Italo16 0 Denunciar post Postado Setembro 29, 2011 o ccleaner eu abro e ele fecha automaticamente no mesmo momento desinstalações de alguns programas sozinhos Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:23:11, on 29/9/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\wkego.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winoqvhmw.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads\HiJackThis.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O1 - Hosts: 199.180.132.192 www.hotmail.com O1 - Hosts: 199.180.132.192 hotmail.com O1 - Hosts: 199.180.132.192 msn.com O1 - Hosts: 199.180.132.192 www.msn.com O1 - Hosts: 199.180.132.192 live.com O1 - Hosts: 199.180.132.192 www.live.com O1 - Hosts: 173.0.61.235 www4.itau.com.br O1 - Hosts: 173.0.61.235 itau.com.br O1 - Hosts: 173.0.61.235 www.itau.com.br O1 - Hosts: 173.0.61.235 www.bancoitau.com.br O1 - Hosts: 173.0.61.235 bancoitau.com.br O1 - Hosts: 173.0.61.235 www.itaupersonnalite.com.br O1 - Hosts: 173.0.61.235 itaupersonnalite.com.br O1 - Hosts: 199.180.132.197 bb.com.br O1 - Hosts: 199.180.132.197 www.bb.com.br O1 - Hosts: 199.180.132.197 www.bancodobrasil.com.br O1 - Hosts: 199.180.132.197 bancodobrasil.com.br O1 - Hosts: 208.89.213.119 www.santander.com.br O1 - Hosts: 208.89.213.119 www4.santander.com.br O1 - Hosts: 208.89.213.119 santander.com.br O1 - Hosts: 208.89.213.119 www.santandernet.com.br O1 - Hosts: 208.89.213.119 santandernet.com.br O1 - Hosts: 208.89.213.119 www.banespa.com.br O1 - Hosts: 199.180.132.65 www.cef.com.br O1 - Hosts: 199.180.132.65 cef.com.br O1 - Hosts: 199.180.132.65 www.caixa.gov.br O1 - Hosts: 199.180.132.65 caixa.gov.br O1 - Hosts: 199.180.132.65 www.caixa.com.br O1 - Hosts: 199.180.132.65 caixa.com.br O1 - Hosts: 199.180.132.65 www.caixaeconomica.com.br O1 - Hosts: 199.180.132.65 caixaeconomica.com.br O1 - Hosts: 199.180.132.65 www.caixaeconomica.gov.br O1 - Hosts: 199.180.132.65 caixaeconomica.gov.br O1 - Hosts: 199.180.132.65 www.caixaeconomicafederal.com.br O1 - Hosts: 199.180.132.65 caixaeconomicafederal.com.br O1 - Hosts: 199.180.132.65 www.caixaeconomicafederal.gov.br O1 - Hosts: 199.180.132.65 caixaeconomicafederal.gov.br O1 - Hosts: 199.180.132.209 www.sicredi.com.br O1 - Hosts: 199.180.132.209 sicredi.com.br O1 - Hosts: 199.180.132.58 bradesco.com.br O1 - Hosts: 199.180.132.58 www.bradesco.com.br O1 - Hosts: 199.180.132.58 www4.bradesco.com.br O1 - Hosts: 199.180.132.58 www.prime.com.br O1 - Hosts: 199.180.132.58 prime.com.br O1 - Hosts: 199.180.132.58 www.bradescoprime.com.br O1 - Hosts: 199.180.132.58 bradescoprime.com.br O1 - Hosts: 199.180.132.56 www.serasa.com.br O1 - Hosts: 199.180.132.56 serasa.com.br O1 - Hosts: 199.180.132.54 www.banrisul.com.br O1 - Hosts: 199.180.132.54 www4.banrisul.com.br O1 - Hosts: 199.180.132.54 banrisul.com.br O1 - Hosts: 199.180.132.52 www2.americanexpress.com.br O1 - Hosts: 199.180.132.52 www.americanexpress.com.br O1 - Hosts: 199.180.132.52 americanexpress.com.br O1 - Hosts: 199.180.132.52 www.americanexpress.com O1 - Hosts: 199.180.132.52 americanexpress.com O1 - Hosts: 199.180.133.2 www.hsbc.com.br O1 - Hosts: 199.180.133.2 hsbc.com.br O1 - Hosts: 199.180.133.200 www.cetelem.com.br O1 - Hosts: 199.180.133.200 cetelem.com.br O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 10596 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 29, 2011 :) Olá Italo! :seta: Faça o download do HostsXpert.zip: http://www.funkytoad.com/download/HostsXpert.zip • Extraia (unzip) HostsXpert.zip para uma pasta permanente do seu drive (exemplo C:\HostsXpert) • Duplo clique em HostsXpert.exe para executar o programa. • Se disponivel, clique em "Make Hosts Writable?" (estará no canto superior direito). • Clique em "Restore Microsoft's Hosts file" e depois clique em "OK". • Clique no X para sair do programa. ______________________ :seta: Siga também esta dica: Tutorial do Norman Malware Cleaner Na sua próxima resposta poste o conteúdo do log do Norman Malware Cleaner juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois disto. Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Setembro 29, 2011 Norman Malware Cleaner v2.02.01 Copyright © 1990 - 2011, Norman ASA. Windows is running in safe mode. Note that some functionality is not available in safe mode. Please run in normal mode if possible. Norman Scanner Engine Version: 6.07.10 nvcbin.def: Version: 6.07.00, Date: 2011/09/26 17:23:06, Variants: 11989929 nvcmacro.def: Version: 6.07.00, Date: 2011/02/01 12:21:31, Variants: 20465 Operating System: Windows XP Service Pack 3 Switches: /iagree /nomt Running without NSAK Scan started: 2011/09/29 17:02:55 Running pre-scan cleanup routine... Potentially unwanted registry value: 'HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001' Deleted registry value: HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001 Potentially unwanted registry value: 'HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001' Deleted registry value: HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001 Potentially unwanted registry value: 'HKU\S-1-5-21-1708537768-1364589140-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001' Deleted registry value: HKU\S-1-5-21-1708537768-1364589140-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer --> NoResolveSearch = 0x00000001 Number of malicious objects found: 3 Number of malicious objects cleaned: 3 Scanning time: 0s Scanning system for FakeAV... Number of malicious objects found: 0 Number of malicious objects cleaned: 0 Number of malicious files found: 0 Number of malicious files cleaned: 0 Scanning time: 0s Scanning system for active rootkit activity... Number of malicious objects found: 0 Number of malicious objects cleaned: 0 Number of malicious files found: 0 Number of malicious files cleaned: 0 Scanning time: 0s Scanning running processes and process memory... Number of objects found: 371 Number of objects scanned: 371 Number of objects not scanned: 0 Number of malicious memory objects found: 0 Number of malicious objects cleaned: 0 Number of malicious files found: 0 Number of malicious files cleaned: 0 Scanning time: 31s Running custom scan... C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE: File infected with W32/Sality.AN C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DW20.EXE: Repaired C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Foxit Software\Foxit Reader\Foxit Reader.exe: Repaired C:\Arquivos de programas\Internet Explorer\iexplore.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Internet Explorer\iexplore.exe: Repaired C:\Arquivos de programas\Java\jre6\bin\jucheck.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Java\jre6\bin\jucheck.exe: Repaired C:\Arquivos de programas\Java\jre6\bin\jusched.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Java\jre6\bin\jusched.exe: Repaired C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic\mplayerc.exe: File infected with W32/Sality.AN C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic\mplayerc.exe: Repaired C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe: Repaired C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe: Repaired C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE: File infected with W32/Sality.AN C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE: Repaired C:\Arquivos de programas\Microsoft Office\Office12\Moc.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Microsoft Office\Office12\Moc.exe: Repaired C:\Arquivos de programas\Real\RealPlayer\realplay.exe: File infected with W32/Sality.BV Deleted registry value: HKCR\Applications\RealPlay.exe\shell\open\command --> (Default) = "C:\Arquivos de programas\Real\RealPlayer\realplay.exe" "%1" Deleted registry value: HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec Deleted registry value: HKLM\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec Deleted registry value: HKLM\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe = C:\Arquivos de programas\Real\RealPlayer\RealPlay.exe:*:Enabled:ipsec Deleted file: C:\Arquivos de programas\Real\RealPlayer\realplay.exe C:\Arquivos de programas\Real\RealPlayer\recordingmanager.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Real\RealPlayer\recordingmanager.exe: Repaired C:\Arquivos de programas\Real\RealPlayer\Update\realsched.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Real\RealPlayer\Update\realsched.exe: Repaired C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe: Repaired C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe: Repaired C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGallery.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGallery.exe: Repaired C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe: Repaired C:\Arquivos de programas\Windows Media Player\setup_wm.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Media Player\setup_wm.exe: Repaired C:\Arquivos de programas\Windows Media Player\wmplayer.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Windows Media Player\wmplayer.exe: Repaired C:\Arquivos de programas\WinRAR\Uninstall.exe: File infected with W32/Suspicious_Gen.ACU Removed registry key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall (--> WinRAR archiver) Deleted file: C:\Arquivos de programas\WinRAR\Uninstall.exe C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusDesktop.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusDesktop.exe: Repaired C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe: File infected with W32/Sality.AN C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe: Repaired C:\Documents and Settings\Administrador\NTUSER.DAT: Error opening file for read: 0x00000020 C:\Documents and Settings\Administrador\ntuser.dat.LOG: Error opening file for read: 0x00000020 C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_0001.0003_none_f6c591a8ff607af4\GoogleUpdateSetup.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_0001.0003_none_f6c591a8ff607af4\GoogleUpdateSetup.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_frame_helper.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_frame_helper.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_launcher.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\chrome_launcher.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Installer\setup.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Installer\setup.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_frame_helper.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_frame_helper.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_launcher.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\chrome_launcher.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Installer\setup.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Installer\setup.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleCrashHandler.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleCrashHandler.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdate.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdate.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateBroker.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateBroker.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateOnDemand.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\GoogleUpdateOnDemand.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.69\GoogleUpdateSetup.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.69\GoogleUpdateSetup.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\14.0.835.186\chrome_updater.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\14.0.835.186\chrome_updater.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020 C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG: Error opening file for read: 0x00000020 C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\Uninstall.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\Uninstall.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityBugReporter.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityBugReporter.exe: Repaired C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityWebPlayerUpdate.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\UnityWebPlayerUpdate.exe: Repaired C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\Ao_tempo_o_tempo.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\castelos.pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\chamando-deus-de-pai (1).pps: Damaged file C:\Documents and Settings\Administrador\Meus documentos\Downloads\FileFormatConverters.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Meus documentos\Downloads\FileFormatConverters.exe: Repaired C:\Documents and Settings\Administrador\Meus documentos\Downloads\RealPlayer_br.