[Resolvido] &nbspVirus que cria arquivos com nomes diferentes

[diegoph 0]

E ai galera, estou com problemas para instalar antivirus, sempre que abro o gerenciador de tarefas eu finalizo um processo que acho que é o virus e ele sempre abre com um nome novo e tambem junto com um arquivo no formato .pif, que é um arquivo autorun.inf que fica criando, o virus tambem corrompe alguns programas em .exe

 

Log:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:52:50, on 7/6/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\trtkr.exe

C:\Arquivos de programas\Internet Download Manager\IDMan.exe

C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [startCCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iDMan] C:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-343818398-1993962763-725345543-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrador')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Download all links with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - C:\Arquivos de programas\Internet Download Manager\IEExt.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{9F8491D5-7753-47FC-8E12-8DB6788D0A0E}: NameServer = 201.10.128.2 201.10.120.3

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Arquivos de programas\Arquivos comuns\Steam\SteamService.exe

 

--

End of file - 5319 bytes

[wings 22]

Olá diegoph

 

*Baixe o OTL (...de Old_Timer) e salve-o no desktop (Área de Trabalho)

 

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

 

*Selecione as opções:

Verificar All Users

Ignorar Arquivos Microsoft

Usar WhiteList para Nomes de Companhias

Verificar Lop

Verificar Purity

 

*Clique [Verificar] e cole os relatórios OTL.txt e Extras.txt criados no desktop (Área de Trabalho)

 

*Caso os relatórios sejam grandes, acesse este link

 

*Clique [selecionar arquivo...]

 

*Localize o relatório OTL.txt no desktop (Área de Trabalho) e clique [Abrir]

 

*Clique [upload file]

 

*Cole o link gerado ao lado de Download link:

 

*Repita o procedimento para o relatório Extras.txt

[diegoph 0]

Obrigado pela ajuda.

 

Extras.txt

 

http://wikisend.com/download/269492/Extras.Txt

 

 

OTL.txt

 

http://wikisend.com/download/236660/OTL.Txt

[wings 22]

*Baixe o SalityKiller (...da Kaspersky) e salve-o em C:\

 

*Desative a Restauração do Sistema

*Clique com o botão direito do mouse em Meu Computador e selecione Propriedades

*Clique em Restauração do Sistema

*Selecione a opção Desativar Restauração do Sistema

*Clique [Aplicar] > [sim] > [OK]

 

*Este programa será executado em 2 janelas distintas ao mesmo tempo!!

 

*A primeira janela:

 

*Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -m

 

*Clique [OK]

 

*Não feche esta janela!! Se desejar, minimize-a.

 

*A segunda janela:

 

*Clique [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -y -l sality.txt

 

*Clique [OK]

 

*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.

 

*Cole o resumo localizado no final do arquivo C:\sality.txt, conforme mostrado abaixo:

23:57:51:0 Infected files: 8

23:57:51:0 Infected processes: 0

23:57:51:0 Infected threads: 2

23:57:51:0 Cured files: 8

23:57:51:0 Executed registry scripts: 1

[diegoph 0]

LOG

 

 

17:52:43:375 2700 scanning threads ...

17:52:45:406 2700

17:52:45:406 2700 scanning processes ...

17:52:48:125 2700 C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe infected Virus.Win32.Sality.ag ...17:52:48:421 2700 terminated

17:52:53:640 2700 C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe infected Virus.Win32.Sality.ag ...17:52:53:640 2700 will be cured on reboot

17:52:53:656 2700

17:52:53:656 2700 fixing registry ...

17:52:53:656 0540

Monitoring thread started

17:52:53:656 2700 SalityRegCure: Restoring general registry keys

17:52:53:656 2700 SalityRegCure: Fixing system.ini

17:52:53:656 2700

17:52:53:656 2700 scanning drives ...

17:52:53:656 2700 scanning C:\ ...

17:53:03:921 2700 C:\!KillBox\ixlvhc.pif infected Virus.Win32.Sality.ag ...17:53:03:921 2700 cured

17:53:08:656 2700 C:\AMD\Support\12-4_xp32_dd_ccc\Packages\Apps\dotnetfx\dotnetfx\dotnetfx.exe infected Virus.Win32.Sality.ag ...17:53:08:656 2700 cured

17:53:19:640 2700 C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe infected Virus.Win32.Sality.ag ...17:53:19:640 2700 cured

17:53:21:078 2700 C:\Arquivos de programas\Arquivos comuns\Steam\SteamService.exe infected Virus.Win32.Sality.ag ...17:53:21:078 2700 cured

17:53:27:046 2700 C:\Arquivos de programas\ATI\CIM\Bin\SetACL.exe infected Virus.Win32.Sality.ag ...17:53:27:046 2700 cured

17:53:34:187 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe infected Virus.Win32.Sality.ag ...17:53:34:187 2700 cured

17:53:40:437 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe infected Virus.Win32.Sality.ag ...17:53:40:437 2700 cured

17:53:46:921 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\DXStress.exe infected Virus.Win32.Sality.ag ...17:53:46:921 2700 cured

17:53:47:625 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\installShell.exe infected Virus.Win32.Sality.ag ...17:53:47:625 2700 cured

17:53:51:156 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe infected Virus.Win32.Sality.ag ...17:53:51:156 2700 cured

17:53:52:375 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe infected Virus.Win32.Sality.ag ...17:53:52:375 2700 cured

17:53:56:218 2700 C:\Arquivos de programas\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe infected Virus.Win32.Sality.ag ...17:53:56:218 2700 cured

17:54:01:906 2700 C:\Arquivos de programas\Google\Update\GoogleUpdate.exe infected Virus.Win32.Sality.ag ...17:54:01:906 2700 cured

17:54:05:843 2700 C:\Arquivos de programas\Havij\Havij.exe infected Virus.Win32.Sality.ag ...17:54:05:843 2700 cured

17:54:12:000 2700 C:\Arquivos de programas\Havij\unins000.exe infected Virus.Win32.Sality.ag ...17:54:12:000 2700 cured

17:54:21:156 2700 C:\Arquivos de programas\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe infected Virus.Win32.Sality.ag ...17:54:21:156 2700 cured

17:54:28:812 2700 C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe infected Virus.Win32.Sality.ag ...17:54:28:812 2700 cured

17:54:33:218 2700 C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe infected Virus.Win32.Sality.ag ...17:54:33:218 2700 cured

17:54:35:359 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\RtlUpd.exe infected Virus.Win32.Sality.ag ...17:54:35:359 2700 cured

