn2.exe D:\Arquivos de programas\Internet Explorer\Connection Wizard Win32.Sector.5 Desinfectado.

icwrmind.exe D:\Arquivos de programas\Internet Explorer\Connection Wizard Win32.Sector.5 Desinfectado.

icwtutor.exe D:\Arquivos de programas\Internet Explorer\Connection Wizard Win32.Sector.5 Desinfectado.

inetwiz.exe D:\Arquivos de programas\Internet Explorer\Connection Wizard Win32.Sector.5 Desinfectado.

conf.exe D:\Arquivos de programas\NetMeeting Win32.Sector.5 Desinfectado.

msimn.exe D:\Arquivos de programas\Outlook Express Win32.Sector.5 Desinfectado.

oemig50.exe D:\Arquivos de programas\Outlook Express Win32.Sector.5 Desinfectado.

setup50.exe D:\Arquivos de programas\Outlook Express Win32.Sector.5 Desinfectado.

wab.exe D:\Arquivos de programas\Outlook Express Win32.Sector.5 Desinfectado.

wabmig.exe D:\Arquivos de programas\Outlook Express Win32.Sector.5 Desinfectado.

migrate.exe D:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado.

wmplayer.exe D:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado.

dialer.exe D:\Arquivos de programas\Windows NT Win32.Sector.5 Desinfectado.

wordpad.exe D:\Arquivos de programas\Windows NT\Acessórios Win32.Sector.5 Desinfectado.

PINBALL.EXE D:\Arquivos de programas\Windows NT\Pinball Win32.Sector.5 Desinfectado.

fsnjp.exe D:\Documents and Settings\eeee\Configurações locais\Temp Win32.Sector.5 Desinfectado.

fsnjp.exe D:\Documents and Settings\eeee\Configurações locais\Temp Trojan.DownLoad1.5719 Incurável.Movido.

winktpl.exe D:\Documents and Settings\eeee\Configurações locais\Temp Win32.Sector.5 Desinfectado.

winktpl.exe D:\Documents and Settings\eeee\Configurações locais\Temp Trojan.Siggen.21376 Incurável.Movido.

POKEMON RUBY.exe D:\Meus Documentos\Bruno\Jogos\Pokemon Win32.Sector.5 Desinfectado.

ChromeSetup.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

Firefox Setup 3.5.2.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

Menssenger.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

MsgPlusLive-482.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

setup.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

setupeng.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

SUPERAntiSpyware.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

wrar380br.exe D:\Meus Documentos\Bruno\Programas Win32.Sector.5 Desinfectado.

amigo.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

ComboFix.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

ComboFix.exe\32788R22FWJFW\List-C.bat D:\Meus Documentos\Downloads\ComboFix.exe Provavelmente BATCH.Virus

ComboFix.exe D:\Meus Documentos\Downloads O arquivo contém objectos infectados Movido.

Setup.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

wlsetup-custom.exe D:\Meus Documentos\Downloads Win32.Sector.5 Desinfectado.

GPlrLanc.exe D:\Remote Programs\10 Talismans Win32.Sector.5 Desinfectado.

10talismans.exe D:\Remote Programs\10 Talismans\Default Win32.Sector.5 Desinfectado.

GPlrLanc.exe D:\Remote Programs\Cradle of Rome Win32.Sector.5 Desinfectado.

A0000072.dll D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP1 Trojan.Packed.650 Eliminado.

A0000744.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000747.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000757.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000758.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000759.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000760.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000761.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000763.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000764.EXE D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000768.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000770.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000771.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000772.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000773.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000774.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP13 Win32.Sector.5 Desinfectado.

A0000775.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000778.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000779.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000780.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000782.EXE D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000797.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000800.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000811.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000812.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000813.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000814.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000815.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000817.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000818.EXE D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000822.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000824.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000825.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000826.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000827.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000828.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000829.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000832.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000833.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000834.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000836.EXE D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000837.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000838.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000839.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP14 Win32.Sector.5 Desinfectado.

A0000301.exe\SDFix\apps\Process.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP7\A0000301.exe Tool.Prockill

A0000301.exe D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP7 O arquivo contém objectos infectados Movido.

libxml.dll D:\ \Bruno\Jogos\OTSERV\Styller Yourotss 8.50 V0.6 Trojan.Siggen.6293 Incurável.Movido.

 

 

Do hijhackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:22:15, on 2/1/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\ARQUIV~1\PROXYL~1\ProxyCap\ProxyCap.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\notepad.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE

C:\HijHackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ProxyCap] C:\ARQUIV~1\PROXYL~1\ProxyCap\ProxyCap.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

 

--

End of file - 5169 bytes

 

Vou reiniciar o PC e ja posto como ele está..

[Power Max 54]

Vou reiniciar o PC e ja posto como ele está..

OK, e mantenha sempre desativada a restauração do sistema para evitar que os problemas voltem.

[Bruno Carazato 0]

Agora consegui entra no seu site q tem os tutorial...vo tenta instala o avira...ams creio q ainda tem alguma coisa...

 

 

Não consegui instala o avira continua fechando

[Power Max 54]

Não consegui instala o avira continua fechando

Deixemos o Avira para depois, siga só os procedimentos que eu te passar, pois estes malwares que estão no seu PC são bem perigosos.

 

* Faça o download do Kaspersky Virus Removal Tool e renomeie-o para qualquer nome antes de salvá-lo respeitando a extensão .cmd (como por exemplo: Golden.cmd), (esta medida é importante para evitar que virus e/ou malwares bloqueiem o download e/ou execução do Kaspersky ou que contaminem o instalador deste programa) e salve-o no Desktop (área de trabalho do seu PC). Para isto é só seguir as dicas e imagens:

 

Primeiramente clique neste link abaixo:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

 

Surgirá a tela de confirmação do download, onde você irá confirmar o download do programa.

 

Veja nesta imagem abaixo que na opção Nome do arquivo: você digitará Golden.cmd

Clicará no botão Desktop (para que ele seja salvo na sua área de trabalho)

Na opção Salvar como tipo: você selecionará a opção Todos os arquivos (*.*)

E depois disto clicará no botão Salvar. Isto é mostrado na imagem abaixo:

 

* Dê um duplo clique em Golden.cmd e será aberta esta tela inicial do Kaspersky Virus Removal Tool.

 

Aí para executá-lo corretamente siga as dicas do tutorial (menos a parte do tutorial que trata sobre o download dele, pois você já terá feito o download):

 

Tutorial do Kaspersky Virus Removal Tool

 

Na sua próxima resposta poste este log do Kaspersky Virus Removal Tool juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

 

Ficamos no aguardo.

[Bruno Carazato 0]

Quando clico no primeiro link da pagina não encontrada

[Power Max 54]

Quando clico no primeiro link da pagina não encontrada

Tente baixá-lo em um destes web proxys abaixo:

 

http://www.hrmovie.com/

http://anonymouse.org/anonwww.html

http://texasproxy.com/p.php?q=&hl=0

 

Se mesmo assim não for possível, me avise pois ai eu hospedo ele com um nome diferente, como fizemos com o Dr. Web.

[Bruno Carazato 0]

se puder hospedar em algum site fica mais facil n sei como baixa assim..

[Power Max 54]

se puder hospedar em algum site fica mais facil n sei como baixa assim..

Demorei um pouco porque é lento para se fazer o upload de arquivos grandes. Mas aqui está link dele:

http://www.badongo.com/file/19488774

 

Quando acessar este link acima, aguarde alguns momentos e digite os números que aparecem no canto superior direito da página e tecle Enter > aguarde a contagem regressiva > clique no botão Faça o download do seu ficheiro aqui.

 

Aí é só seguir as dicas deste tutorial (menos a parte do tutorial que trata sobre o download dele, pois você já terá feito o download):

 

Tutorial do Kaspersky Virus Removal Tool

 

Na sua próxima resposta poste este log do Kaspersky Virus Removal Tool juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

 

Ficamos no aguardo.