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Meus documentos\Downloads\RealPlayer_br.exe: Repaired C:\Documents and Settings\Administrador\Meus documentos\Downloads\Shockwave_Installer_Slim.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Meus documentos\Downloads\Shockwave_Installer_Slim.exe: Repaired C:\Documents and Settings\Administrador\Meus documentos\Downloads\SP27213.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Meus documentos\Downloads\SP27213.exe: Repaired C:\Documents and Settings\Administrador\Meus documentos\Downloads\UnityWebPlayer.exe: File infected with W32/Sality.AN C:\Documents and Settings\Administrador\Meus documentos\Downloads\UnityWebPlayer.exe: Repaired C:\Documents and Settings\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020 C:\Documents and Settings\NetworkService\ntuser.dat.LOG: Error opening file for read: 0x00000020 C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020 C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG: Error opening file for read: 0x00000020 C:\DriveKey\HPUSBF.EXE: File infected with W32/Sality.AN C:\DriveKey\HPUSBF.EXE: Repaired C:\DriveKey\HPUSBFW.EXE: File infected with W32/Sality.AN C:\DriveKey\HPUSBFW.EXE: Repaired C:\HijackThis\HiJackThis.exe: File infected with W32/Sality.AN C:\HijackThis\HiJackThis.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000001.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000001.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000002.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000002.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000003.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000003.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000005.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000005.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000006.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000006.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000007.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000007.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000008.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000008.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000024.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000024.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000025.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000025.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000026.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000026.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000027.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000027.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000028.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000028.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000030.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000030.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000031.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000031.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000032.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000032.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000033.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000033.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000036.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000036.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000037.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000037.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000038.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000038.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000040.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000040.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000041.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000041.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000042.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000042.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000044.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000044.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000045.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000045.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000046.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000046.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000047.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000047.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000048.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000048.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000049.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000049.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000050.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000050.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000051.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000051.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000054.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000054.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000055.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000055.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000056.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000056.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000069.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000069.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000070.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000070.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000071.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000071.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000072.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000072.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000073.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000073.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000074.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000074.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000077.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000077.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000078.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000078.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000079.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000079.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000080.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000080.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000082.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000082.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000083.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000083.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000084.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000084.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000086.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000086.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000087.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000087.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000088.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000088.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000091.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000091.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000093.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000093.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000094.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000094.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000095.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000095.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000096.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000096.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000097.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000097.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000098.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000098.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000099.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000099.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000100.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000100.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000101.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000101.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000116.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000116.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000117.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000117.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000118.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000118.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000119.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000119.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000120.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000120.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000122.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000122.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000123.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000123.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000124.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000124.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000126.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000126.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000127.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000127.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000129.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000129.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000130.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000130.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000131.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000131.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000133.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000133.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000134.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000134.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000135.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000135.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000138.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000138.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000141.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000141.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000142.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000142.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000143.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000143.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000144.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000144.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000145.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000145.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000146.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000146.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000147.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000147.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000148.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000148.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000149.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000149.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000151.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000151.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000172.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000172.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000173.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000173.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000182.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000182.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000183.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000183.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000187.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000187.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000191.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000191.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000203.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000203.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000205.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000205.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000208.