17:54:41:796 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\Alcmtr.exe infected Virus.Win32.Sality.ag ...17:54:41:796 2700 cured

17:54:42:796 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\RtkAudioService.exe infected Virus.Win32.Sality.ag ...17:54:42:796 2700 cured

17:54:48:359 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\RtlUpd.exe infected Virus.Win32.Sality.ag ...17:54:48:359 2700 cured

17:54:55:750 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\SkyTel.exe infected Virus.Win32.Sality.ag ...17:54:55:750 2700 cured

17:55:01:656 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\SoundMan.exe infected Virus.Win32.Sality.ag ...17:55:01:656 2700 cured

17:55:08:734 2700 C:\Arquivos de programas\Realtek\Audio\Drivers\WDM\vncutil.exe infected Virus.Win32.Sality.ag ...17:55:08:734 2700 cured

17:55:17:250 2700 C:\Arquivos de programas\Steam\steamapps\mombusph\counter-strike\hl.exe infected Virus.Win32.Sality.ag ...17:55:17:250 2700 cured

17:55:18:421 2700 C:\Arquivos de programas\Steam\WriteMiniDump.exe infected Virus.Win32.Sality.ag ...17:55:18:421 2700 cured

17:55:23:390 2700 C:\Arquivos de programas\Windows Live\Messenger\msvs.exe infected Virus.Win32.Sality.ag ...17:55:23:390 2700 cured

17:55:28:781 2700 C:\Arquivos de programas\Yuna Software\Messenger Plus!\Log Viewer.exe infected Virus.Win32.Sality.ag ...17:55:28:781 2700 cured

17:55:34:078 2700 C:\Arquivos de programas\Yuna Software\Messenger Plus!\MPTools.exe infected Virus.Win32.Sality.ag ...17:55:34:078 2700 cured

17:55:41:656 2700 C:\Arquivos de programas\Yuna Software\Messenger Plus!\Uninstall.exe infected Virus.Win32.Sality.ag ...17:55:41:656 2700 cured

17:56:16:781 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Compressed\Havij 1.15 Free.exe infected Virus.Win32.Sality.ag ...17:56:16:781 2700 cured

17:56:21:078 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\dds(1).scr infected Virus.Win32.Sality.ag ...17:56:21:078 2700 cured

17:56:22:015 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\dds.scr infected Virus.Win32.Sality.ag ...17:56:22:015 2700 cured

17:56:24:312 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\dxwebsetup.exe infected Virus.Win32.Sality.ag ...17:56:24:312 2700 cured

17:56:30:671 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\10790-Pocket-Killbox-2_0_0_978.exe infected Virus.Win32.Sality.ag ...17:56:30:687 2700 cured

17:56:37:687 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\ccsetup319.exe infected Virus.Win32.Sality.ag ...17:56:37:687 2700 cured

17:56:46:750 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\ComboFix.exe infected Virus.Win32.Sality.ag ...17:56:46:750 2700 cured

17:56:56:078 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\ComboFix_2.exe infected Virus.Win32.Sality.ag ...17:56:56:078 2700 cured

17:57:03:750 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\dotNetFx35setup.exe infected Virus.Win32.Sality.ag ...17:57:03:750 2700 cured

17:57:04:625 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\HiJackThis.exe infected Virus.Win32.Sality.ag ...17:57:04:625 2700 cured

17:57:08:812 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\sXeInjectedSetup.12.3.Fix.5.exe infected Virus.Win32.Sality.ag ...17:57:08:812 2700 cured

17:57:14:750 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\sXeInjectedSetup.12.3.Fix.5_2.exe infected Virus.Win32.Sality.ag ...17:57:14:750 2700 cured

17:57:25:125 2700 C:\Documents and Settings\Diego\Meus documentos\Downloads\Programs\WDM_R268_2.exe infected Virus.Win32.Sality.ag ...17:57:25:125 2700 cured

17:57:36:859 2700 C:\Perl\bin\a2p.exe infected Virus.Win32.Sality.ag ...17:57:36:859 2700 cured

17:57:45:390 2700 C:\Perl\bin\perl.exe infected Virus.Win32.Sality.ag ...17:57:45:390 2700 cured

17:57:48:093 2700 C:\Perl\bin\perl5.14.2.exe infected Virus.Win32.Sality.ag ...17:57:48:093 2700 cured

17:57:57:156 2700 C:\Perl\bin\perlglob.exe infected Virus.Win32.Sality.ag ...17:57:57:156 2700 cured

17:58:04:718 2700 C:\Perl\bin\wperl.exe infected Virus.Win32.Sality.ag ...17:58:04:718 2700 cured

17:59:08:843 2700 C:\Qoobox\Quarantine\D\ixlvhc.pif.vir infected Virus.Win32.Sality.ag ...17:59:08:843 2700 cured

17:59:15:890 2700 C:\Qoobox\Quarantine\D\jgtb.exe.vir infected Virus.Win32.Sality.ag ...17:59:15:890 2700 cured

17:59:16:750 2700 C:\vpcwi.pif infected Virus.Win32.Sality.ag ...17:59:16:750 2700 cured

18:01:41:093 2700 scanning D:\ ...

18:01:44:453 2700 D:\Arquivos\PAGINAS - CONSULTAS - ENGENHARIA - PHPS - TXTS\pagina - engenhearia - listas\auto inbox\AutoInbox.exe infected Virus.Win32.Sality.ag ...18:01:44:453 2700 cured

18:01:54:046 2700 D:\Arquivos\PAGINAS - CONSULTAS - ENGENHARIA - PHPS - TXTS\pagina - engenhearia - listas\lista emails\50 milhoes não terminada\50 milhões1\estados\Sao Paulo - 1806552\Estado - 1304454\Separador.exe infected Virus.Win32.Sality.ag ...18:01:54:046 2700 cured

18:02:04:765 2700 D:\Arquivos\PAGINAS - CONSULTAS - ENGENHARIA - PHPS - TXTS\pagina - engenhearia - listas\lista emails\50 milhoes não terminada\50 milhões1\provedores\ig.com.br\Separador.exe infected Virus.Win32.Sality.ag ...18:02:04:765 2700 cured

18:02:11:562 2700 D:\Arquivos\PAGINAS - CONSULTAS - ENGENHARIA - PHPS - TXTS\pagina - engenhearia - listas\lista emails\lista1jafoi\PHttpEmail.exe infected Virus.Win32.Sality.ag ...18:02:11:562 2700 cured

18:02:15:546 2700 D:\Arquivos\PAGINAS - CONSULTAS - ENGENHARIA - PHPS - TXTS\pagina - engenhearia - listas\lista emails\separador.exe infected Virus.Win32.Sality.ag ...18:02:15:546 2700 cured

