Need help with removal of "Virus.Win32.Sality!IK" - Malware removal help

Attention! This forum has been replaced with support.emsisoft.com and is in read-only mode for achive now.

Welcome Guest

Search | Active Topics | Members | Log In | Register

a-squared Support » English Forums » Malware removal help » Need help with removal of "Virus.Win32.Sality!IK"

Need help with removal of "Virus.Win32.Sality!IK"

Options

Previous Topic · Next Topic

abel

Posted : Tuesday, September 29, 2009 6:08:49 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

This virus is spreading around my computer, I need help to delete this virus. Crying or Very sad

If anyone out there can help me, I will be happy! Very Happy

The virus is called "Virus.Win32.Sality!Ik"
Here is description of the virus:
A Virus is a self spreading computerprogram, that infects other programs for reproduction. Viruses are usually not able to run on their own, they always need a host program where they can attach with to be started.
On a virus infection, the virus attaches its own program code to other executable files (.EXE). If a host program is executed, the virus is loaded too and can start with its spreading- or destruction-routines.

IF THERE IS ANYONE OUT THERE WHO CAN HELP ME PLEASE DO! DONT KNOW WHAT TO DO! I DELETE IT BUT THERE IS ANOTHER ONE! Sad

ShadowPuterDude

Posted : Wednesday, September 30, 2009 1:00:34 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Hello and welcome to the a-squared support forums.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread

a-squared Team - www.emsisoft.com

Only those who fail greatly can ever achieve greatly - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security 2007-2008
Member - Alliance of Security Analysis Professionals - Since 2006

abel

Posted : Wednesday, September 30, 2009 5:15:53 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Code:

a-squared Anti-Malware - Version 4.5
Last update: 29/09/2009 16:48:43

Scan settings:

Scan type: Smart Scan
Objects: Memory, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   29/09/2009 17:15:02