[Bruno Carazato 0]

Autoscan: finished <1 minute ago (events: 1072, objects: 1162, time: 00:00:15)

3/1/2010 17:11:14 Task started

3/1/2010 17:11:34 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe

3/1/2010 17:11:34 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe Postponed

3/1/2010 17:11:59 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Alteração de Modo Condicional.exe

3/1/2010 17:11:59 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Alteração de Modo Condicional.exe Postponed

3/1/2010 17:11:59 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Botão.exe

3/1/2010 17:11:59 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Botão.exe Postponed

3/1/2010 17:12:00 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Tom de Sépia.exe

3/1/2010 17:12:00 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Tom de Sépia.exe Postponed

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Moldura de Sombra Projetada.exe

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Foto Envelhecida.exe

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Foto Envelhecida.exe Postponed

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Moldura de Sombra Projetada.exe Postponed

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 300 pixels.exe

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 300 pixels.exe Postponed

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como JPEG Medium.exe

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como Photoshop PDF.exe

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como JPEG Medium.exe Postponed

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como Photoshop PDF.exe Postponed

3/1/2010 17:12:01 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 64 pixels.exe

3/1/2010 17:12:01 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 64 pixels.exe Postponed

3/1/2010 17:12:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Required\Droplet Template.exe

3/1/2010 17:12:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\Required\Droplet Template.exe Postponed

3/1/2010 17:12:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

3/1/2010 17:12:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe Postponed

3/1/2010 17:12:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Workflow\AdobeWorkgroupHelper.exe

3/1/2010 17:12:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Workflow\AdobeWorkgroupHelper.exe Postponed

3/1/2010 17:12:27 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

3/1/2010 17:12:27 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe Postponed

3/1/2010 17:12:28 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroPatentActivation.exe

3/1/2010 17:12:28 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroPatentActivation.exe Postponed

3/1/2010 17:12:28 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroScoutOptions.exe

3/1/2010 17:12:28 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroScoutOptions.exe Postponed

3/1/2010 17:12:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroUpgrade.exe

3/1/2010 17:12:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroUpgrade.exe Postponed

3/1/2010 17:12:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeTsMan.exe

3/1/2010 17:12:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeTsMan.exe Postponed

3/1/2010 17:12:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroSearchAdvanced.exe

3/1/2010 17:12:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroSearchAdvanced.exe Postponed

3/1/2010 17:12:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBCWriter.exe

3/1/2010 17:12:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBCWriter.exe Postponed

3/1/2010 17:12:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

3/1/2010 17:12:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe Postponed

3/1/2010 17:12:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NiReg.exe

3/1/2010 17:12:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NiReg.exe Postponed

3/1/2010 17:12:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

3/1/2010 17:12:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe Postponed

3/1/2010 17:12:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

3/1/2010 17:12:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe Postponed

3/1/2010 17:12:31 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMTVServer.exe

3/1/2010 17:12:31 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMTVServer.exe Postponed

3/1/2010 17:12:32 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMTvWizard.exe

3/1/2010 17:12:32 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMTvWizard.exe Postponed

3/1/2010 17:12:35 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\RemoteControl\NeroRemoteCtrlHandler.exe

3/1/2010 17:12:35 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\RemoteControl\NeroRemoteCtrlHandler.exe Postponed

3/1/2010 17:12:37 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\IKernel.exe

3/1/2010 17:12:37 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\InstallShield\Engine\6\Intel 32\IKernel.exe Postponed

3/1/2010 17:12:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE

3/1/2010 17:12:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE Postponed

3/1/2010 17:12:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE

3/1/2010 17:12:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE Postponed

3/1/2010 17:12:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe

3/1/2010 17:12:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe Postponed

3/1/2010 17:12:39 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\EQUATION\EQNEDT32.EXE

3/1/2010 17:12:39 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\EQUATION\EQNEDT32.EXE Postponed

3/1/2010 17:12:41 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\OINFOP12.EXE

3/1/2010 17:12:41 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\OINFOP12.EXE Postponed

3/1/2010 17:12:41 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ACECNFLT.EXE

3/1/2010 17:12:41 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ACECNFLT.EXE Postponed

3/1/2010 17:12:42 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSE7.EXE

3/1/2010 17:12:42 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSE7.EXE Postponed

3/1/2010 17:12:43 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE

3/1/2010 17:12:43 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE Postponed

3/1/2010 17:12:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE

3/1/2010 17:12:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE Postponed

3/1/2010 17:12:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFDIAG.EXE

3/1/2010 17:12:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFDIAG.EXE Postponed

3/1/2010 17:12:47 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFLB.EXE

3/1/2010 17:12:47 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFLB.EXE Postponed

3/1/2010 17:12:54 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE

3/1/2010 17:12:54 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE Postponed

3/1/2010 17:12:54 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\SETUP.EXE

3/1/2010 17:12:54 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\SETUP.EXE Postponed

3/1/2010 17:12:56 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE

3/1/2010 17:12:56 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE Postponed

3/1/2010 17:12:59 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

3/1/2010 17:12:59 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe Postponed

3/1/2010 17:13:02 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Ask Search Assistant\uninst.exe

3/1/2010 17:13:02 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Ask Search Assistant\uninst.exe Postponed

3/1/2010 17:13:02 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\WinFlash.exe

3/1/2010 17:13:02 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\WinFlash.exe Postponed

3/1/2010 17:13:03 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\Update.exe

3/1/2010 17:13:03 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\Update.exe Postponed

3/1/2010 17:13:03 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\MyLogo.exe

3/1/2010 17:13:03 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\MyLogo.exe Postponed

3/1/2010 17:13:03 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\IO\AsIoUnins.exe

3/1/2010 17:13:03 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\IO\AsIoUnins.exe Postponed

3/1/2010 17:13:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Atheros Communications Inc\Atheros Ethernet Utility\dev_op_x86.exe

3/1/2010 17:13:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Atheros Communications Inc\Atheros Ethernet Utility\dev_op_x86.exe Postponed

3/1/2010 17:13:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe

3/1/2010 17:13:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe Postponed

3/1/2010 17:13:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe

3/1/2010 17:13:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe Postponed

3/1/2010 17:13:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe

3/1/2010 17:13:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe Postponed

3/1/2010 17:13:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe

3/1/2010 17:13:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe Postponed

3/1/2010 17:13:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe

3/1/2010 17:13:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe Postponed

3/1/2010 17:13:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe

3/1/2010 17:13:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

3/1/2010 17:13:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe Postponed

3/1/2010 17:13:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe Postponed

3/1/2010 17:13:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

3/1/2010 17:13:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe Postponed

3/1/2010 17:13:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Log Viewer.exe

3/1/2010 17:13:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Log Viewer.exe Postponed

3/1/2010 17:13:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\MPTools.exe

3/1/2010 17:13:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\MPTools.exe Postponed

3/1/2010 17:13:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe

3/1/2010 17:13:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe Postponed

3/1/2010 17:13:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe

3/1/2010 17:13:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe Postponed

3/1/2010 17:13:23 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CNFNOT32.EXE

3/1/2010 17:13:23 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CNFNOT32.EXE Postponed

3/1/2010 17:13:23 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CLVIEW.EXE

3/1/2010 17:13:23 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CLVIEW.EXE Postponed

3/1/2010 17:13:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DRAT.EXE

3/1/2010 17:13:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DRAT.EXE Postponed

3/1/2010 17:13:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DSSM.EXE

3/1/2010 17:13:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DSSM.EXE Postponed

3/1/2010 17:13:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GRAPH.EXE

3/1/2010 17:13:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GRAPH.EXE Postponed

3/1/2010 17:13:31 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

3/1/2010 17:13:31 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE Postponed

3/1/2010 17:13:31 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe

3/1/2010 17:13:31 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe Postponed

3/1/2010 17:13:32 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveClean.exe

3/1/2010 17:13:32 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveClean.exe Postponed

3/1/2010 17:13:34 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveMigrator.exe

3/1/2010 17:13:34 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveMigrator.exe Postponed

3/1/2010 17:13:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\excelcnv.exe

3/1/2010 17:13:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\excelcnv.exe Postponed

3/1/2010 17:13:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE

3/1/2010 17:13:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE Postponed

3/1/2010 17:13:39 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE

3/1/2010 17:13:39 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE Postponed

3/1/2010 17:13:44 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE

3/1/2010 17:13:44 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE Postponed

3/1/2010 17:13:45 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE

3/1/2010 17:13:45 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE Postponed

3/1/2010 17:13:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANPST.EXE

3/1/2010 17:13:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANPST.EXE Postponed

3/1/2010 17:13:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANOST.EXE

3/1/2010 17:13:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANOST.EXE Postponed

3/1/2010 17:13:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\VPREVIEW.EXE

3/1/2010 17:13:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\VPREVIEW.EXE Postponed

3/1/2010 17:13:48 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE

3/1/2010 17:13:48 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE Postponed

3/1/2010 17:13:49 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\1046\ONELEV.EXE

3/1/2010 17:13:49 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\1046\ONELEV.EXE Postponed

3/1/2010 17:14:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeDwFileHelper.exe

3/1/2010 17:14:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeDwFileHelper.exe Postponed