18:02:23:046 2700 D:\Arquivos\Programas\Joom scale BRUTE FORCE AND DEFACE templates.beez\Joomla Brute v.2\Brute v.2.exe infected Virus.Win32.Sality.ag ...18:02:23:046 2700 cured

18:02:25:140 2700 D:\Arquivos\Programas\www.guiadohacker.com.br - HOTSPOT_SHILD_MAQUEADOR_IP_cyberdexter\www.guiadohacker.com.br - HSS-1.56-install-anchorfree-238-conduit2_cyberdexter.exe infected Virus.Win32.Sality.ag ...18:02:25:140 2700 cured

18:02:27:515 2700 D:\Arquivos\Video Aulas - Cursos\Curso Deface - Guia do Hacker\aula 2\Aula 2\NetDeviLz SQL Scanner.exe infected Virus.Win32.Sality.ag ...18:02:27:515 2700 cured

18:02:32:375 2700 D:\Arquivos\Video Aulas - Cursos\Curso Deface - Guia do Hacker\aula 2\Aula 2\SQL_Injection_Tool_v2.1a\SQL Injection Tool v2.1a.exe infected Virus.Win32.Sality.ag ...18:02:32:375 2700 cured

18:02:42:468 2700 D:\Arquivos\Video Aulas - Cursos\Curso Delphi, Logica De Programação - Mjailton\Curso Completo Delphi\CD01\Media\Common\Programs\CamPlay.exe infected Virus.Win32.Sality.ag ...18:02:42:468 2700 cured

18:02:49:937 2700 D:\Arquivos\Video Aulas - Cursos\Curso Delphi, Logica De Programação - Mjailton\Curso Completo Delphi\CD01\Modulo_II_-_Delphi.exe infected Virus.Win32.Sality.ag ...18:02:49:937 2700 cured

18:02:51:734 2700 D:\Arquivos\Video Aulas - Cursos\Curso Delphi, Logica De Programação - Mjailton\Curso Completo Delphi\CD01\tscc.exe infected Virus.Win32.Sality.ag ...18:02:51:734 2700 cured

18:02:58:765 2700 D:\Arquivos\Video Aulas - Cursos\Deixando Trojan,KL ETCS indetectaveis\criptograf.exe infected Virus.Win32.Sality.ag ...18:02:58:765 2700 cured

18:03:04:468 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\3_e_4_parte_Delphi_a_favor_dos_hackers\3_e_4_parte_Delphi_a_favor_dos_hackers\Aula 03 - Criando um pequeno cliente-servidor\MyTrojan\MyTrojan\Cliente\Cliente.exe infected Virus.Win32.Sality.ag ...18:03:04:468 2700 cured

18:03:07:796 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\3_e_4_parte_Delphi_a_favor_dos_hackers\3_e_4_parte_Delphi_a_favor_dos_hackers\Aula 03 - Criando um pequeno cliente-servidor\MyTrojan\MyTrojan\Serv\serv.exe infected Virus.Win32.Sality.ag ...18:03:07:796 2700 cured

18:03:17:328 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\7_e_8_parte_Delphi_a_favor_dos_hackers\7_e_8_parte_Delphi_a_favor_dos_hackers\Aula 08 - Criando Um HoneyPot\Skin\demos\demo\Project1.exe infected Virus.Win32.Sality.ag ...18:03:17:328 2700 cured

18:03:24:046 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\7_e_8_parte_Delphi_a_favor_dos_hackers\7_e_8_parte_Delphi_a_favor_dos_hackers\Aula 08 - Criando Um HoneyPot\Skin\package\Project1.exe infected Virus.Win32.Sality.ag ...18:03:24:046 2700 cured

18:03:25:296 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\7_e_8_parte_Delphi_a_favor_dos_hackers\7_e_8_parte_Delphi_a_favor_dos_hackers\Aula 08 - Criando Um HoneyPot\Skin\SkinBuilder\Builder.exe infected Virus.Win32.Sality.ag ...18:03:25:296 2700 cured

18:03:28:093 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\7_e_8_parte_Delphi_a_favor_dos_hackers\7_e_8_parte_Delphi_a_favor_dos_hackers\Aula 08 - Criando Um HoneyPot\Skin\SkinBuilder\Cde.exe infected Virus.Win32.Sality.ag ...18:03:28:093 2700 cured

18:03:31:625 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\7_e_8_parte_Delphi_a_favor_dos_hackers\7_e_8_parte_Delphi_a_favor_dos_hackers\Aula 08 - Criando Um HoneyPot\Skin\source\Project1.exe infected Virus.Win32.Sality.ag ...18:03:31:625 2700 cured

18:03:33:093 2700 D:\Arquivos\Video Aulas - Cursos\Delphi - Curso Hacker\9_e_10_parte_Delphi_a_favor_dos_hackers\9_e_10_parte_Delphi_a_favor_dos_hackers\Aula 09 - Implementando o HoneyPot\PopUp\sample\Project1.exe infected Virus.Win32.Sality.ag ...18:03:33:093 2700 cured

18:03:41:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP1\A0000719.exe infected Virus.Win32.Sality.ag ...18:03:41:328 2700 cured

18:03:50:359 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP1\A0000720.exe infected Virus.Win32.Sality.ag ...18:03:50:359 2700 cured

18:03:56:562 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP1\A0000727.exe infected Virus.Win32.Sality.ag ...18:03:56:562 2700 cured

18:04:02:859 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP1\A0000729.exe infected Virus.Win32.Sality.ag ...18:04:02:859 2700 cured

18:04:10:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002919.exe infected Virus.Win32.Sality.ag ...18:04:10:312 2700 cured

18:04:13:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002920.exe infected Virus.Win32.Sality.ag ...18:04:13:234 2700 cured

18:04:23:437 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002922.pif infected Virus.Win32.Sality.ag ...18:04:23:437 2700 cured

18:04:31:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002923.exe infected Virus.Win32.Sality.ag ...18:04:31:218 2700 cured

18:04:33:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002925.exe infected Virus.Win32.Sality.ag ...18:04:33:078 2700 cured

18:04:36:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002938.exe infected Virus.Win32.Sality.ag ...18:04:36:218 2700 cured

18:04:38:109 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002942.exe infected Virus.Win32.Sality.ag ...18:04:38:109 2700 cured

18:04:40:296 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002943.exe infected Virus.Win32.Sality.ag ...18:04:40:296 2700 cured