C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt   detected: Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt   detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt   detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt   detected: Trace.TrackingCookie.casalemedia!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt   detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[3].txt   detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt   detected: Trace.TrackingCookie.fastclick!A2
C:\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt   detected: Trace.TrackingCookie.hitbox!A2
C:\Documents and Settings\Owner\Cookies\owner@linkvalidator[2].txt   detected: Trace.TrackingCookie.link!A2
C:\Documents and Settings\Owner\Cookies\owner@media6degrees[1].txt   detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Cookies\owner@mediafire[1].txt   detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Cookies\owner@mediafire[2].txt   detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt   detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt   detected: Trace.TrackingCookie.questionmarket!A2
C:\Documents and Settings\Owner\Cookies\owner@rubiconproject[1].txt   detected: Trace.TrackingCookie.rub!A2
C:\Documents and Settings\Owner\Cookies\owner@rubiconproject[2].txt   detected: Trace.TrackingCookie.rub!A2
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt   detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@specificclick[2].txt   detected: Trace.TrackingCookie.specificclick!A2
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt   detected: Trace.TrackingCookie.tribalfusion!A2
C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt   detected: Trace.TrackingCookie.zedo!A2
C:\WINDOWS\$hf_mig$\KB923561\SP3QFE\wordpad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB955839\SP3QFE\tzchange.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\sc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\telnet.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\tlntsess.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB969897-IE8\SP3QFE\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\admin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ahui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\alg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\at.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\attrib.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\author.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cacls.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cmd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\conf.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\conime.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\cscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\defrag.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\diantz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\explorer.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\findstr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fontview.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ftp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\help.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\hh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\iedw.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\imapi.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\locator.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\logagent.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\logman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\logon.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\logonui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\lsass.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\magnify.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\makecab.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\migload.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\migrate.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mmc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mshta.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msimn.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\mtstocom.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\narrator.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\net.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\net1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\netdde.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\netsh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\netstat.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\notepad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\osk.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\packager.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\pinball.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ping.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\progman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\proquota.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rcp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\reg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rexec.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rsh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\runonce.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\savedump.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\services.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sethc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\setup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\setup50.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\setup_wm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\shtml.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\skeys.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\snmp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sort.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\spider.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\stimon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\telnet.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\tracert.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\unregmp2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\ups.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\utilman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wab.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wextract.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\winver.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wmplayer.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB923561$\wordpad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB951978$\cscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB951978$\wscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB955839$\tzchange.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB956572$\sc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB956572$\services.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB960859$\telnet.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallKB970653-v3$\tzchange.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ie8\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ie8\iexplore.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ie8\mshta.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ie8updates\KB969897-IE8\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ie8updates\KB972260-IE8\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_D545A9F0ED09_444B_A962_2628559DCDE6.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\helpicon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\maintenance_icon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\texticon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Installer\{F44DA61E-720D-4E79-871F-F6E628B33242}\soffice.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\network diagnostic\xpnetdiag.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\accwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\admin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ahui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\alg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\at.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\atmadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\attrib.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\auditusr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\author.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\blastcln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cacls.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cisvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cmd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cmstp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\comrepl.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\comrereg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\conf.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\conime.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\cscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\defrag.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\diantz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\diskpart.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dllhost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dmremote.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dumprep.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dwwin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\evntwin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\explorer.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\extrac32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\findstr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fltmc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fontview.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\forcedos.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fpcount.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ftp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\fxscover.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\grpconv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\help.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\helpctr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\hh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\hscupd.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\iedw.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\iexpress.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\imapi.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ipv6.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\irftp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\locator.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\logman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\logon.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\logonui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\lsass.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\magnify.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\makecab.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\migload.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\migregdb.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\migwiz.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\migwiza.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mobsync.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\moviemk.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mplay32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msdtc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mshta.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msiexec.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msimn.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\msoobe.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mspaint.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mstinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\muisetup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\napstat.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\narrator.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\net.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\net1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\netdde.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\netsetup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\netsh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\netstat.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\notepad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\nppagent.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\nslookup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\oemig50.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\osk.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\packager.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\perfmon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\pinball.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ping.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\powercfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\progman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\proquota.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\qprocess.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rasphone.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rcp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rdshost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\reg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\regedit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rexec.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rsh.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rstrui.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\rundll32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\runonce.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\savedump.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\scrcons.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\services.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sethc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\setup.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\setup50.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\setupn.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\shtml.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\shutdown.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sigverif.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\skeys.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\slrundll.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\slserv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\smbinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\snmp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sort.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\spider.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sspipes.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ssstars.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\stimon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\svchost.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\tcptest.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\telnet.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\tracert.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\tzchange.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\uploadm.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\ups.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\userinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\utilman.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\verclsid.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\vssvc.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wab.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wabmig.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wextract.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\winver.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wordpad.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wscript.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\xcopy.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\ie4uinit.exe   detected: Virus.Win32.Sality!IK
C:\WINDOWS\system32\vcmgcd32.dl_   detected: Virus.Win32.Sality!IK
C:\WINDOWS\unvise32qt.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\a-squared Anti-Malware\a2upd.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Analog Devices\SoundMAX\AEEnable.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Analog Devices\SoundMAX\install.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Analog Devices\SoundMAX\RemADI.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Analog Devices\SoundMAX\Remove.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\template.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\zipper.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\Equation\eqnedt32.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\MSDraw\msdraw.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\Shoebox\piolch.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\WordArt\Wrdart32.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkscal.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdc.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CrisisX\CrisisX Client v8.1\CrisisX.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CrisisX\CrisisX Client v8.1\rt\bin\unpack200.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CrisisX\CrisisX Client v8.1\Uninstall.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CyberLink\PowerDVD\cltest.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CyberLink\Shared Files\RichVideo.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CyberLink\Shared Files\richvideoinstall.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\CyberLink\Shared Files\richvideouninstall.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\DivX\DivX Web Player\dotdivxapp.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0}\Setup.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\Setup.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Internet Explorer\ExtExport.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\java-rmi.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\java.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\javacpl.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\javaws.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\keytool.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\kinit.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\klist.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\ktab.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\orbd.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\pack200.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\policytool.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\rmid.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\rmiregistry.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\servertool.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\ssvagent.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\tnameserv.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Java\jre1.6.0_07\bin\unpack200.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Messenger\msmsgs.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\msworks.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkfud.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkgdcach.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wklnckml.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkpdfsnf.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkplmstp.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wksab.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wksdb.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\WksProj.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkssb.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wksss.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\WksWP.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Microsoft Works\wkwcestp.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\gengal.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\msfontextract.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\nsplugin.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\odbcconfig.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.3.4\bin\python.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.3.4\lib\distutils\command\wininst.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\senddoc.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\setofficelang.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\stclient_wrapper.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\testtool.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\crashrep.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\python.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\quickstart.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\sbase.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\scalc.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\sdraw.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\simpress.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\smath.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\soffice.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\sweb.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\swriter.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\unoinfo.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\unopkg.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\URE\bin\regcomp.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\URE\bin\regmerge.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\URE\bin\regview.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\URE\bin\uno.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\QuickTime\QTInfo.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\QuickTime\QuickTimeUpdater.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Real\RealPlayer\converter\Update\r1puninst.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Real\RealPlayer\fixrjb.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Real\RealPlayer\realjbox.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Real\RealPlayer\rphelperapp.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\bdnews.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\bdsubmit.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\bdswitch.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\register.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\rtvr.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Softwin\BitDefender8\upgrepl.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Subagames\CrossFire\CF_G4box.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Subagames\CrossFire\crossfire.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Subagames\CrossFire\patcher_cf.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Subagames\CrossFire\selfupdate_cf.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Tencent\QQMiniDownloader\comm\QQDL.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Tencent\QQMiniDownloader\QQCF_V036_full\MiniQQDL.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Tencent\QQMiniDownloader\QQCF_V036_patch\MiniQQDL.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Tencent\TT\Plugins\1SnapShot\SnapShot.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Desktop Search\WindowsSearch.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Connect 2\wmccds.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Connect 2\WMCCFG.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\dlimport.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmdbexport.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmlaunch.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmpenc.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmpnetwk.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmpnscfg.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmpshare.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows Media Player\wmsetsdk.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\Windows NT\hypertrm.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\WinRAR\Rar.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\WinRAR\RarExtLoader.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\WinRAR\Uninstall.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\WinRAR\UnRAR.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\WinRAR\WinRAR.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ZD Soft\Screen Recorder\ScnRec.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ZD Soft\Screen Recorder\setupdrv.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\CFSelWorld.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\KeyCrypt\ServiceInstaller.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\launchcrossfire.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\selfupdate.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\selfupdate_cf.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\ServiceInstaller.exe   detected: Virus.Win32.Sality!IK