3/1/2010 17:14:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeroCmd.exe

3/1/2010 17:14:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeroCmd.exe Postponed

3/1/2010 17:14:09 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\SecurDisc\discinfo.exe

3/1/2010 17:14:09 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\SecurDisc\discinfo.exe Postponed

3/1/2010 17:14:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe

3/1/2010 17:14:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe Postponed

3/1/2010 17:14:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero\Uninstall\UNNERO.exe

3/1/2010 17:14:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero\Uninstall\UNNERO.exe Postponed

3/1/2010 17:14:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe

3/1/2010 17:14:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe Postponed

3/1/2010 17:14:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

3/1/2010 17:14:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe Postponed

3/1/2010 17:14:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBSFtp.exe

3/1/2010 17:14:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBSFtp.exe Postponed

3/1/2010 17:14:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe

3/1/2010 17:14:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe Postponed

3/1/2010 17:14:18 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\CDSpeed.exe

3/1/2010 17:14:18 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\CDSpeed.exe Postponed

3/1/2010 17:14:18 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DMAManager.exe

3/1/2010 17:14:18 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DMAManager.exe Postponed

3/1/2010 17:14:19 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe

3/1/2010 17:14:19 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe Postponed

3/1/2010 17:14:20 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe

3/1/2010 17:14:20 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe Postponed

3/1/2010 17:14:20 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\InfoTool.exe

3/1/2010 17:14:20 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\InfoTool.exe Postponed

3/1/2010 17:14:21 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe

3/1/2010 17:14:21 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe Postponed

3/1/2010 17:14:23 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\BsSndRpt.exe

3/1/2010 17:14:23 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\BsSndRpt.exe Postponed

3/1/2010 17:14:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\uninst.exe

3/1/2010 17:14:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\uninst.exe Postponed

3/1/2010 17:14:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe

3/1/2010 17:14:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe Postponed

3/1/2010 17:14:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\Alcmtr.exe

3/1/2010 17:14:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\Alcmtr.exe Postponed

3/1/2010 17:14:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\ChCfg.exe

3/1/2010 17:14:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\ChCfg.exe Postponed

3/1/2010 17:14:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\BackItUp.exe

3/1/2010 17:14:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\BackItUp.exe Postponed

3/1/2010 17:14:26 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\KB888111xpsp2.exe

3/1/2010 17:14:26 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\KB888111xpsp2.exe Postponed

3/1/2010 17:14:27 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SoundMan.exe

3/1/2010 17:14:27 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SoundMan.exe Postponed

3/1/2010 17:14:28 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\RtlUpd.exe

3/1/2010 17:14:28 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\RtlUpd.exe Postponed

3/1/2010 17:14:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuMaker.exe

3/1/2010 17:14:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuMaker.exe Postponed

3/1/2010 17:14:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SkyTel.exe

3/1/2010 17:14:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SkyTel.exe Postponed

3/1/2010 17:14:29 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuPlayer.exe

3/1/2010 17:14:29 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuPlayer.exe Postponed

3/1/2010 17:14:30 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamPlay.exe

3/1/2010 17:14:30 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamPlay.exe Postponed

3/1/2010 17:14:31 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamTheater.exe

3/1/2010 17:14:31 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamTheater.exe Postponed

3/1/2010 17:14:32 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamRecorder.exe

3/1/2010 17:14:32 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamRecorder.exe Postponed

3/1/2010 17:14:33 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\Recovery.exe

3/1/2010 17:14:33 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\Recovery.exe Postponed

3/1/2010 17:14:33 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\TscHelp.exe

3/1/2010 17:14:33 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\TscHelp.exe Postponed

3/1/2010 17:14:34 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamtasiaStudio.exe

3/1/2010 17:14:34 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamtasiaStudio.exe Postponed

3/1/2010 17:14:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

3/1/2010 17:14:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe Postponed

3/1/2010 17:14:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wloobe.exe

3/1/2010 17:14:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wloobe.exe Postponed

3/1/2010 17:14:39 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wlarp.exe

3/1/2010 17:14:39 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wlarp.exe Postponed

3/1/2010 17:14:40 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msvs.exe

3/1/2010 17:14:40 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msvs.exe Postponed

3/1/2010 17:14:41 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe

3/1/2010 17:14:41 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe Postponed

3/1/2010 17:14:41 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcstart.exe

3/1/2010 17:14:41 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcstart.exe Postponed

3/1/2010 17:14:42 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

3/1/2010 17:14:42 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe Postponed

3/1/2010 17:14:42 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe

3/1/2010 17:14:42 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe Postponed

3/1/2010 17:14:44 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\cleanup.exe

3/1/2010 17:14:44 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\cleanup.exe Postponed

3/1/2010 17:14:44 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\Uninstall.exe

3/1/2010 17:14:44 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\Uninstall.exe Postponed

3/1/2010 17:14:44 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\unpack200.exe

3/1/2010 17:14:44 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\unpack200.exe Postponed

3/1/2010 17:14:45 Detected: Virus.Win32.Sality.aa C:\ComboFix\CF32626.cfxxe

3/1/2010 17:14:45 Untreated: Virus.Win32.Sality.aa C:\ComboFix\CF32626.cfxxe Postponed

3/1/2010 17:14:45 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

3/1/2010 17:14:45 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe Postponed

3/1/2010 17:14:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\3.0.195.38\Installer\setup.exe

3/1/2010 17:14:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\3.0.195.38\Installer\setup.exe Postponed

3/1/2010 17:15:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\freedom.exe

3/1/2010 17:15:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\freedom.exe Postponed

3/1/2010 17:15:26 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleCrashHandler.exe

3/1/2010 17:15:26 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleCrashHandler.exe Postponed

3/1/2010 17:15:28 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleUpdate.exe

3/1/2010 17:15:28 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleUpdate.exe Postponed

3/1/2010 17:15:35 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\000744A8_Rar\grandchase.exe

3/1/2010 17:15:35 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\000744A8_Rar\grandchase.exe Postponed

3/1/2010 17:15:35 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\00033BD1_Rar\grandchase.exe

3/1/2010 17:15:35 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\00033BD1_Rar\grandchase.exe Postponed

3/1/2010 17:15:36 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\000370BC_Rar\grandchase.exe

3/1/2010 17:15:36 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\000370BC_Rar\grandchase.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avadmin.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avadmin.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avcenter.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avcenter.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avconfig.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avconfig.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avnotify.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avnotify.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avscan.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avscan.exe Postponed

3/1/2010 17:15:37 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avupgsvc.exe

3/1/2010 17:15:37 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avupgsvc.exe Postponed

3/1/2010 17:15:38 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avwsc.exe

3/1/2010 17:15:38 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avwsc.exe Postponed

3/1/2010 17:15:38 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\licmgr.exe

3/1/2010 17:15:38 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\licmgr.exe Postponed

3/1/2010 17:15:38 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\fact.exe

3/1/2010 17:15:38 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\fact.exe Postponed

3/1/2010 17:15:38 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\0007608C_Rar\grandchase.exe

3/1/2010 17:15:38 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\0007608C_Rar\grandchase.exe Postponed

3/1/2010 17:15:38 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\sched.exe

3/1/2010 17:15:38 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\sched.exe Postponed

3/1/2010 17:15:39 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\presetup.exe

3/1/2010 17:15:39 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\presetup.exe Postponed

3/1/2010 17:15:39 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\updfix.exe

3/1/2010 17:15:39 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\updfix.exe Postponed

3/1/2010 17:15:39 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\update.exe

3/1/2010 17:15:39 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\update.exe Postponed

3/1/2010 17:15:39 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\setup.exe

3/1/2010 17:15:39 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\setup.exe Postponed

3/1/2010 17:15:39 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\wsctool.exe

3/1/2010 17:15:39 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\wsctool.exe Postponed

3/1/2010 17:15:56 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\vcredist_x86.exe/PE_Patch

3/1/2010 17:15:56 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\vcredist_x86.exe/PE_Patch Postponed

3/1/2010 17:16:41 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

3/1/2010 17:16:41 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe Postponed

3/1/2010 17:17:01 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\A0000301.exe

3/1/2010 17:17:01 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\A0000301.exe Postponed

3/1/2010 17:17:01 Detected: Trojan-Mailfinder.Win32.Agent.acn C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\fsnjp.exe/PE_Patch.UPX/UPX

3/1/2010 17:17:01 Untreated: Trojan-Mailfinder.Win32.Agent.acn C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\fsnjp.exe/PE_Patch.UPX/UPX Postponed

3/1/2010 17:17:01 Detected: Trojan.Win32.Vilsel.x C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\libxml.dll