18:04:48:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002944.exe infected Virus.Win32.Sality.ag ...18:04:48:484 2700 cured

18:04:54:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002945.exe infected Virus.Win32.Sality.ag ...18:04:54:328 2700 cured

18:04:56:921 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0002946.exe infected Virus.Win32.Sality.ag ...18:04:56:921 2700 cured

18:05:04:203 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003921.exe infected Virus.Win32.Sality.ag ...18:05:04:203 2700 cured

18:05:07:125 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003922.exe infected Virus.Win32.Sality.ag ...18:05:07:125 2700 cured

18:05:17:421 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003924.pif infected Virus.Win32.Sality.ag ...18:05:17:421 2700 cured

18:05:25:125 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003926.exe infected Virus.Win32.Sality.ag ...18:05:25:125 2700 cured

18:05:26:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003928.exe infected Virus.Win32.Sality.ag ...18:05:26:984 2700 cured

18:05:30:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003942.exe infected Virus.Win32.Sality.ag ...18:05:30:078 2700 cured

18:05:31:968 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003946.exe infected Virus.Win32.Sality.ag ...18:05:31:968 2700 cured

18:05:34:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003948.exe infected Virus.Win32.Sality.ag ...18:05:34:171 2700 cured

18:05:42:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003949.exe infected Virus.Win32.Sality.ag ...18:05:42:312 2700 cured

18:05:48:125 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003950.exe infected Virus.Win32.Sality.ag ...18:05:48:125 2700 cured

18:05:50:687 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP10\A0003951.exe infected Virus.Win32.Sality.ag ...18:05:50:687 2700 cured

18:06:00:921 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP11\A0004240.pif infected Virus.Win32.Sality.ag ...18:06:00:921 2700 cured

18:06:11:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP12\A0004256.pif infected Virus.Win32.Sality.ag ...18:06:11:171 2700 cured

18:06:18:546 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004930.exe infected Virus.Win32.Sality.ag ...18:06:18:546 2700 cured

18:06:21:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004931.exe infected Virus.Win32.Sality.ag ...18:06:21:734 2700 cured

18:06:29:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004933.exe infected Virus.Win32.Sality.ag ...18:06:29:484 2700 cured

18:06:31:343 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004934.exe infected Virus.Win32.Sality.ag ...18:06:31:343 2700 cured

18:06:41:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004935.pif infected Virus.Win32.Sality.ag ...18:06:41:609 2700 cured

18:06:44:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004943.exe infected Virus.Win32.Sality.ag ...18:06:44:734 2700 cured

18:06:46:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004946.exe infected Virus.Win32.Sality.ag ...18:06:46:609 2700 cured

18:06:48:828 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004947.exe infected Virus.Win32.Sality.ag ...18:06:48:828 2700 cured

18:06:56:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004950.exe infected Virus.Win32.Sality.ag ...18:06:56:984 2700 cured

18:07:02:812 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004952.exe infected Virus.Win32.Sality.ag ...18:07:02:812 2700 cured

18:07:05:375 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP13\A0004958.exe infected Virus.Win32.Sality.ag ...18:07:05:375 2700 cured

18:07:15:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP15\A0005092.pif infected Virus.Win32.Sality.ag ...18:07:15:609 2700 cured

18:07:19:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP16\A0005169.exe infected Virus.Win32.Sality.ag ...18:07:19:328 2700 cured

18:07:29:562 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP17\A0005176.pif infected Virus.Win32.Sality.ag ...18:07:29:562 2700 cured

18:07:31:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP17\A0005178.exe infected Virus.Win32.Sality.ag ...18:07:31:984 2700 cured

18:07:35:125 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005237.exe infected Virus.Win32.Sality.ag ...18:07:35:125 2700 cured

18:07:37:000 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005238.exe infected Virus.Win32.Sality.ag ...18:07:37:000 2700 cured

18:07:39:187 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005239.exe infected Virus.Win32.Sality.ag ...18:07:39:187 2700 cured

18:07:47:359 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005241.exe infected Virus.Win32.Sality.ag ...18:07:47:359 2700 cured

18:07:53:203 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005244.exe infected Virus.Win32.Sality.ag ...18:07:53:203 2700 cured

18:07:55:781 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005245.exe infected Virus.Win32.Sality.ag ...18:07:55:781 2700 cured

18:08:03:046 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005246.exe infected Virus.Win32.Sality.ag ...18:08:03:046 2700 cured

18:08:06:015 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005247.exe infected Virus.Win32.Sality.ag ...18:08:06:015 2700 cured

18:08:13:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005248.exe infected Virus.Win32.Sality.ag ...18:08:13:750 2700 cured

18:08:15:671 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005254.exe infected Virus.Win32.Sality.ag ...18:08:15:671 2700 cured

18:08:18:156 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005370.exe infected Virus.Win32.Sality.ag ...18:08:18:171 2700 cured

18:08:18:812 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005371.exe infected Virus.Win32.Sality.ag ...18:08:18:812 2700 cured

18:08:19:140 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005373.exe infected Virus.Win32.Sality.ag ...18:08:19:140 2700 cured

18:08:21:640 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005377.exe infected Virus.Win32.Sality.ag ...18:08:21:640 2700 cured

18:08:26:156 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005380.exe infected Virus.Win32.Sality.ag ...18:08:26:156 2700 cured

18:08:32:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005383.exe infected Virus.Win32.Sality.ag ...18:08:32:218 2700 cured

18:08:36:140 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005384.exe infected Virus.Win32.Sality.ag ...18:08:36:140 2700 cured

18:08:42:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005386.exe infected Virus.Win32.Sality.ag ...18:08:42:234 2700 cured

18:08:43:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005390.exe infected Virus.Win32.Sality.ag ...18:08:43:171 2700 cured

18:08:51:937 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005391.exe infected Virus.Win32.Sality.ag ...18:08:51:953 2700 cured

18:08:57:671 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005395.exe infected Virus.Win32.Sality.ag ...18:08:57:671 2700 cured

18:09:03:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005398.exe infected Virus.Win32.Sality.ag ...18:09:03:890 2700 cured

18:09:05:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005399.exe infected Virus.Win32.Sality.ag ...18:09:05:312 2700 cured

18:09:14:437 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005400.exe infected Virus.Win32.Sality.ag ...18:09:14:437 2700 cured

18:09:21:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005408.exe infected Virus.Win32.Sality.ag ...18:09:21:984 2700 cured

18:09:24:156 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005411.exe infected Virus.Win32.Sality.ag ...18:09:24:156 2700 cured

18:09:28:968 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP18\A0005413.exe infected Virus.Win32.Sality.ag ...18:09:28:968 2700 cured