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000208.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000209.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000209.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000211.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000211.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000212.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000212.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000213.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000213.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000215.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000215.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000216.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000216.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000217.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000217.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000218.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000218.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000220.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000220.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000221.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000221.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000222.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000222.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000224.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000224.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000225.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000225.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000226.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000226.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000228.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000228.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000229.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000229.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000230.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000230.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000231.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000231.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000232.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000232.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000233.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000233.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000234.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000234.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000237.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000237.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000238.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000238.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000239.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000239.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000250.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000250.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000267.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000267.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000269.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000269.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000271.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000271.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000273.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000273.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000274.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000274.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000275.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000275.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000276.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000276.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000277.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000277.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000280.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000280.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000281.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000281.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000282.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000282.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000286.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000286.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000287.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000287.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000288.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000288.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000290.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000290.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000291.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000291.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000292.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000292.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000295.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000295.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000298.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000298.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000299.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000299.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000300.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000300.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000301.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000301.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001267.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001267.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001269.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001269.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001271.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001271.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001274.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001274.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001275.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001275.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001276.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001276.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001277.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001277.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001278.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001278.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001280.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001280.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001281.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001281.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001282.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001282.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001283.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001283.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001285.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001285.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001287.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001287.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001291.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001291.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001292.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001292.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001293.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001293.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001296.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001296.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001298.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001298.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001299.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001299.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001300.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001300.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001301.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001301.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001302.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001302.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001303.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001303.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001304.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001304.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001305.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001305.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001306.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001306.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001308.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001308.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001314.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001314.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001317.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001317.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001327.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001327.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001328.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001328.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001330.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001330.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001334.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001334.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001335.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001335.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001336.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001336.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001337.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001337.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001338.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001338.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001339.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001339.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001340.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001340.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001341.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001341.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001343.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001343.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001344.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001344.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001345.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001345.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001347.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001347.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001348.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001348.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001349.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001349.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001350.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001350.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001351.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001351.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001352.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001352.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001353.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001353.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001356.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001356.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001357.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001357.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001358.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001358.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001360.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001360.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001361.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001361.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001372.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001372.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001374.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001374.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001384.