3/1/2010 17:17:01 Untreated: Trojan.Win32.Vilsel.x C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\libxml.dll Postponed

3/1/2010 17:17:02 Detected: Trojan.Win32.Agent.clss C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\winktpl.exe/PE_Patch.UPX/UPX

3/1/2010 17:17:02 Untreated: Trojan.Win32.Agent.clss C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\winktpl.exe/PE_Patch.UPX/UPX Postponed

3/1/2010 17:17:03 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFi0.exe

3/1/2010 17:17:03 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFi0.exe Postponed

3/1/2010 17:17:03 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFix.exe

3/1/2010 17:17:03 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFix.exe Postponed

3/1/2010 17:17:04 Detected: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe

3/1/2010 17:17:04 Untreated: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe Postponed

3/1/2010 17:17:09 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe

3/1/2010 17:17:09 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe Postponed

3/1/2010 17:17:10 Detected: Virus.Win32.Sality.aa C:\Fraps\uninstall.exe

3/1/2010 17:17:10 Untreated: Virus.Win32.Sality.aa C:\Fraps\uninstall.exe Postponed

3/1/2010 17:17:13 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\dxwebsetup.exe

3/1/2010 17:17:13 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\dxwebsetup.exe Postponed

3/1/2010 17:17:14 Detected: Virus.Win32.Sality.aa C:\Fraps\fraps.exe

3/1/2010 17:17:14 Untreated: Virus.Win32.Sality.aa C:\Fraps\fraps.exe Postponed

3/1/2010 17:17:15 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\UninsHs.exe

3/1/2010 17:17:15 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\UninsHs.exe Postponed

3/1/2010 17:17:16 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\grandchase.exe

3/1/2010 17:17:16 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\grandchase.exe Postponed

3/1/2010 17:17:18 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\main.exe

3/1/2010 17:17:18 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\main.exe Postponed

3/1/2010 17:17:32 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe

3/1/2010 17:17:32 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe Postponed

3/1/2010 17:17:33 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe

3/1/2010 17:17:33 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe Postponed

3/1/2010 17:17:33 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CAV.exe

3/1/2010 17:17:33 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CAV.exe Postponed

3/1/2010 17:17:33 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\dwtrig20.exe

3/1/2010 17:17:33 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\dwtrig20.exe Postponed

3/1/2010 17:17:33 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\DW20.EXE

3/1/2010 17:17:33 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\DW20.EXE Postponed

3/1/2010 17:17:34 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms_Direct.exe

3/1/2010 17:17:34 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms_Direct.exe Postponed

3/1/2010 17:17:34 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\EndingBanner.exe

3/1/2010 17:17:34 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\EndingBanner.exe Postponed

3/1/2010 17:17:35 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms.exe

3/1/2010 17:17:35 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms.exe Postponed

3/1/2010 17:17:38 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\Engine.exe

3/1/2010 17:17:38 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\Engine.exe Postponed

3/1/2010 17:17:44 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HsLogMgr.exe

3/1/2010 17:17:44 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HsLogMgr.exe Postponed

3/1/2010 17:17:44 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\AhnRpt.exe

3/1/2010 17:17:44 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\AhnRpt.exe Postponed

3/1/2010 17:17:44 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HSUpdate.exe

3/1/2010 17:17:44 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HSUpdate.exe Postponed

3/1/2010 17:17:49 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\Update\autoup.exe

3/1/2010 17:17:49 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\Update\autoup.exe Postponed

3/1/2010 17:18:15 Detected: Virus.Win32.Sality.aa C:\NGM\NGM.exe

3/1/2010 17:18:15 Untreated: Virus.Win32.Sality.aa C:\NGM\NGM.exe Postponed

3/1/2010 17:18:17 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\download.exe

3/1/2010 17:18:17 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\download.exe Postponed

3/1/2010 17:18:18 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\FixPath.exe

3/1/2010 17:18:18 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\FixPath.exe Postponed

3/1/2010 17:18:18 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\isadmin.exe

3/1/2010 17:18:18 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\isadmin.exe Postponed

3/1/2010 17:18:18 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\grep.exe

3/1/2010 17:18:18 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\grep.exe Postponed

3/1/2010 17:18:18 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\moveex.exe

3/1/2010 17:18:18 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\LS.exe

3/1/2010 17:18:18 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\moveex.exe Postponed

3/1/2010 17:18:18 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\LS.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\Process.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\Process.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\RestartIt!.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\RestartIt!.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\psservice.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\psservice.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\sc.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\sc.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\SF.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\SF.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\sed.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\sed.exe Postponed

3/1/2010 17:18:19 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\shutdown.exe

3/1/2010 17:18:19 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\shutdown.exe Postponed

3/1/2010 17:18:20 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\vfind.exe

3/1/2010 17:18:20 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\vfind.exe Postponed

3/1/2010 17:18:20 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\WINMSG.EXE

3/1/2010 17:18:20 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\WINMSG.EXE Postponed

3/1/2010 17:18:20 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\unzip.exe

3/1/2010 17:18:20 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\unzip.exe Postponed

3/1/2010 17:18:20 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\zip.exe

3/1/2010 17:18:20 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\zip.exe Postponed

3/1/2010 17:18:20 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\Replace\regedit.exe

3/1/2010 17:18:21 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\Replace\regedit.exe Postponed

3/1/2010 17:18:30 Detected: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe

3/1/2010 17:18:30 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe Postponed

3/1/2010 17:20:02 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE

3/1/2010 17:20:02 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE Postponed

3/1/2010 17:20:07 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE

3/1/2010 17:20:07 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE Postponed

3/1/2010 17:20:08 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE

3/1/2010 17:20:08 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE Postponed

3/1/2010 17:20:12 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE

3/1/2010 17:20:12 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE Postponed

3/1/2010 17:20:16 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE

3/1/2010 17:20:16 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE Postponed

3/1/2010 17:22:32 Detected: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe

3/1/2010 17:22:32 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe Postponed

3/1/2010 17:22:42 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\msinfo32.exe

3/1/2010 17:22:42 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\msinfo32.exe Postponed

3/1/2010 17:22:42 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Speech\sapisvr.exe

3/1/2010 17:22:42 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Speech\sapisvr.exe Postponed

3/1/2010 17:22:43 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\iedw.exe

3/1/2010 17:22:43 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\iedw.exe Postponed

3/1/2010 17:22:43 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe

3/1/2010 17:22:43 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe Postponed

3/1/2010 17:22:43 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

3/1/2010 17:22:43 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE Postponed

3/1/2010 17:22:44 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn1.exe

3/1/2010 17:22:44 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn1.exe Postponed

3/1/2010 17:22:44 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn2.exe

3/1/2010 17:22:44 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwrmind.exe

3/1/2010 17:22:44 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn2.exe Postponed

3/1/2010 17:22:44 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwrmind.exe Postponed

3/1/2010 17:22:44 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\inetwiz.exe

3/1/2010 17:22:44 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\inetwiz.exe Postponed

3/1/2010 17:22:44 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwtutor.exe

3/1/2010 17:22:44 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwtutor.exe Postponed

3/1/2010 17:22:45 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\oemig50.exe

3/1/2010 17:22:45 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\oemig50.exe Postponed

3/1/2010 17:22:45 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\msimn.exe

3/1/2010 17:22:45 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\msimn.exe Postponed

3/1/2010 17:22:45 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\setup50.exe

3/1/2010 17:22:45 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\setup50.exe Postponed

3/1/2010 17:22:45 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wab.exe

3/1/2010 17:22:45 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wab.exe Postponed

3/1/2010 17:22:45 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wabmig.exe

3/1/2010 17:22:45 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wabmig.exe Postponed

3/1/2010 17:22:46 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\wmplayer.exe

3/1/2010 17:22:46 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\wmplayer.exe Postponed

3/1/2010 17:22:46 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Acessórios\wordpad.exe

3/1/2010 17:22:46 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Acessórios\wordpad.exe Postponed

3/1/2010 17:22:46 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\migrate.exe

3/1/2010 17:22:46 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\migrate.exe Postponed

3/1/2010 17:22:47 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\dialer.exe

3/1/2010 17:22:47 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\dialer.exe Postponed

3/1/2010 17:22:47 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Pinball\PINBALL.EXE

3/1/2010 17:22:47 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Pinball\PINBALL.EXE Postponed

3/1/2010 17:23:17 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe

3/1/2010 17:23:17 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe Postponed

3/1/2010 17:23:19 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe

3/1/2010 17:23:19 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe Postponed