18:09:39:250 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP19\A0005488.pif infected Virus.Win32.Sality.ag ...18:09:39:250 2700 cured

18:09:46:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP20\A0005537.exe infected Virus.Win32.Sality.ag ...18:09:46:734 2700 cured

18:09:53:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP20\A0005538.exe infected Virus.Win32.Sality.ag ...18:09:53:750 2700 cured

18:09:55:250 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP20\A0005542.exe infected Virus.Win32.Sality.ag ...18:09:55:250 2700 cured

18:10:05:500 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP21\A0005548.pif infected Virus.Win32.Sality.ag ...18:10:05:500 2700 cured

18:10:15:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005647.pif infected Virus.Win32.Sality.ag ...18:10:15:750 2700 cured

18:10:18:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005667.exe infected Virus.Win32.Sality.ag ...18:10:18:171 2700 cured

18:10:18:468 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005669.exe infected Virus.Win32.Sality.ag ...18:10:18:468 2700 cured

18:10:21:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005672.exe infected Virus.Win32.Sality.ag ...18:10:21:265 2700 cured

18:10:31:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005673.exe infected Virus.Win32.Sality.ag ...18:10:31:093 2700 cured

18:10:32:453 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005674.exe infected Virus.Win32.Sality.ag ...18:10:32:453 2700 cured

18:10:33:296 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005675.exe infected Virus.Win32.Sality.ag ...18:10:33:296 2700 cured

18:10:41:687 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005679.exe infected Virus.Win32.Sality.ag ...18:10:41:687 2700 cured

18:10:45:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005682.exe infected Virus.Win32.Sality.ag ...18:10:45:750 2700 cured

18:10:48:531 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005684.exe infected Virus.Win32.Sality.ag ...18:10:48:531 2700 cured

18:10:49:296 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005686.exe infected Virus.Win32.Sality.ag ...18:10:49:296 2700 cured

18:10:53:843 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005689.exe infected Virus.Win32.Sality.ag ...18:10:53:843 2700 cured

18:11:01:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005693.exe infected Virus.Win32.Sality.ag ...18:11:01:093 2700 cured

18:11:03:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005696.exe infected Virus.Win32.Sality.ag ...18:11:03:093 2700 cured

18:11:08:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP22\A0005703.exe infected Virus.Win32.Sality.ag ...18:11:08:406 2700 cured

18:11:18:640 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP23\A0005742.pif infected Virus.Win32.Sality.ag ...18:11:18:640 2700 cured

18:11:27:140 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006246.exe infected Virus.Win32.Sality.ag ...18:11:27:140 2700 cured

18:11:36:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006261.exe infected Virus.Win32.Sality.ag ...18:11:36:984 2700 cured

18:11:38:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006272.exe infected Virus.Win32.Sality.ag ...18:11:38:281 2700 cured

18:11:44:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006273.exe infected Virus.Win32.Sality.ag ...18:11:44:312 2700 cured

18:11:51:781 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006274.exe infected Virus.Win32.Sality.ag ...18:11:51:781 2700 cured

18:11:54:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006275.exe infected Virus.Win32.Sality.ag ...18:11:54:281 2700 cured

18:12:03:046 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006276.exe infected Virus.Win32.Sality.ag ...18:12:03:046 2700 cured

18:12:04:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006313.exe infected Virus.Win32.Sality.ag ...18:12:04:890 2700 cured

18:12:15:109 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006315.pif infected Virus.Win32.Sality.ag ...18:12:15:109 2700 cured

18:12:17:000 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006316.exe infected Virus.Win32.Sality.ag ...18:12:17:000 2700 cured

18:12:21:859 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006317.exe infected Virus.Win32.Sality.ag ...18:12:21:859 2700 cured

18:12:31:531 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006318.exe infected Virus.Win32.Sality.ag ...18:12:31:531 2700 cured

18:12:39:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006319.exe infected Virus.Win32.Sality.ag ...18:12:39:078 2700 cured

18:12:40:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006320.exe infected Virus.Win32.Sality.ag ...18:12:40:890 2700 cured

18:12:47:812 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006321.exe infected Virus.Win32.Sality.ag ...18:12:47:812 2700 cured

18:12:53:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006332.exe infected Virus.Win32.Sality.ag ...18:12:53:281 2700 cured

18:12:56:593 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006333.exe infected Virus.Win32.Sality.ag ...18:12:56:593 2700 cured

18:13:05:625 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006343.exe infected Virus.Win32.Sality.ag ...18:13:05:625 2700 cured

18:13:12:250 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006360.exe infected Virus.Win32.Sality.ag ...18:13:12:250 2700 cured

18:13:13:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006361.exe infected Virus.Win32.Sality.ag ...18:13:13:484 2700 cured

18:13:16:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006362.exe infected Virus.Win32.Sality.ag ...18:13:16:328 2700 cured

18:13:19:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006363.exe infected Virus.Win32.Sality.ag ...18:13:19:406 2700 cured

18:13:20:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006364.exe infected Virus.Win32.Sality.ag ...18:13:20:734 2700 cured

18:13:25:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006365.exe infected Virus.Win32.Sality.ag ...18:13:25:406 2700 cured

18:13:35:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006366.exe infected Virus.Win32.Sality.ag ...18:13:35:265 2700 cured

18:13:43:187 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006370.exe infected Virus.Win32.Sality.ag ...18:13:43:187 2700 cured

18:13:49:187 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006371.exe infected Virus.Win32.Sality.ag ...18:13:49:187 2700 cured

18:13:52:843 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006372.exe infected Virus.Win32.Sality.ag ...18:13:52:843 2700 cured

18:13:58:687 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006373.exe infected Virus.Win32.Sality.ag ...18:13:58:687 2700 cured

18:14:01:109 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006374.exe infected Virus.Win32.Sality.ag ...18:14:01:109 2700 cured

18:14:04:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006375.exe infected Virus.Win32.Sality.ag ...18:14:04:171 2700 cured

18:14:13:562 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006376.exe infected Virus.Win32.Sality.ag ...18:14:13:562 2700 cured

18:14:16:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006377.exe infected Virus.Win32.Sality.ag ...18:14:16:093 2700 cured

18:14:26:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006378.exe infected Virus.Win32.Sality.ag ...18:14:26:218 2700 cured

18:14:32:796 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006379.exe infected Virus.Win32.Sality.ag ...18:14:32:796 2700 cured

18:14:42:625 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006380.exe infected Virus.Win32.Sality.ag ...18:14:42:625 2700 cured