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001384.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001385.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001385.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001388.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001388.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001391.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001391.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001392.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001392.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001393.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001393.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001394.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001394.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001395.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001395.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001399.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001399.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001400.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001400.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001401.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001401.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001402.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001402.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001404.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001404.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001405.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001405.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001406.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001406.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001408.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001408.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001409.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001409.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001410.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001410.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001411.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001411.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001412.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001412.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001413.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001413.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001414.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001414.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001417.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001417.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001418.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001418.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001419.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001419.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001421.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001421.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001422.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001422.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001423.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001423.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001434.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001434.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001435.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001435.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001439.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001439.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001440.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001440.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001441.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001441.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001443.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001443.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001444.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001444.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001448.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001448.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001450.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001450.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001451.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001451.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001452.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001452.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001454.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001454.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001455.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001455.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001456.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001456.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001458.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001458.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001461.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001461.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001462.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001462.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001463.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001463.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001464.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001464.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001465.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001465.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001466.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001466.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001467.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001467.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001468.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001468.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001469.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001469.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001470.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001470.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001472.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001472.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001473.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001473.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001474.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001474.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001475.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001475.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001476.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001476.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001477.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001477.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001478.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001478.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001482.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001482.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001498.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001498.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001510.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001510.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001535.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001535.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001553.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001553.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001554.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001554.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001558.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001558.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001559.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001559.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001560.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001560.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001563.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001563.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001564.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001564.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001565.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001565.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001569.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001569.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001570.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001570.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001571.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001571.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001572.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001572.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001573.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001573.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001575.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001575.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001576.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001576.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001577.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001577.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001579.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001579.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001582.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001582.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001583.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001583.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001584.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001584.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001585.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001585.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001586.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001586.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001587.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001587.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001588.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001588.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001589.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001589.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001590.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001590.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001592.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001592.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001593.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001593.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001607.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001607.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001608.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001608.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001612.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001612.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001613.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001613.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001614.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001614.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001616.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001616.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001617.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001617.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001621.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001621.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001622.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001622.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001624.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001624.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001625.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001625.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001626.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001626.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001628.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001628.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001629.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001629.