3/1/2010 17:23:21 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe

3/1/2010 17:23:21 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe Postponed

3/1/2010 17:23:21 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe

3/1/2010 17:23:21 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe Postponed

3/1/2010 17:23:23 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe

3/1/2010 17:23:23 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe Postponed

3/1/2010 17:23:23 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe

3/1/2010 17:23:23 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe Postponed

3/1/2010 17:23:25 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd

3/1/2010 17:23:25 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd Postponed

3/1/2010 17:23:34 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe

3/1/2010 17:23:34 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe Postponed

3/1/2010 17:23:50 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe

3/1/2010 17:23:50 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe Postponed

3/1/2010 17:24:02 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe

3/1/2010 17:24:02 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe Postponed

3/1/2010 17:24:11 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe

3/1/2010 17:24:11 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe Postponed

3/1/2010 17:24:11 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe

3/1/2010 17:24:11 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe Postponed

3/1/2010 17:24:13 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe

3/1/2010 17:24:13 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe Postponed

3/1/2010 17:26:26 Detected: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\Default\10talismans.exe

3/1/2010 17:26:26 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\Default\10talismans.exe Postponed

3/1/2010 17:26:26 Detected: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\GPlrLanc.exe

3/1/2010 17:26:26 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\GPlrLanc.exe Postponed

3/1/2010 17:26:27 Detected: Virus.Win32.Sality.aa D:\Remote Programs\Cradle of Rome\GPlrLanc.exe

3/1/2010 17:26:27 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\Cradle of Rome\GPlrLanc.exe Postponed

3/1/2010 17:26:33 Detected: Trojan.Win32.Cosmu.cps D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP1\A0000073.exe

3/1/2010 17:26:33 Untreated: Trojan.Win32.Cosmu.cps D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP1\A0000073.exe Postponed

3/1/2010 18:01:47 Task stopped

3/1/2010 22:55:35 Task started

3/1/2010 22:57:17 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE

3/1/2010 22:57:17 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE Postponed

3/1/2010 22:57:27 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE

3/1/2010 22:57:27 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE Postponed

3/1/2010 22:57:33 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

3/1/2010 22:57:33 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE Postponed

3/1/2010 22:57:56 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe

3/1/2010 22:57:56 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe Postponed

3/1/2010 22:58:04 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE

3/1/2010 22:58:04 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE Postponed

3/1/2010 22:58:04 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE

3/1/2010 22:58:04 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE Postponed

3/1/2010 22:58:24 Detected: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe

3/1/2010 22:58:24 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe Postponed

3/1/2010 22:58:27 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe

3/1/2010 22:58:27 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe Postponed

3/1/2010 22:58:28 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

3/1/2010 22:58:28 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe Postponed

3/1/2010 22:59:00 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe

3/1/2010 22:59:00 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe Postponed

3/1/2010 22:59:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE

3/1/2010 22:59:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE Postponed

3/1/2010 22:59:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE

3/1/2010 22:59:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE Postponed

3/1/2010 23:00:02 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

3/1/2010 23:00:02 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe Postponed

3/1/2010 23:00:19 Detected: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe

3/1/2010 23:00:19 Untreated: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe Postponed

3/1/2010 23:00:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE

3/1/2010 23:00:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE Postponed

3/1/2010 23:00:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

3/1/2010 23:00:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe Postponed

3/1/2010 23:00:40 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE

3/1/2010 23:00:40 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE Postponed

3/1/2010 23:01:24 Detected: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe

3/1/2010 23:01:24 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe Postponed

3/1/2010 23:01:26 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

3/1/2010 23:01:26 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe Postponed

3/1/2010 23:01:45 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\proxy labs\proxycap\proxycap.exe

3/1/2010 23:01:45 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\proxy labs\proxycap\proxycap.exe Postponed

3/1/2010 23:01:46 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

3/1/2010 23:01:46 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe Postponed

3/1/2010 23:01:47 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

3/1/2010 23:01:47 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe Postponed

3/1/2010 23:01:53 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe

3/1/2010 23:01:53 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe Postponed

3/1/2010 23:01:54 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe

3/1/2010 23:01:54 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe Postponed

3/1/2010 23:01:55 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe

3/1/2010 23:01:55 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe Postponed

3/1/2010 23:01:55 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe

3/1/2010 23:01:55 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe Postponed

3/1/2010 23:01:56 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe

3/1/2010 23:01:56 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe Postponed

3/1/2010 23:01:57 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe

3/1/2010 23:01:57 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe Postponed

3/1/2010 23:01:59 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe

3/1/2010 23:01:59 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe Postponed

3/1/2010 23:02:00 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe

3/1/2010 23:02:00 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe Postponed

3/1/2010 23:02:02 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe

3/1/2010 23:02:02 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe Postponed

3/1/2010 23:02:07 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd

3/1/2010 23:02:07 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd Postponed

3/1/2010 23:02:14 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe

3/1/2010 23:02:14 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe Postponed

3/1/2010 23:02:16 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe

3/1/2010 23:02:16 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe Postponed

3/1/2010 23:02:18 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe

3/1/2010 23:02:18 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe Postponed

3/1/2010 23:04:10 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\GROOVE.EXE

3/1/2010 23:04:10 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\GROOVE.EXE Postponed

3/1/2010 23:04:14 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\MSACCESS.EXE

3/1/2010 23:04:14 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\MSACCESS.EXE Postponed

3/1/2010 23:04:16 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\imageready.exe

3/1/2010 23:04:16 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\imageready.exe Postponed

3/1/2010 23:04:17 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\EXCEL.EXE

3/1/2010 23:04:17 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\EXCEL.EXE Postponed

3/1/2010 23:04:18 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\WINWORD.EXE

3/1/2010 23:04:18 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\WINWORD.EXE Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\OFFICE12\MSOXMLED.EXE

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\OFFICE12\MSOXMLED.EXE Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\hijhackthis\hijackthis.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\hijhackthis\hijackthis.exe Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\grooveauditservice.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\grooveauditservice.exe Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\OFFICE12\ODSERV.EXE

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\OFFICE12\ODSERV.EXE Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\windows live\messenger\msnmsgr.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\windows live\messenger\msnmsgr.exe Postponed

3/1/2010 23:04:19 Detected: Virus.Win32.Sality.aa C:\documents and settings\' brun!nho~\configurações locais\dados de aplicativos\Google\Chrome\application\chrome.exe

3/1/2010 23:04:19 Untreated: Virus.Win32.Sality.aa C:\documents and settings\' brun!nho~\configurações locais\dados de aplicativos\Google\Chrome\application\chrome.exe Postponed

3/1/2010 23:04:20 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\source engine\OSE.EXE

3/1/2010 23:04:20 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\microsoft shared\source engine\OSE.EXE Postponed

3/1/2010 23:04:20 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\INFOPATH.EXE

3/1/2010 23:04:20 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\malwarebytes' anti-malware\mbam.exe

3/1/2010 23:04:20 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\INFOPATH.EXE Postponed

3/1/2010 23:04:20 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\malwarebytes' anti-malware\mbam.exe Postponed

3/1/2010 23:04:22 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\calibration\adobe gamma loader.exe

3/1/2010 23:04:22 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\calibration\adobe gamma loader.exe Postponed

3/1/2010 23:04:22 Detected: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe

3/1/2010 23:04:22 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe Postponed

3/1/2010 23:04:22 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\MSPUB.EXE

3/1/2010 23:04:22 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\microsoft office\Office12\MSPUB.EXE Postponed

3/1/2010 23:04:24 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\imageready.exe

3/1/2010 23:04:24 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\imageready.exe Postponed

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Alteração de Modo Condicional.exe

3/1/2010 23:04:45 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Alteração de Modo Condicional.exe Postponed

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Botão.exe

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Tom de Sépia.exe

3/1/2010 23:04:45 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Botão.exe Postponed

3/1/2010 23:04:45 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Criar Tom de Sépia.exe Postponed

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Foto Envelhecida.exe

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Moldura de Sombra Projetada.exe

3/1/2010 23:04:45 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Foto Envelhecida.exe Postponed

3/1/2010 23:04:45 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Moldura de Sombra Projetada.exe Postponed

3/1/2010 23:04:45 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 300 pixels.exe

3/1/2010 23:04:46 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 300 pixels.exe Postponed

3/1/2010 23:04:46 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como JPEG Medium.exe

3/1/2010 23:04:46 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como JPEG Medium.exe Postponed

3/1/2010 23:04:46 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 64 pixels.exe

3/1/2010 23:04:46 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Restringir a 64 pixels.exe Postponed