18:14:52:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006381.exe infected Virus.Win32.Sality.ag ...18:14:52:734 2700 cured

18:14:55:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006382.exe infected Virus.Win32.Sality.ag ...18:14:55:234 2700 cured

18:14:56:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006383.exe infected Virus.Win32.Sality.ag ...18:14:56:890 2700 cured

18:15:03:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006384.exe infected Virus.Win32.Sality.ag ...18:15:03:078 2700 cured

18:15:03:828 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006385.exe infected Virus.Win32.Sality.ag ...18:15:03:828 2700 cured

18:15:08:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006387.exe infected Virus.Win32.Sality.ag ...18:15:08:734 2700 cured

18:15:14:656 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006388.exe infected Virus.Win32.Sality.ag ...18:15:14:656 2700 cured

18:15:19:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006389.exe infected Virus.Win32.Sality.ag ...18:15:19:984 2700 cured

18:15:23:343 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006390.exe infected Virus.Win32.Sality.ag ...18:15:23:343 2700 cured

18:15:30:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006391.exe infected Virus.Win32.Sality.ag ...18:15:30:625 2700 cured

18:15:34:437 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006392.exe infected Virus.Win32.Sality.ag ...18:15:34:437 2700 cured

18:15:41:015 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006393.exe infected Virus.Win32.Sality.ag ...18:15:41:015 2700 cured

18:15:43:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006394.exe infected Virus.Win32.Sality.ag ...18:15:43:984 2700 cured

18:15:45:625 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006395.exe infected Virus.Win32.Sality.ag ...18:15:45:625 2700 cured

18:15:47:656 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006538.exe infected Virus.Win32.Sality.ag ...18:15:47:656 2700 cured

18:15:50:140 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006539.exe infected Virus.Win32.Sality.ag ...18:15:50:140 2700 cured

18:15:57:703 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006540.exe infected Virus.Win32.Sality.ag ...18:15:57:703 2700 cured

18:16:06:546 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006541.exe infected Virus.Win32.Sality.ag ...18:16:06:546 2700 cured

18:16:12:765 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP24\A0006542.exe infected Virus.Win32.Sality.ag ...18:16:12:765 2700 cured

18:16:23:109 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006558.pif infected Virus.Win32.Sality.ag ...18:16:23:109 2700 cured

18:16:31:625 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006587.exe infected Virus.Win32.Sality.ag ...18:16:31:625 2700 cured

18:16:41:500 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006596.exe infected Virus.Win32.Sality.ag ...18:16:41:500 2700 cured

18:16:51:781 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006650.pif infected Virus.Win32.Sality.ag ...18:16:51:781 2700 cured

18:16:53:640 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006670.exe infected Virus.Win32.Sality.ag ...18:16:53:640 2700 cured

18:16:55:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006671.exe infected Virus.Win32.Sality.ag ...18:16:55:484 2700 cured

18:17:00:343 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006672.exe infected Virus.Win32.Sality.ag ...18:17:00:343 2700 cured

18:17:09:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006675.exe infected Virus.Win32.Sality.ag ...18:17:09:984 2700 cured

18:17:17:500 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006676.exe infected Virus.Win32.Sality.ag ...18:17:17:500 2700 cured

18:17:19:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006677.exe infected Virus.Win32.Sality.ag ...18:17:19:328 2700 cured

18:17:26:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006678.exe infected Virus.Win32.Sality.ag ...18:17:26:218 2700 cured

18:17:31:656 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006686.exe infected Virus.Win32.Sality.ag ...18:17:31:656 2700 cured

18:17:34:968 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006687.exe infected Virus.Win32.Sality.ag ...18:17:34:968 2700 cured

18:17:43:968 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006696.exe infected Virus.Win32.Sality.ag ...18:17:43:968 2700 cured

18:17:50:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006704.exe infected Virus.Win32.Sality.ag ...18:17:50:609 2700 cured

18:17:51:843 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006713.exe infected Virus.Win32.Sality.ag ...18:17:51:843 2700 cured

18:17:54:718 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006714.exe infected Virus.Win32.Sality.ag ...18:17:54:718 2700 cured

18:17:57:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006717.exe infected Virus.Win32.Sality.ag ...18:17:57:750 2700 cured

18:17:59:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0006718.exe infected Virus.Win32.Sality.ag ...18:17:59:093 2700 cured

18:18:01:953 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007583.exe infected Virus.Win32.Sality.ag ...18:18:01:953 2700 cured

18:18:12:203 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007589.pif infected Virus.Win32.Sality.ag ...18:18:12:203 2700 cured

18:18:17:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007593.exe infected Virus.Win32.Sality.ag ...18:18:17:078 2700 cured

18:18:25:546 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007605.exe infected Virus.Win32.Sality.ag ...18:18:25:546 2700 cured

18:18:35:359 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007614.exe infected Virus.Win32.Sality.ag ...18:18:35:359 2700 cured

18:18:42:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007622.exe infected Virus.Win32.Sality.ag ...18:18:42:328 2700 cured

18:18:44:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007645.exe infected Virus.Win32.Sality.ag ...18:18:44:171 2700 cured

18:18:46:046 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007649.exe infected Virus.Win32.Sality.ag ...18:18:46:046 2700 cured

18:18:50:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007650.exe infected Virus.Win32.Sality.ag ...18:18:50:890 2700 cured

18:19:00:546 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007652.exe infected Virus.Win32.Sality.ag ...18:19:00:546 2700 cured

18:19:08:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007653.exe infected Virus.Win32.Sality.ag ...18:19:08:093 2700 cured

18:19:09:921 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007654.exe infected Virus.Win32.Sality.ag ...18:19:09:921 2700 cured

18:19:16:796 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007655.exe infected Virus.Win32.Sality.ag ...18:19:16:796 2700 cured

18:19:22:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007661.exe infected Virus.Win32.Sality.ag ...18:19:22:234 2700 cured

18:19:25:531 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007662.exe infected Virus.Win32.Sality.ag ...18:19:25:531 2700 cured

18:19:34:546 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007666.exe infected Virus.Win32.Sality.ag ...18:19:34:546 2700 cured

18:19:41:187 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007674.exe infected Virus.Win32.Sality.ag ...18:19:41:187 2700 cured

18:19:42:421 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007675.exe infected Virus.Win32.Sality.ag ...18:19:42:421 2700 cured

18:19:45:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007676.exe infected Virus.Win32.Sality.ag ...18:19:45:265 2700 cured

18:19:48:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007693.exe infected Virus.Win32.Sality.ag ...18:19:48:312 2700 cured