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001630.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001630.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001632.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001632.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001636.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001636.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001637.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001637.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001638.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001638.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001639.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001639.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001640.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001640.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001641.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001641.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001642.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001642.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001643.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001643.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001644.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001644.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001645.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001645.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001647.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001647.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001648.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001648.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001657.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001657.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001658.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001658.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001662.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001662.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001663.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001663.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001664.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001664.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001666.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001666.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001668.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001668.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001670.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001670.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001673.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001673.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001674.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001674.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001675.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001675.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001676.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001676.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001677.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001677.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001679.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001679.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001680.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001680.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001681.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001681.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001683.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001683.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001686.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001686.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001687.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001687.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001688.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001688.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001689.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001689.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001690.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001690.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001691.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001691.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001692.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001692.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001693.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001693.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001694.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001694.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001696.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001696.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001697.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001697.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001714.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001714.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001715.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001715.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001719.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001719.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001721.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001721.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001722.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001722.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001723.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001723.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001725.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001725.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001726.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001726.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001730.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001730.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001731.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001731.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001733.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001733.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001734.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001734.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001735.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001735.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001737.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001737.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001738.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001738.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001739.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001739.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001741.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001741.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001742.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001742.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001743.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001743.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001744.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001744.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001745.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001745.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001746.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001746.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001747.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001747.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001748.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001748.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001749.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001749.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001750.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001750.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001751.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001751.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001752.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001752.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001753.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001753.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001754.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001754.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001755.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001755.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001759.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001759.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001760.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001760.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001764.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001764.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001768.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001768.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001769.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001769.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001770.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001770.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001783.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001783.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001784.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001784.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001797.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001797.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001798.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001798.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001802.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001802.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001803.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001803.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001804.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001804.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001806.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001806.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001808.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001808.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001809.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001809.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001814.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001814.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001815.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001815.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001817.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001817.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001818.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001818.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001820.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001820.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001821.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001821.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001822.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001822.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001823.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001823.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001826.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001826.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001827.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001827.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001828.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001828.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001831.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001831.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001833.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001833.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001834.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001834.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001835.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001835.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001836.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001836.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001837.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001837.