3/1/2010 23:04:46 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como Photoshop PDF.exe

3/1/2010 23:04:46 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Amostras\Droplets\Droplets do Photoshop\Salvar Como Photoshop PDF.exe Postponed

3/1/2010 23:04:55 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Required\Droplet Template.exe

3/1/2010 23:04:55 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\Adobe\photoshop 7.0\Required\Droplet Template.exe Postponed

3/1/2010 23:04:55 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\calibration\adobe gamma loader.exe

3/1/2010 23:04:55 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\calibration\adobe gamma loader.exe Postponed

3/1/2010 23:05:03 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\Workflow\AdobeWorkgroupHelper.exe

3/1/2010 23:05:03 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Adobe\Workflow\AdobeWorkgroupHelper.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroCheck.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroCheck.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroPatentActivation.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroPatentActivation.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroUpgrade.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroUpgrade.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroScoutOptions.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroScoutOptions.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeTsMan.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeTsMan.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroSearchAdvanced.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NeroSearchAdvanced.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMBCWriter.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMBCWriter.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NiReg.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NiReg.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMIndexingService.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMIndexingService.exe Postponed

3/1/2010 23:05:05 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMBgMonitor.exe

3/1/2010 23:05:05 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMBgMonitor.exe Postponed

3/1/2010 23:05:06 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

3/1/2010 23:05:06 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe Postponed

3/1/2010 23:05:06 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMTVServer.exe

3/1/2010 23:05:06 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMTVServer.exe Postponed

3/1/2010 23:05:06 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMTvWizard.exe

3/1/2010 23:05:06 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Lib\NMTvWizard.exe Postponed

3/1/2010 23:05:12 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\RemoteControl\NeroRemoteCtrlHandler.exe

3/1/2010 23:05:12 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\RemoteControl\NeroRemoteCtrlHandler.exe Postponed

3/1/2010 23:05:12 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Nero Web\SetupX.exe

3/1/2010 23:05:12 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\Ahead\Nero Web\SetupX.exe Postponed

3/1/2010 23:05:12 Detected: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\InstallShield\Engine\6\Intel 32\IKernel.exe

3/1/2010 23:05:12 Untreated: Virus.Win32.Sality.aa C:\arquivos de programas\arquivos comuns\InstallShield\Engine\6\Intel 32\IKernel.exe Postponed

3/1/2010 23:05:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE

3/1/2010 23:05:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE Postponed

3/1/2010 23:05:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE

3/1/2010 23:05:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE Postponed

3/1/2010 23:05:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\EQUATION\EQNEDT32.EXE

3/1/2010 23:05:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\EQUATION\EQNEDT32.EXE Postponed

3/1/2010 23:05:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\OINFOP12.EXE

3/1/2010 23:05:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\OINFOP12.EXE Postponed

3/1/2010 23:05:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ACECNFLT.EXE

3/1/2010 23:05:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ACECNFLT.EXE Postponed

3/1/2010 23:05:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSE7.EXE

3/1/2010 23:05:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSE7.EXE Postponed

3/1/2010 23:05:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE

3/1/2010 23:05:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLED.EXE Postponed

3/1/2010 23:05:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE

3/1/2010 23:05:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE Postponed

3/1/2010 23:05:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFLB.EXE

3/1/2010 23:05:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFLB.EXE Postponed

3/1/2010 23:05:15 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFDIAG.EXE

3/1/2010 23:05:15 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\OFFDIAG.EXE Postponed

3/1/2010 23:05:16 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE

3/1/2010 23:05:16 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE Postponed

3/1/2010 23:05:16 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\SETUP.EXE

3/1/2010 23:05:16 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\Office Setup Controller\SETUP.EXE Postponed

3/1/2010 23:05:19 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE

3/1/2010 23:05:19 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE Postponed

3/1/2010 23:05:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

3/1/2010 23:05:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe Postponed

3/1/2010 23:05:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Ask Search Assistant\uninst.exe

3/1/2010 23:05:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Ask Search Assistant\uninst.exe Postponed

3/1/2010 23:05:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\WinFlash.exe

3/1/2010 23:05:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\WinFlash.exe Postponed

3/1/2010 23:05:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\Update.exe

3/1/2010 23:05:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\Update.exe Postponed

3/1/2010 23:05:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\IO\AsIoUnins.exe

3/1/2010 23:05:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\IO\AsIoUnins.exe Postponed

3/1/2010 23:05:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\MyLogo.exe

3/1/2010 23:05:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\ASUS\ASUSUpdate\MyLogo.exe Postponed

3/1/2010 23:05:35 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Atheros Communications Inc\Atheros Ethernet Utility\dev_op_x86.exe

3/1/2010 23:05:35 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Atheros Communications Inc\Atheros Ethernet Utility\dev_op_x86.exe Postponed

3/1/2010 23:05:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe

3/1/2010 23:05:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe Postponed

3/1/2010 23:05:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe

3/1/2010 23:05:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe Postponed

3/1/2010 23:05:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe

3/1/2010 23:05:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe Postponed

3/1/2010 23:05:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe

3/1/2010 23:05:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe Postponed

3/1/2010 23:05:36 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe

3/1/2010 23:05:36 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe Postponed

3/1/2010 23:05:37 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

3/1/2010 23:05:37 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe Postponed

3/1/2010 23:05:37 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe

3/1/2010 23:05:37 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe Postponed

3/1/2010 23:05:37 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

3/1/2010 23:05:37 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe Postponed

3/1/2010 23:05:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\MPTools.exe

3/1/2010 23:05:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\MPTools.exe Postponed

3/1/2010 23:05:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe

3/1/2010 23:05:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe Postponed

3/1/2010 23:05:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Log Viewer.exe

3/1/2010 23:05:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Messenger Plus! Live\Log Viewer.exe Postponed

3/1/2010 23:05:38 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe

3/1/2010 23:05:38 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe Postponed

3/1/2010 23:06:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CLVIEW.EXE

3/1/2010 23:06:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CLVIEW.EXE Postponed

3/1/2010 23:06:13 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CNFNOT32.EXE

3/1/2010 23:06:13 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\CNFNOT32.EXE Postponed

3/1/2010 23:06:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DRAT.EXE

3/1/2010 23:06:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DRAT.EXE Postponed

3/1/2010 23:06:14 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DSSM.EXE

3/1/2010 23:06:14 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\DSSM.EXE Postponed

3/1/2010 23:06:17 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GRAPH.EXE

3/1/2010 23:06:17 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GRAPH.EXE Postponed

3/1/2010 23:06:17 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

3/1/2010 23:06:17 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE Postponed

3/1/2010 23:06:17 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe

3/1/2010 23:06:17 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe Postponed

3/1/2010 23:06:18 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveClean.exe

3/1/2010 23:06:18 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveClean.exe Postponed

3/1/2010 23:06:18 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveMigrator.exe

3/1/2010 23:06:18 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\GrooveMigrator.exe Postponed

3/1/2010 23:06:19 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE

3/1/2010 23:06:19 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\INFOPATH.EXE Postponed

3/1/2010 23:06:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\excelcnv.exe

3/1/2010 23:06:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\excelcnv.exe Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSACCESS.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANOST.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANOST.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANPST.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\SCANPST.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\VPREVIEW.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\VPREVIEW.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\1046\ONELEV.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\1046\ONELEV.EXE Postponed

3/1/2010 23:06:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE

3/1/2010 23:06:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE Postponed

3/1/2010 23:06:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE

3/1/2010 23:06:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Microsoft Office\Office12\MSPUB.EXE Postponed

3/1/2010 23:06:51 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeDwFileHelper.exe

3/1/2010 23:06:51 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeDwFileHelper.exe Postponed

3/1/2010 23:06:52 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeroCmd.exe

3/1/2010 23:06:52 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\NeroCmd.exe Postponed

3/1/2010 23:06:52 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\SecurDisc\discinfo.exe

3/1/2010 23:06:52 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Core\SecurDisc\discinfo.exe Postponed

3/1/2010 23:06:52 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe

3/1/2010 23:06:52 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe Postponed

3/1/2010 23:06:53 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero\Uninstall\UNNERO.exe

3/1/2010 23:06:53 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero\Uninstall\UNNERO.exe Postponed

3/1/2010 23:06:53 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe

3/1/2010 23:06:53 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe Postponed

3/1/2010 23:06:53 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

3/1/2010 23:06:53 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe Postponed

3/1/2010 23:06:53 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBSFtp.exe

3/1/2010 23:06:53 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBSFtp.exe Postponed

3/1/2010 23:06:55 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\BackItUp.exe