18:19:49:656 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0007694.exe infected Virus.Win32.Sality.ag ...18:19:49:656 2700 cured

18:19:52:500 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008565.exe infected Virus.Win32.Sality.ag ...18:19:52:500 2700 cured

18:20:02:843 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008566.pif infected Virus.Win32.Sality.ag ...18:20:02:843 2700 cured

18:20:07:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008567.exe infected Virus.Win32.Sality.ag ...18:20:07:750 2700 cured

18:20:16:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008568.exe infected Virus.Win32.Sality.ag ...18:20:16:265 2700 cured

18:20:26:062 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008569.exe infected Virus.Win32.Sality.ag ...18:20:26:062 2700 cured

18:20:29:687 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008570.exe infected Virus.Win32.Sality.ag ...18:20:29:687 2700 cured

18:20:31:531 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008571.exe infected Virus.Win32.Sality.ag ...18:20:31:531 2700 cured

18:20:33:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008572.exe infected Virus.Win32.Sality.ag ...18:20:33:406 2700 cured

18:20:38:250 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008573.exe infected Virus.Win32.Sality.ag ...18:20:38:250 2700 cured

18:20:47:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008574.exe infected Virus.Win32.Sality.ag ...18:20:47:890 2700 cured

18:20:55:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008575.exe infected Virus.Win32.Sality.ag ...18:20:55:484 2700 cured

18:20:57:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008576.exe infected Virus.Win32.Sality.ag ...18:20:57:312 2700 cured

18:21:04:203 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008577.exe infected Virus.Win32.Sality.ag ...18:21:04:203 2700 cured

18:21:09:625 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008578.exe infected Virus.Win32.Sality.ag ...18:21:09:625 2700 cured

18:21:12:921 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008579.exe infected Virus.Win32.Sality.ag ...18:21:12:921 2700 cured

18:21:21:937 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008580.exe infected Virus.Win32.Sality.ag ...18:21:21:937 2700 cured

18:21:28:578 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008581.exe infected Virus.Win32.Sality.ag ...18:21:28:578 2700 cured

18:21:29:843 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008582.exe infected Virus.Win32.Sality.ag ...18:21:29:843 2700 cured

18:21:32:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008583.exe infected Virus.Win32.Sality.ag ...18:21:32:734 2700 cured

18:21:35:765 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008584.exe infected Virus.Win32.Sality.ag ...18:21:35:765 2700 cured

18:21:37:093 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP25\A0008585.exe infected Virus.Win32.Sality.ag ...18:21:37:093 2700 cured

18:21:47:390 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0008596.pif infected Virus.Win32.Sality.ag ...18:21:47:390 2700 cured

18:21:50:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0008598.exe infected Virus.Win32.Sality.ag ...18:21:50:234 2700 cured

18:21:55:125 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0008601.exe infected Virus.Win32.Sality.ag ...18:21:55:125 2700 cured

18:22:05:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009565.pif infected Virus.Win32.Sality.ag ...18:22:05:328 2700 cured

18:22:08:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009566.exe infected Virus.Win32.Sality.ag ...18:22:08:218 2700 cured

18:22:13:109 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009567.exe infected Virus.Win32.Sality.ag ...18:22:13:109 2700 cured

18:22:21:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009568.exe infected Virus.Win32.Sality.ag ...18:22:21:609 2700 cured

18:22:31:437 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009569.exe infected Virus.Win32.Sality.ag ...18:22:31:437 2700 cured

18:22:35:031 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009570.exe infected Virus.Win32.Sality.ag ...18:22:35:031 2700 cured

18:22:36:875 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009571.exe infected Virus.Win32.Sality.ag ...18:22:36:875 2700 cured

18:22:38:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009572.exe infected Virus.Win32.Sality.ag ...18:22:38:734 2700 cured

18:22:43:578 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009573.exe infected Virus.Win32.Sality.ag ...18:22:43:578 2700 cured

18:22:53:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009574.exe infected Virus.Win32.Sality.ag ...18:22:53:218 2700 cured

18:23:00:750 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009575.exe infected Virus.Win32.Sality.ag ...18:23:00:750 2700 cured

18:23:02:562 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009576.exe infected Virus.Win32.Sality.ag ...18:23:02:562 2700 cured

18:23:09:453 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009577.exe infected Virus.Win32.Sality.ag ...18:23:09:453 2700 cured

18:23:14:875 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009578.exe infected Virus.Win32.Sality.ag ...18:23:14:875 2700 cured

18:23:18:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009579.exe infected Virus.Win32.Sality.ag ...18:23:18:171 2700 cured

18:23:27:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009580.exe infected Virus.Win32.Sality.ag ...18:23:27:171 2700 cured

18:23:33:781 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009581.exe infected Virus.Win32.Sality.ag ...18:23:33:781 2700 cured

18:23:35:015 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009582.exe infected Virus.Win32.Sality.ag ...18:23:35:015 2700 cured

18:23:37:859 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009583.exe infected Virus.Win32.Sality.ag ...18:23:37:859 2700 cured

18:23:40:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009584.exe infected Virus.Win32.Sality.ag ...18:23:40:890 2700 cured

18:23:42:234 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0009585.exe infected Virus.Win32.Sality.ag ...18:23:42:234 2700 cured

18:23:45:078 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010565.exe infected Virus.Win32.Sality.ag ...18:23:45:078 2700 cured

18:23:53:578 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010566.exe infected Virus.Win32.Sality.ag ...18:23:53:578 2700 cured

18:24:03:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010567.exe infected Virus.Win32.Sality.ag ...18:24:03:406 2700 cured

18:24:08:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010568.exe infected Virus.Win32.Sality.ag ...18:24:08:265 2700 cured

18:24:11:859 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010569.exe infected Virus.Win32.Sality.ag ...18:24:11:859 2700 cured

18:24:16:484 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010570.exe infected Virus.Win32.Sality.ag ...18:24:16:484 2700 cured

18:24:18:312 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010571.exe infected Virus.Win32.Sality.ag ...18:24:18:312 2700 cured

18:24:20:187 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010572.exe infected Virus.Win32.Sality.ag ...18:24:20:187 2700 cured

18:24:25:000 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010573.exe infected Virus.Win32.Sality.ag ...18:24:25:000 2700 cured

18:24:34:640 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010574.exe infected Virus.Win32.Sality.ag ...18:24:34:640 2700 cured

18:24:42:171 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010575.exe infected Virus.Win32.Sality.ag ...18:24:42:171 2700 cured

18:24:43:984 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010576.exe infected Virus.Win32.Sality.ag ...18:24:43:984 2700 cured