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001838.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001838.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001843.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001843.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001847.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001847.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001848.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001848.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001849.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001849.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001850.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001850.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001853.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001853.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001854.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001854.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001858.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001858.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001861.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001861.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001869.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001869.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001870.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001870.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001871.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001871.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001872.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001872.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001885.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001885.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001886.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001886.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001887.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001887.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001888.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001888.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001889.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001889.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001890.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001890.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001891.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001891.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001892.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001892.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001894.scr: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001894.scr: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001896.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001896.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001899.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001899.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001900.exe: File infected with W32/Sality.BV Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001900.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001901.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001901.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001902.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001902.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001903.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001903.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001904.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001904.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001906.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001906.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001907.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001907.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001909.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001909.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001910.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001910.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001913.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001913.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001914.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001914.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001916.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001916.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001917.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001917.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001918.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001918.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001919.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001919.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001920.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001920.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001921.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001921.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001922.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001922.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001923.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001923.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001924.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001924.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001925.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001925.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001926.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001926.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001927.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001927.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001928.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001928.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001929.exe: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001929.exe: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001930.exe: File infected with W32/Suspicious_Gen.ACU Deleted file: C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001930.exe C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001931.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001931.EXE: Repaired C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001932.EXE: File infected with W32/Sality.AN C:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001932.EXE: Repaired C:\WINDOWS\ALCMTR.EXE: File infected with W32/Sality.AN C:\WINDOWS\ALCMTR.EXE: Repaired C:\WINDOWS\Network Diagnostic\xpnetdiag.exe: File infected with W32/Sality.AN C:\WINDOWS\Network Diagnostic\xpnetdiag.exe: Repaired C:\WINDOWS\system32\ctfmon.exe: File infected with W32/Sality.AN C:\WINDOWS\system32\ctfmon.exe: Error opening file for write: 0x00000020 C:\WINDOWS\system32\mspaint.exe: File infected with W32/Sality.AN C:\WINDOWS\system32\mspaint.exe: Repaired C:\WINDOWS\system32\notepad.exe: File infected with W32/Sality.AN C:\WINDOWS\system32\notepad.exe: Repaired C:\WINDOWS\system32\nwiz.exe: File infected with W32/Sality.AN C:\WINDOWS\system32\nwiz.exe: Repaired C:\WINDOWS\system32\rundll32.exe: File infected with W32/Sality.AN C:\WINDOWS\system32\rundll32.exe: Repaired C:\WINDOWS\system32\shimgvw.dll: File infected with W32/Sality.AN C:\WINDOWS\system32\shimgvw.dll: Repaired C:\WINDOWS\system32\sstext3d.scr: File infected with W32/Sality.AN C:\WINDOWS\system32\sstext3d.scr: Repaired C:\WINDOWS\system32\config\default: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\default.LOG: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\SAM: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\SAM.LOG: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\SECURITY: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\SECURITY.LOG: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\software: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\software.LOG: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\system: Error opening file for read: 0x00000020 C:\WINDOWS\system32\config\system.LOG: Error opening file for read: 0x00000020 D:\Downloads\ccsetup309.exe: File infected with W32/Sality.AN D:\Downloads\ccsetup309.exe: Repaired D:\Downloads\revosetup.exe: File infected with W32/Sality.AN D:\Downloads\revosetup.exe: Repaired D:\Downloads\Setup-MsgPlus-503.exe: File infected with W32/Sality.AN D:\Downloads\Setup-MsgPlus-503.exe: Repaired D:\Downloads\Silverlight.exe: File infected with W32/Sality.AN D:\Downloads\Silverlight.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000020.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000020.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000021.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000021.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000022.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000022.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000023.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000023.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000065.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000065.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000066.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000066.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000067.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000067.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000068.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000068.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000112.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000112.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000113.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000113.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000114.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000114.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000115.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP1\A0000115.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000190.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000190.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000192.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000192.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000193.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000193.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000194.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000194.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000201.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000201.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000202.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000202.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000204.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000204.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000206.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000206.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000264.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000264.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000265.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000265.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000266.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000266.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000268.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0000268.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001264.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001264.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001265.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001265.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001266.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001266.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001268.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001268.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001325.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001325.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001329.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001329.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001331.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001331.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001332.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001332.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001383.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001383.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001386.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001386.