3/1/2010 23:06:55 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\BackItUp.exe Postponed

3/1/2010 23:06:55 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe

3/1/2010 23:06:55 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe Postponed

3/1/2010 23:07:05 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DMAManager.exe

3/1/2010 23:07:05 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DMAManager.exe Postponed

3/1/2010 23:07:06 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\CDSpeed.exe

3/1/2010 23:07:06 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\CDSpeed.exe Postponed

3/1/2010 23:07:06 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe

3/1/2010 23:07:06 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe Postponed

3/1/2010 23:07:06 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\InfoTool.exe

3/1/2010 23:07:06 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\InfoTool.exe Postponed

3/1/2010 23:07:06 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe

3/1/2010 23:07:06 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero Toolkit\NeroBurnRights.exe Postponed

3/1/2010 23:07:07 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe

3/1/2010 23:07:07 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe Postponed

3/1/2010 23:07:07 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\BsSndRpt.exe

3/1/2010 23:07:07 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\BsSndRpt.exe Postponed

3/1/2010 23:07:07 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\uninst.exe

3/1/2010 23:07:07 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Pando Networks\Media Booster\uninst.exe Postponed

3/1/2010 23:07:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe

3/1/2010 23:07:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Proxy Labs\ProxyCap\ProxyCap.exe Postponed

3/1/2010 23:07:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\Alcmtr.exe

3/1/2010 23:07:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\Alcmtr.exe Postponed

3/1/2010 23:07:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\ChCfg.exe

3/1/2010 23:07:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\ChCfg.exe Postponed

3/1/2010 23:07:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\KB888111xpsp2.exe

3/1/2010 23:07:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\KB888111xpsp2.exe Postponed

3/1/2010 23:07:08 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SoundMan.exe

3/1/2010 23:07:08 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SoundMan.exe Postponed

3/1/2010 23:07:09 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\RtlUpd.exe

3/1/2010 23:07:09 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\RtlUpd.exe Postponed

3/1/2010 23:07:09 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuPlayer.exe

3/1/2010 23:07:09 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuPlayer.exe Postponed

3/1/2010 23:07:09 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SkyTel.exe

3/1/2010 23:07:09 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Realtek\Audio\InstallShield\SkyTel.exe Postponed

3/1/2010 23:07:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuMaker.exe

3/1/2010 23:07:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamMenuMaker.exe Postponed

3/1/2010 23:07:10 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamPlay.exe

3/1/2010 23:07:10 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamPlay.exe Postponed

3/1/2010 23:07:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamTheater.exe

3/1/2010 23:07:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamTheater.exe Postponed

3/1/2010 23:07:11 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\Recovery.exe

3/1/2010 23:07:11 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\Recovery.exe Postponed

3/1/2010 23:07:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\TscHelp.exe

3/1/2010 23:07:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\TscHelp.exe Postponed

3/1/2010 23:07:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamRecorder.exe

3/1/2010 23:07:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamRecorder.exe Postponed

3/1/2010 23:07:12 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamtasiaStudio.exe

3/1/2010 23:07:12 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\TechSmith\Camtasia Studio 6\CamtasiaStudio.exe Postponed

3/1/2010 23:07:21 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

3/1/2010 23:07:21 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe Postponed

3/1/2010 23:07:21 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wloobe.exe

3/1/2010 23:07:21 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wloobe.exe Postponed

3/1/2010 23:07:21 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wlarp.exe

3/1/2010 23:07:21 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\installer\wlarp.exe Postponed

3/1/2010 23:07:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msvs.exe

3/1/2010 23:07:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msvs.exe Postponed

3/1/2010 23:07:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

3/1/2010 23:07:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe Postponed

3/1/2010 23:07:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcstart.exe

3/1/2010 23:07:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcstart.exe Postponed

3/1/2010 23:07:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe

3/1/2010 23:07:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe Postponed

3/1/2010 23:07:22 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe

3/1/2010 23:07:22 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe Postponed

3/1/2010 23:07:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\cleanup.exe

3/1/2010 23:07:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\cleanup.exe Postponed

3/1/2010 23:07:24 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\Uninstall.exe

3/1/2010 23:07:24 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\Uninstall.exe Postponed

3/1/2010 23:07:25 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\unpack200.exe

3/1/2010 23:07:25 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\rt\bin\unpack200.exe Postponed

3/1/2010 23:07:26 Detected: Virus.Win32.Sality.aa C:\ComboFix\CF32626.cfxxe

3/1/2010 23:07:26 Untreated: Virus.Win32.Sality.aa C:\ComboFix\CF32626.cfxxe Postponed

3/1/2010 23:07:26 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

3/1/2010 23:07:26 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe Postponed

3/1/2010 23:07:26 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\3.0.195.38\Installer\setup.exe

3/1/2010 23:07:26 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\3.0.195.38\Installer\setup.exe Postponed

3/1/2010 23:07:26 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\freedom.exe

3/1/2010 23:07:26 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Your Freedom\freedom.exe Postponed

3/1/2010 23:07:45 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleCrashHandler.exe

3/1/2010 23:07:45 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleCrashHandler.exe Postponed

3/1/2010 23:07:45 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleUpdate.exe

3/1/2010 23:07:45 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.13\GoogleUpdate.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avadmin.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avadmin.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avconfig.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avconfig.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avcenter.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avcenter.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avupgsvc.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avupgsvc.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avnotify.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avnotify.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avscan.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avscan.exe Postponed

3/1/2010 23:07:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avwsc.exe

3/1/2010 23:07:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\avwsc.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\fact.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\fact.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\licmgr.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\licmgr.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\presetup.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\presetup.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\sched.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\sched.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\update.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\update.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\updfix.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\updfix.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\setup.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\setup.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\wsctool.exe

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\wsctool.exe Postponed

3/1/2010 23:07:52 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\vcredist_x86.exe/PE_Patch

3/1/2010 23:07:52 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Configurações locais\temp\RarSFX1\basic\vcredist_x86.exe/PE_Patch Postponed

3/1/2010 23:08:06 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

3/1/2010 23:08:06 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe Postponed

3/1/2010 23:08:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\A0000301.exe

3/1/2010 23:08:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\A0000301.exe Postponed

3/1/2010 23:08:51 Detected: Trojan-Mailfinder.Win32.Agent.acn C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\fsnjp.exe/PE_Patch.UPX/UPX

3/1/2010 23:08:51 Untreated: Trojan-Mailfinder.Win32.Agent.acn C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\fsnjp.exe/PE_Patch.UPX/UPX Postponed

3/1/2010 23:08:51 Detected: Trojan.Win32.Vilsel.x C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\libxml.dll

3/1/2010 23:08:51 Untreated: Trojan.Win32.Vilsel.x C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\libxml.dll Postponed

3/1/2010 23:08:51 Detected: Trojan.Win32.Agent.clss C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\winktpl.exe/PE_Patch.UPX/UPX

3/1/2010 23:08:51 Untreated: Trojan.Win32.Agent.clss C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\winktpl.exe/PE_Patch.UPX/UPX Postponed

3/1/2010 23:08:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFi0.exe

3/1/2010 23:08:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFi0.exe Postponed

3/1/2010 23:08:51 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFix.exe

3/1/2010 23:08:51 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\' BRUN!NHO~\DoctorWeb\Quarantine\ComboFix.exe Postponed

3/1/2010 23:08:53 Detected: Virus.Win32.Sality.aa C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe

3/1/2010 23:08:53 Untreated: Virus.Win32.Sality.aa C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe Postponed

3/1/2010 23:08:57 Detected: Virus.Win32.Sality.aa C:\Fraps\uninstall.exe

3/1/2010 23:08:57 Untreated: Virus.Win32.Sality.aa C:\Fraps\uninstall.exe Postponed

3/1/2010 23:08:57 Detected: Virus.Win32.Sality.aa C:\Fraps\fraps.exe

3/1/2010 23:08:57 Untreated: Virus.Win32.Sality.aa C:\Fraps\fraps.exe Postponed

3/1/2010 23:08:57 Detected: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe

3/1/2010 23:08:57 Untreated: Virus.Win32.Sality.aa C:\HijHackThis\HiJackThis.exe Postponed

3/1/2010 23:08:58 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\dxwebsetup.exe

3/1/2010 23:08:58 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\dxwebsetup.exe Postponed

3/1/2010 23:08:58 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\UninsHs.exe

3/1/2010 23:08:58 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\UninsHs.exe Postponed

3/1/2010 23:08:59 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\grandchase.exe

3/1/2010 23:08:59 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\grandchase.exe Postponed

3/1/2010 23:09:00 Detected: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\main.exe