18:24:50:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010577.exe infected Virus.Win32.Sality.ag ...18:24:50:890 2700 cured

18:24:56:328 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010578.exe infected Virus.Win32.Sality.ag ...18:24:56:328 2700 cured

18:24:59:609 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010579.exe infected Virus.Win32.Sality.ag ...18:24:59:609 2700 cured

18:25:08:640 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010580.exe infected Virus.Win32.Sality.ag ...18:25:08:640 2700 cured

18:25:15:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010581.exe infected Virus.Win32.Sality.ag ...18:25:15:281 2700 cured

18:25:16:515 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010582.exe infected Virus.Win32.Sality.ag ...18:25:16:515 2700 cured

18:25:19:359 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010583.exe infected Virus.Win32.Sality.ag ...18:25:19:359 2700 cured

18:25:22:390 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010584.exe infected Virus.Win32.Sality.ag ...18:25:22:390 2700 cured

18:25:23:734 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP26\A0010585.exe infected Virus.Win32.Sality.ag ...18:25:23:734 2700 cured

18:25:34:062 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0001794.pif infected Virus.Win32.Sality.ag ...18:25:34:062 2700 cured

18:25:41:390 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002844.exe infected Virus.Win32.Sality.ag ...18:25:41:390 2700 cured

18:25:44:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002846.exe infected Virus.Win32.Sality.ag ...18:25:44:281 2700 cured

18:25:54:500 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002847.pif infected Virus.Win32.Sality.ag ...18:25:54:500 2700 cured

18:26:02:265 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002848.exe infected Virus.Win32.Sality.ag ...18:26:02:265 2700 cured

18:26:04:156 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002850.exe infected Virus.Win32.Sality.ag ...18:26:04:156 2700 cured

18:26:07:281 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002860.exe infected Virus.Win32.Sality.ag ...18:26:07:281 2700 cured

18:26:09:218 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002862.exe infected Virus.Win32.Sality.ag ...18:26:09:218 2700 cured

18:26:11:406 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002863.exe infected Virus.Win32.Sality.ag ...18:26:11:406 2700 cured

18:26:19:562 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002864.exe infected Virus.Win32.Sality.ag ...18:26:19:562 2700 cured

18:26:25:343 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002865.exe infected Virus.Win32.Sality.ag ...18:26:25:343 2700 cured

18:26:27:890 2700 D:\System Volume Information\_restore{CD428B8A-E5C4-4B8F-8A22-6A777EC82ECB}\RP9\A0002866.exe infected Virus.Win32.Sality.ag ...18:26:27:890 2700 cured

18:26:27:921 2700

18:26:29:500 0540

Monitoring thread stopped

18:26:29:500 2700

completed

18:26:29:500 2700 Infected files: 338

18:26:29:500 2700 Infected processes: 1

18:26:29:500 2700 Infected threads: 0

18:26:29:500 2700 Cured files: 337

18:26:29:500 2700 Will be cured on reboot: 1

18:26:29:500 2700 Executed registry scripts: 1

[wings 22]

1.

*Delete os arquivos C:\salitykiller.exe e C:\sality.txt

 

 

2.

*Baixe este arquivo e salve-o no desktop

 

*Clique com o botão direito do mouse nele e selecione Mesclar

 

*Reinicie o PC

 

 

3.

*Clique [iniciar] > [Executar], digite cmd e clique [OK]

 

*Digite: Netsh firewall reset

 

*Tecle [ENTER]

 

 

4.

*Baixe este arquivo e salve-o no desktop

 

*Clique com o botão direito do mouse nele e selecione Mesclar

 

*Reinicie o PC

 

 

5.

*Novo log do OTL

[diegoph 0]

Log OTL

 

download

[wings 22]

*Execute o OTL

 

*Cole as linhas em azul no espaço abaixo de Exames Personalizados/Correções:

:OTL

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Diego\CONFIG~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mpspl.sys -- (amsint32)

 

:Commands

[EMPTYJAVA]

[EMPTYTEMP]

*Clique [Consertar]

 

*Clique [OK] e o PC será reiniciado

 

*Cole o relatório apresentado

[diegoph 0]

All processes killed

========== OTL ==========

Service catchme stopped successfully!

Service catchme deleted successfully!

File C:\DOCUME~1\Diego\CONFIG~1\Temp\catchme.sys not found.

Service amsint32 stopped successfully!

Service amsint32 deleted successfully!

File C:\windows\system32\drivers\mpspl.sys not found.

========== COMMANDS ==========

 

[EMPTYJAVA]

 

User: Administrador

 

User: All Users

 

User: Default User

 

User: Diego

 

User: LocalService

 

User: NetworkService

 

Total Java Files Cleaned = 0,00 mb

 

 

[EMPTYTEMP]

 

User: Administrador

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Diego

->Temp folder emptied: 3067264 bytes

->Temporary Internet Files folder emptied: 2254300 bytes

->FireFox cache emptied: 297206169 bytes

->Google Chrome cache emptied: 7845860 bytes

->Flash cache emptied: 3037 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33237 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2358980 bytes

%systemroot%\System32 .tmp files removed: 2969 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 23468980 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 321,00 mb

 

 

OTL by OldTimer - Version 3.2.47.0 log created on 06082012_194645

 

Files\Folders moved on Reboot...

C:\Documents and Settings\Diego\Configurações locais\Temporary Internet Files\Content.IE5\60TGRFQF\ADSAdClient31[1].txt moved successfully.

 

Registry entries deleted on Reboot...

[wings 22]

*Execute o OTL

 

*Marque Nenhum em todas as opções

 

*Em Exame Extra do Registro, selecione Usar SafeList

 

 

*Clique [Verificar]

 

*Cole o relatório apresentado (Extras.txt)

[diegoph 0]

Extras.txt

 

 

http://wikisend.com/download/197716/Extras.Txt

[wings 22]

1.

*Execute o OTL, clique [Limpeza] > [OK]

 

*O PC será reiniciado

 

 

2.

*Ative a Restauração do Sistema

*Clique com o botão direito do mouse em Meu Computador e selecione Propriedades

*Clique em Restauração do Sistema

*Desmarque a opção Desativar Restauração do Sistema

*Clique [Aplicar] > [sim] > [OK]

 

 

3.

*Instale um antivírus. Sugiro Avast ou Avira.

 

 

 

Um abraço.

[diegoph 0]

muito obrigado amigo.... :thumbsup: :thumbsup: :thumbsup: :thumbsup:

 

agora eu consegui instalar o antivirus vlw mesmo :clap:

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.