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001387.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001387.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001389.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001389.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001433.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001433.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001436.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001436.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001437.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001437.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001438.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP2\A0001438.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001534.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001534.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001552.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001552.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001555.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001555.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001556.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001556.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001557.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001557.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001606.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001606.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001609.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001609.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001610.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001610.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001611.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001611.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001656.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001656.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001659.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001659.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001660.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001660.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001661.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001661.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001713.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001713.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001716.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001716.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001717.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001717.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001718.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP3\A0001718.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001761.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001761.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001782.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001782.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001785.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001785.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001786.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001786.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001788.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001788.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001796.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001796.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001799.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001799.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001800.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001800.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001801.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001801.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001844.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001844.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001846.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001846.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001851.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001851.exe: Repaired D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001852.exe: File infected with W32/Sality.AN D:\System Volume Information\_restore{020D6928-9A5B-4686-865A-8876AE121027}\RP4\A0001852.exe: Repaired Number of files found: 18577 Number of archives unpacked: 631 Number of objects found: 70855 Number of objects scanned: 70837 Number of objects not scanned: 18 Number of malicious objects found: 602 Number of malicious objects cleaned: 601 Number of malicious files found: 597 Number of malicious files cleaned: 22 Scanning time: 1h 50m 18s Running post-scan cleanup routine... Number of malicious objects found: 0 Number of malicious objects cleaned: 0 Scanning time: 0s Results: Total number of files found: 18577 Total number of archives unpacked: 631 Total number of objects found: 71226 Total number of objects scanned: 71208 Total number of objects not scanned: 18 Total number of malicious objects found: 605 Total number of malicious objects cleaned: 604 Total number of malicious files found: 597 Total number of malicious files cleaned: 22 Total number of objects quarantined: 30 Total scanning time: 1h 50m 49s -------------------------------------- LOg do HijackThis \/ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:13:53, on 29/9/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winubram.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winjxaet.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7675 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 30, 2011 :) Vários arquivos foram desinfectados pelo Norman. __________________ :seta: Para evitar que os virus voltem, desative a restauração do sistema e mantenha ela desativada até que o problema tenha sido totalmente resolvido. Para isso, vá no menu: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Marque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok. __________________ :seta: Depois disto siga esta dica: Tutorial do Dr. Web CureIt Na sua próxima resposta poste este log do Dr. Web CureIt juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto. Ficamos no aguardo. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Setembro 30, 2011 não consigo acessar esse Tutorial do Dr. Web CureIt pois quando cliko ou abro em outra aba ele fecha o navegador todo ja tentei no crhome e no I.E e não consegui pois abre o site e fecha automaticamente Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 30, 2011 Para usá-lo corretamente é só seguir as dicas abaixo: * Faça o download do Dr. Web CureIt e renomeie-o para qualquer nome antes de salvá-lo respeitando a extensão .cmd (como por exemplo: Golden.cmd), (esta medida é importante para evitar que virus e/ou malwares bloqueiem o download e/ou execução do Dr. Web CureIt ou que contaminem o instalador deste programa) e salve-o no Desktop (área de trabalho do seu PC). Para isto é só seguir as dicas: Primeiramente clique neste link abaixo: ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe Surgirá a tela de confirmação do download, onde você irá confirmar o download do programa: Veja nesta imagem abaixo que na opção Nome do arquivo: você digitará Golden.cmd Clicará no botão Desktop (para que ele seja salvo na sua área de trabalho) Na opção Salvar como tipo: você selecionará a opção Todos os arquivos (*.*) E depois disto clicará no botão Salvar. Isto é mostrado na imagem abaixo: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet: * Reinicie o computador em Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança); * Caso não seja possível reiniciar o computador em Modo Seguro, faça o escaneamento no modo normal. * Dê um duplo clique em Golden.cmd e será aberta esta tela abaixo na qual você clicará no botão OK: * Mais esta tela abaixo aparecerá, e você clicará no botão OK: * Surgirá esta tela abaixo, onde você clicará em Iniciar. * Aguarde o scan inicial das áreas vitais do sistema terminar. * Quando a verificação rápida terminar, caso seja detectado algum problema, clique no botão Seleccionar todos, como mostra esta imagem: * Clique, então, no botão Curar: * O Dr. Web CureIt tentará curar o(s) arquivo(s) contaminado(s). Caso não seja possível desinfectá-lo, surgirá uma pequena janela com várias opções, na qual você escolherá a opção Mover incurável (ou Mover incuráveis), para que o(s) arquivo(s) infectado(s) seja(m) enviado(s) para a quarentena do Dr. Web CureIt como mostra esta imagem: * Poderá então aparecer uma mensagem pedindo para reiniciar o computador, clique em Não: * Depois disto clique em Opções > Alterar Definições: * Na aba Verificar desmarque a opção Análise Heurística e clique no botão Ok: * Depois disto, marque a opção Verificação Completa e clique na seta verde: * Se durante a verificação for encontrado alguma ameaça, surgirá uma janela parecida com esta abaixo perguntando se você deseja curar/mover o arquivo, na qual você clicará na opção Sim para todos: * Caso o programa não possa curar os arquivos infectados, ele irá movê-los para a pasta Quarentena, no diretório do DoctorWeb. * Assim que for concluida esta Verificação Completa, caso ainda exista algum problema que não tenha sido curado ou movido para a quarentena, clique no botão Seleccionar todos, como mostra esta imagem: * Clique, então, no botão Curar: * O Dr. Web CureIt tentará curar o(s) arquivo(s) contaminado(s). Caso não seja possível desinfectá-lo, surgirá uma pequena janela com várias opções, na qual você escolherá a opção Mover incurável (ou Mover incuráveis), para que o(s) arquivo(s) infectado(s) seja(m) enviado(s) para a quarentena do Dr. Web CureIt como mostra esta imagem: * Vá no menu superior esquerdo e clique na opção Ficheiro > Guardar lista de relatórios. * Salve a lista na sua área de trabalho (Desktop). A lista deverá ser salva como DrWeb.csv, como mostra esta imagem: * Feche o programa. * Reinicie seu computador para que o programa termine de desinfectar/mover os arquivos infectados. E depois poste os logs pedidos aqui no seu tópico. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Setembro 30, 2011 Continua Fechando esses links eu clico carrega mais fecha antes de dar tempo pra algo mais é so com esses sites que tem sobre esse progrma pq tentei baixar em outro sites e tbm fechou mais em relação as outras coisas e outros sites não fexa Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 1, 2011 Continua Fechando esses links eu clico carrega mais fecha antes de dar tempo pra algo mais é so com esses sites que tem sobre esse progrma pq tentei baixar em outro sites e tbm fechou mais em relação as outras coisas e outros sites não fexa São os malwares que ficam fazendo estes bloqueios. Hospedei o programa no endereço abaixo: http://www.4shared.com/file/N31ySmm_/amigo.html Baixe-o, descompacte-o e execute-o seguindo as dicas que te passei na resposta anterior. Mas só há uma diferença: é que no começo (depois que você o descompacta e o executa) ele mostra umas frases em inglês começando pela palavra ATTENTION, aí nesta tela você clica em OK e segue o restante das dicas que te passei para usá-lo. Ai depois você posta o log dele juntamente com novo log do Hijackthis. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 2, 2011 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:22:19, on 1/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE C:\Arquivos de programas\Microsoft\Office Live\OfficeLiveSignIn.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\winlaxga.exe C:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5595 bytes Agr Do DrWeb Processos em memória: C:\WINDOWS\Explorer.EXE:1768 Win32.Sector.8 Erradicado. notepad.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado. nwiz.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado. sstext3d.scr C:\WINDOWS\system32 Win32.Sector.5 Desinfectado. winhoma.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp Trojan.DownLoad2.22436 Eliminado. winjkscej.exe C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp Trojan.Spambot.9926 Eliminado. FileFormatConverters.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. Firefox Setup 3.6.23.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. RealPlayer_br.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. Shockwave_Installer_Slim (1).exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. Shockwave_Installer_Slim.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. SP27213.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. UnityWebPlayer.