3/1/2010 23:09:00 Untreated: Virus.Win32.Sality.aa C:\Level Up! Games\Grand Chase Season 2\main.exe Postponed

3/1/2010 23:09:05 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe

3/1/2010 23:09:05 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe Postponed

3/1/2010 23:09:05 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe

3/1/2010 23:09:05 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe Postponed

3/1/2010 23:09:05 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\dwtrig20.exe

3/1/2010 23:09:05 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\dwtrig20.exe Postponed

3/1/2010 23:09:05 Detected: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\DW20.EXE

3/1/2010 23:09:05 Untreated: Virus.Win32.Sality.aa C:\MSOCache\All Users\{90120000-006E-0416-0000-0000000FF1CE}-C\DW20.EXE Postponed

3/1/2010 23:09:06 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CAV.exe

3/1/2010 23:09:06 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CAV.exe Postponed

3/1/2010 23:09:06 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms_Direct.exe

3/1/2010 23:09:06 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms_Direct.exe Postponed

3/1/2010 23:09:06 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\EndingBanner.exe

3/1/2010 23:09:06 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\EndingBanner.exe Postponed

3/1/2010 23:09:06 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms.exe

3/1/2010 23:09:06 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\CombatArms.exe Postponed

3/1/2010 23:09:06 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\Engine.exe

3/1/2010 23:09:06 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\Engine.exe Postponed

3/1/2010 23:09:08 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\AhnRpt.exe

3/1/2010 23:09:08 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\AhnRpt.exe Postponed

3/1/2010 23:09:08 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HsLogMgr.exe

3/1/2010 23:09:08 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HsLogMgr.exe Postponed

3/1/2010 23:09:08 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HSUpdate.exe

3/1/2010 23:09:08 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\HSUpdate.exe Postponed

3/1/2010 23:09:09 Detected: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\Update\autoup.exe

3/1/2010 23:09:09 Untreated: Virus.Win32.Sality.aa C:\Nexon\Combat Arms\HShield\Update\autoup.exe Postponed

3/1/2010 23:09:09 Detected: Virus.Win32.Sality.aa C:\NGM\NGM.exe

3/1/2010 23:09:09 Untreated: Virus.Win32.Sality.aa C:\NGM\NGM.exe Postponed

3/1/2010 23:09:10 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\download.exe

3/1/2010 23:09:10 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\download.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\FixPath.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\FixPath.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\grep.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\grep.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\isadmin.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\isadmin.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\LS.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\LS.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\moveex.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\moveex.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\psservice.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\psservice.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\RestartIt!.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\RestartIt!.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\Process.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\Process.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\SF.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\SF.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\sc.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\sc.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\sed.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\sed.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\shutdown.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\shutdown.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\vfind.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\vfind.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\unzip.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\unzip.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\WINMSG.EXE

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\WINMSG.EXE Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\zip.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\zip.exe Postponed

3/1/2010 23:09:11 Detected: Virus.Win32.Sality.aa C:\SDFix\apps\Replace\regedit.exe

3/1/2010 23:09:11 Untreated: Virus.Win32.Sality.aa C:\SDFix\apps\Replace\regedit.exe Postponed

3/1/2010 23:09:14 Detected: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe

3/1/2010 23:09:14 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\SkyTel.exe Postponed

3/1/2010 23:10:26 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE

3/1/2010 23:10:26 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE Postponed

3/1/2010 23:10:27 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE

3/1/2010 23:10:27 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE Postponed

3/1/2010 23:10:27 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE

3/1/2010 23:10:27 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE Postponed

3/1/2010 23:10:28 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE

3/1/2010 23:10:28 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE Postponed

3/1/2010 23:10:29 Detected: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE

3/1/2010 23:10:29 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE Postponed

3/1/2010 23:13:19 Detected: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe

3/1/2010 23:13:19 Untreated: Virus.Win32.Sality.aa C:\WINDOWS\system32\KB905474\wgasetup.exe Postponed

3/1/2010 23:13:32 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\msinfo32.exe

3/1/2010 23:13:32 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\MSInfo\msinfo32.exe Postponed

3/1/2010 23:13:33 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Speech\sapisvr.exe

3/1/2010 23:13:33 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Speech\sapisvr.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\iedw.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\iedw.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn2.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn2.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn1.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn1.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwrmind.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwrmind.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwtutor.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\icwtutor.exe Postponed

3/1/2010 23:13:35 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\inetwiz.exe

3/1/2010 23:13:35 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Internet Explorer\Connection Wizard\inetwiz.exe Postponed

3/1/2010 23:13:37 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\oemig50.exe

3/1/2010 23:13:37 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\oemig50.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\setup50.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\setup50.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\msimn.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\msimn.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wab.exe

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wabmig.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wab.exe Postponed

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Outlook Express\wabmig.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\wmplayer.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\wmplayer.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\migrate.exe

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\dialer.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows Media Player\migrate.exe Postponed

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\dialer.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Acessórios\wordpad.exe

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Acessórios\wordpad.exe Postponed

3/1/2010 23:13:38 Detected: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Pinball\PINBALL.EXE

3/1/2010 23:13:38 Untreated: Virus.Win32.Sality.aa D:\Arquivos de programas\Windows NT\Pinball\PINBALL.EXE Postponed

3/1/2010 23:14:12 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe

3/1/2010 23:14:12 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\ChromeSetup.exe Postponed

3/1/2010 23:14:14 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe

3/1/2010 23:14:14 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Jogos\Pokemon\POKEMON RUBY.exe Postponed

3/1/2010 23:14:15 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe

3/1/2010 23:14:15 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Menssenger.exe Postponed

3/1/2010 23:14:15 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe

3/1/2010 23:14:15 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setup.exe Postponed

3/1/2010 23:14:16 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe

3/1/2010 23:14:16 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\Firefox Setup 3.5.2.exe Postponed

3/1/2010 23:14:17 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe

3/1/2010 23:14:17 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\MsgPlusLive-482.exe Postponed

3/1/2010 23:14:18 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe

3/1/2010 23:14:18 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\wrar380br.exe Postponed

3/1/2010 23:14:18 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe

3/1/2010 23:14:18 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\SUPERAntiSpyware.exe Postponed

3/1/2010 23:14:20 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd

3/1/2010 23:14:20 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.cmd Postponed

3/1/2010 23:14:23 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe

3/1/2010 23:14:23 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Bruno\Programas\setupeng.exe Postponed

3/1/2010 23:14:24 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe

3/1/2010 23:14:24 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\amigo.exe Postponed

3/1/2010 23:14:25 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe

3/1/2010 23:14:25 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\Setup.exe Postponed

3/1/2010 23:14:25 Detected: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe

3/1/2010 23:14:25 Untreated: Virus.Win32.Sality.aa D:\Meus Documentos\Downloads\wlsetup-custom.exe Postponed

3/1/2010 23:16:59 Detected: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\GPlrLanc.exe

3/1/2010 23:16:59 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\GPlrLanc.exe Postponed

3/1/2010 23:16:59 Detected: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\Default\10talismans.exe

3/1/2010 23:16:59 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\10 Talismans\Default\10talismans.exe Postponed

3/1/2010 23:16:59 Detected: Virus.Win32.Sality.aa D:\Remote Programs\Cradle of Rome\GPlrLanc.exe

3/1/2010 23:16:59 Untreated: Virus.Win32.Sality.aa D:\Remote Programs\Cradle of Rome\GPlrLanc.exe Postponed

3/1/2010 23:17:03 Detected: Trojan.Win32.Cosmu.cps D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP1\A0000073.exe

3/1/2010 23:17:03 Untreated: Trojan.Win32.Cosmu.cps D:\System Volume Information\_restore{888BD463-12C9-4A19-B1B0-256BA597255E}\RP1\A0000073.exe Postponed

3/1/2010 23:52:43 Task stopped

3/1/2010 23:53:27 Task started

3/1/2010 23:53:31 Detected: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe

3/1/2010 23:53:31 Untreated: Virus.Win32.Sality.aa C:\Arquivos de programas\Adobe\Photoshop 7.0\ImageReady.exe Postponed

3/1/2010 23:53:42 Task Finished

 

 

 

Hijhackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:43:48, on 4/1/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\HijHackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\' BRUN!NHO~\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ProxyCap] C:\ARQUIV~1\PROXYL~1\ProxyCap\ProxyCap.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O10 - Unknown file in Winsock LSP: w2pxdrv.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

 

--

End of file - 5277 bytes

 

Ainda não consigo reinstala o antivirus...e sinto q ainda tem coisa...