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. wlsetup-custom.exe C:\Documents and Settings\Administrador\Meus documentos\Downloads Win32.Sector.5 Desinfectado. mbamgui.exe c:\arquivos de programas\malwarebytes' anti-malware Win32.Sector.5 Desinfectado. msnmsgr.exe c:\arquivos de programas\windows live\messenger Win32.Sector.5 Desinfectado. googleupdate.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\update Win32.Sector.5 Desinfectado. winhoma.exe c:\documents and settings\administrador\configurações locais\temp Trojan.DownLoad2.22436 Eliminado. alcmtr.exe c:\windows Win32.Sector.5 Desinfectado. nwiz.exe c:\windows\system32 Win32.Sector.5 Desinfectado. mbamgui.exe c:\arquivos de programas\malwarebytes' anti-malware Win32.Sector.5 Desinfectado. msnmsgr.exe c:\arquivos de programas\windows live\messenger Win32.Sector.5 Desinfectado. old_chrome.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\chrome\application Win32.Sector.5 Desinfectado. googleupdate.exe c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\update Win32.Sector.5 Desinfectado. alcmtr.exe c:\windows Win32.Sector.5 Desinfectado. nwiz.exe c:\windows\system32 Win32.Sector.5 Desinfectado. Foxit Reader.exe C:\Arquivos de programas\Foxit Software\Foxit Reader Win32.Sector.5 Desinfectado. iexplore.exe C:\Arquivos de programas\Internet Explorer Win32.Sector.5 Desinfectado. mplayerc.exe C:\Arquivos de programas\K-Lite Codec Pack\Media Player Classic Win32.Sector.5 Desinfectado. mbam.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado. mbamgui.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware Win32.Sector.5 Desinfectado. wloobe.exe C:\Arquivos de programas\Windows Live\Installer Win32.Sector.5 Desinfectado. msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger Win32.Sector.5 Desinfectado. WLXPhotoGallery.exe C:\Arquivos de programas\Windows Live\Photo Gallery Win32.Sector.5 Desinfectado. setup_wm.exe C:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado. wmplayer.exe C:\Arquivos de programas\Windows Media Player Win32.Sector.5 Desinfectado. Log Viewer.exe C:\Arquivos de programas\Yuna Software\Messenger Plus! Win32.Sector.5 Desinfectado. PlusDesktop.exe C:\Arquivos de programas\Yuna Software\Messenger Plus! Win32.Sector.5 Desinfectado. GoogleUpdateSetup.exe C:\Documents and Settings\Administrador\Configurações locais\Apps\2.0\A03E7WTL.CM7\OODA8VE5.WH4\clic...exe_f84b370c827b5c7a_000 Win32.Sector.5 Desinfectado. chrome_frame_helper.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163 Win32.Sector.5 Desinfectado. chrome_launcher.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163 Win32.Sector.5 Desinfectado. setup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.163\Instal Win32.Sector.5 Desinfectado. chrome_frame_helper.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186 Win32.Sector.5 Desinfectado. chrome_launcher.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186 Win32.Sector.5 Desinfectado. setup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\14.0.835.186\Instal Win32.Sector.5 Desinfectado. GoogleUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update Win32.Sector.5 Desinfectado. GoogleCrashHandler.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado. GoogleUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado. GoogleUpdateBroker.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado. GoogleUpdateOnDemand.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69 Win32.Sector.5 Desinfectado. GoogleUpdateSetup.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{430FD4D0-B729-4F61-AA Win32.Sector.5 Desinfectado. chrome_updater.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5 Win32.Sector.5 Desinfectado. chrome_updater.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5 Win32.Sector.5 Desinfectado. Uninstall.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado. UnityBugReporter.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado. UnityWebPlayerUpdate.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer Win32.Sector.5 Desinfectado. winhoma.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.DownLoad2.22436 Eliminado. winjkscej.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.Spambot.9926 Eliminado. winpdiixd.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.DownLoad2.22436 Eliminado. winwfisvl.exe C:\Documents and Settings\Administrador\Configurações locais\Temp Trojan.Spambot.9926 Eliminado. HPUSBF.EXE C:\DriveKey Win32.Sector.5 Desinfectado. HPUSBFW.EXE C:\DriveKey Win32.Sector.5 Desinfectado. HiJackThis.exe C:\HijackThis Win32.Sector.5 Desinfectado. ALCMTR.EXE C:\WINDOWS Win32.Sector.5 Desinfectado. shimgvw.dll C:\WINDOWS\$NtUninstallKB2483185$ Win32.Sector.5 Desinfectado. wordpad.exe C:\WINDOWS\$NtUninstallKB923561$ Win32.Sector.5 Desinfectado. mspaint.exe C:\WINDOWS\$NtUninstallKB978706$ Win32.Sector.5 Desinfectado. nwiz.exe C:\WINDOWS\system32 Win32.Sector.5 Desinfectado. ccsetup309.exe D:\Downloads Win32.Sector.5 Desinfectado. revosetup.exe D:\Downloads Win32.Sector.5 Desinfectado. Setup-MsgPlus-503.exe D:\Downloads Win32.Sector.5 Desinfectado. Silverlight.exe D:\Downloads Win32.Sector.5 Desinfectado. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 2, 2011 :) Vários arquivos foram desinfectados pelo Dr. Web. _______________ :seta: Só confirmando com você: Você desativou a restauração do sistema, não é mesmo? Pois é preciso que ela fique desativada até o fim de nosso trabalho para evitar que os problemas voltem. ______________ :seta: Baixe o SalityKiller no link abaixo e salve-o no desktop (área de trabalho): http://support.kaspersky.com/downloads/utils/salitykiller.zip *Extraia para C:\ *Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -m *Clique [OK] *Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a. *Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -y -x -j -l sality.txt -v *Clique [OK] *Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1. *Cole o resumo localizado no final do arquivo C:\sality.txt, conforme mostrado abaixo: 23:57:51:0 Infected files: 823:57:51:0 Infected processes: 0 23:57:51:0 Infected threads: 2 23:57:51:0 Cured files: 8 23:57:51:0 Executed registry scripts: 1 Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 2, 2011 17:44:02:593 5180 Infected files: 45 17:44:02:593 5180 Infected processes: 1 17:44:02:593 5180 Infected threads: 10 17:44:02:593 5180 Cured files: 43 17:44:02:593 5180 Will be cured on reboot: 2 17:44:02:593 5180 Executed registry scripts: 1 e confirmando esta desativado a restauração de sistema Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 2, 2011 :seta: Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online: Tutorial do antivirus Nod32 Online Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador: C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt Na sua próxima resposta poste este log do Nod32 Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 3, 2011 O Ccleaner Ja Esta Abrindo Normal O pc esta rodando normal parece q os erros q eu tinha notado sumiram agr tem uma coisa meu pc antes iniciava diretamente agr aprece uma caixa com o nome administrador e pra colocar a senha msm nao tendo senha tem como desativar isso? tipo pra quando eu ligar ele ligar diretamente . ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=e951f6ef9280d1498ce444e2e5e94182 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-10-03 02:32:23 # local_time=2011-10-03 11:32:23 (-0300, Hora oficial do Brasil) # country="Brazil" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=crash # scanned=21735 # found=4 # cleaned=4 # scan_time=1793 C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Administrador\Meus documentos\FormtXP.iso multiple threats (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\All Users\Desktop\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\All Users\Menu Iniciar\Programas\eBay.url Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:40:02, on 3/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5697 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 3, 2011 agr tem uma coisa meu pc antes iniciava diretamente agr aprece uma caixa com o nome administrador e pra colocar a senha msm nao tendo senha tem como desativar isso? tipo pra quando eu ligar ele ligar diretamente :seta: Para mudar esta opção é só seguir as dicas do site abaixo: http://rainydayss.com/como-iniciar-windows-7-sem-colocar-nome-e-senha-tutorial/ __________________ :seta: Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked: O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) ____________________ :seta: Siga também, por gentileza, estas dicas: Tutorial do Ad-Remover Tutorial do Malwarebytes Anti-Malware ______________________ :seta: Na sua próxima resposta poste um novo log do Hijackthis, o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log, o log do Malwarebytes e nos diga como está o seu PC após estes procedimentos. Ficamos no aguardo. Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 3, 2011 ======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:07:27 on 03/10/2011, Normal boot Microsoft Windows XP Professional Service Pack 3 (X86) Administrador@SPEED ( ) ============== ACTION(S) ============== (!) -- Temporary files deleted. ============== ADDITIONNAL SCAN ============== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll) BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Auxiliar de Conexão do Windows Live" (C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll) ======================================== C:\Arquivos de programas\Ad-Remover\Quarantine: 0 File(s) C:\Arquivos de programas\Ad-Remover\Backup: 13 File(s) C:\Ad-Report-CLEAN[1].txt - 03/10/2011 20:07:47 (473 Byte(s)) End at: 20:08:30, 03/10/2011 ============== E.O.F ============== Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Versão da Base de Dados: 7828 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/10/2011 19:46:43 mbam-log-2011-10-03 (19-46-43).txt Tipo de Verificação: Verificação Completa (A:\|C:\|D:\|E:\|F:\|) Objetos escaneados: 177351 Tempo decorrido: 20 minuto(s), 8 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 0 Valores de Registro Infectados: 0 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 0 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: (Não foram detectados ítens maliciosos) Valores de Registro Infectados: (Não foram detectados ítens maliciosos) Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: (Não foram detectados ítens maliciosos) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:11:58, on 3/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\old_chrome.exe C:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [X'nBeep] C:\Arquivos de programas\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5337 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 4, 2011 :) Seus logs estão limpos, como está o PC? Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 4, 2011 Está bem Acho q pode se dar como resolvido os problemas q estavam foram tds corrigidos mt obrigado cara abraço. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 4, 2011 Está bemAcho q pode se dar como resolvido os problemas q estavam foram tds corrigidos mt obrigado cara abraço. :) Ficamos felizes que o problema foi resolvido. ___________________ :seta: Abra o Ad-Remover > clique no botão Uninstall e aí é só ir seguindo os passos que ele te mostra para desinstalá-lo. Pode remover também o Hostsxpert, Norman Malware Cleaner, Dr. Web CureIt e SalityKiller. ___________________ :seta: No seu log está constando que seu PC está sem antivírus e é muito importante ter um. Sugiro um ótimo antivirus gratuito para você, como o Avira AntiVir Personal Edition Classic. Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais: Tutorial do Avira AntiVir Personal Edition Classic (Instalação e Configuração) Tutorial do Avira AntiVir Personal Edition Classic (como usá-lo corretamente) ____________________ :seta: Instale estes programas e use-os agora e semanalmente para fazer uma limpeza do seu PC e para deixá-lo mais eficiente e otimizado: Ccleaner Auslogics Disk Defrag SpywareBlaster ____________________ :seta: Depois disto ative novamente a restauração do sistema. Para isso vá no menu: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Desmarque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok. ____________________ :thumbsup: Foi um prazer ajudar, conte sempre conosco! Compartilhar este post Link para o post Compartilhar em outros sites
Italo16 0 Denunciar post Postado Outubro 4, 2011 ok ja estou baixando obrigado denovo !! Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Outubro 4, 2011 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