Scanned

Files:   99145
Traces:   675221
Cookies:   658
Processes:   28

Found

Files:   664
Traces:   0
Cookies:   21
Processes:   0
Registry keys:   0

Scan end:   29/09/2009 20:30:06
Scan time:   3:15:04

Thank you for welcome me into forums and here is log.
Can't I get my .exe stuff back?

Lynx

Posted : Wednesday, September 30, 2009 5:40:26 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 2/24/2006
Posts: 4,495
Location: Australia

Hi abel,

1) Please follow the instruction step-by-step and post all required log files.

2) Update a-squared; rescan and post Deep Scan report as per instruction

3)

abel wrote:

Can't I get my .exe stuff back?

Please provide brief description of the problems, but be more specific.

My regards

XP Pro, SP3 (32-bit); a2-Free 4.5.0.21(beta); Firewall: Comodo CIS (Defense+ HIPS); Software DEP: integrated into Firewall; Anti-Malware: Mamutu 2.0.0.23 (beta); Verification Engine PlugIn (resident); AntiVirus: AVG Free (guard resident); SpyBot SD (+TeaTimer resident)

abel

Posted : Thursday, October 01, 2009 6:47:53 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Code:

a-squared Anti-Malware - Version 4.5
Last update: 01/10/2009 17:01:07

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   01/10/2009 17:09:12

C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt   detected: Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt   detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt   detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[1].txt   detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt   detected: Trace.TrackingCookie.media!A2
C:\DELL\drivers\R58201\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\AEEnable.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\RemADI.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\SE\inst16.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\install.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\Remove.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Sys\DSndUp.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\Win2K\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\WinXP\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\Nexon\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Desktop\icons\cf hack\MPGH.net+VIP+Authentication+Generator.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Desktop\icons\cf hack\PerX.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Desktop\x64\DrvSetup\setup.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Local Settings\Temp\Geek4Ever.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\My Documents\setup.exe   detected: Virus.Win32.Sality!IK
C:\Fraps\fraps.exe   detected: Virus.Win32.Sality!IK
C:\Fraps\uninstall.exe   detected: Virus.Win32.Sality!IK
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe   detected: Virus.Win32.Sality!IK
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe   detected: Virus.Win32.Sality!IK
C:\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.3.4\lib\distutils\command\wininst.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\crashrep.exe   detected: Virus.Win32.Sality!IK
C:\Program Files\OpenOffice.org 3\program\sweb.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013102.exe   detected: AdWare.Zango.C!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013103.dll   detected: Win32.AdWare.HotBar!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013104.exe   detected: AdWare.Win32.HotBar!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013105.dll   detected: AdWare.Zango!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013108.dll   detected: ADSPY!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013110.dll   detected: AdWare.AdSpy!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013111.dll   detected: AdWare.AdSpy!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP15\A0013112.dll   detected: AdWare.AdSpy!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP21\A0021383.exe   detected: Trojan.Hijacker!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP22\A0021745.dll   detected: Trojan.Crypt!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP23\A0029030.exe   detected: Trojan.Hijacker!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP31\A0033747.dll   detected: Backdoor.Win32.Inject.ccu!A2
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038210.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038218.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038219.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038220.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038221.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038223.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038224.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038225.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038226.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038228.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038230.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038238.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038243.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038244.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038248.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038249.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038250.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038251.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038252.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038257.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038265.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038266.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038267.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038268.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038270.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038271.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038272.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038274.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038277.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038279.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038287.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038292.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038293.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038301.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038302.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038303.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038304.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038309.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038310.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038311.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038312.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038314.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038315.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038316.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038317.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038319.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038321.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038344.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038349.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038350.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038367.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038369.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038370.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038372.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038373.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038381.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038382.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038383.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038384.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038385.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038388.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038396.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038397.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038398.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038399.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038401.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038402.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038403.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038404.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038406.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038408.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038416.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038421.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038422.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038430.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038431.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038436.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038438.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038639.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038640.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038641.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038642.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038643.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038644.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038650.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038658.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038659.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038660.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038661.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038663.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038664.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038665.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038666.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038669.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038671.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038679.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038680.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038681.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038682.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038683.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038684.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038689.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038690.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038691.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038692.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038694.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038695.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038696.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038697.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038699.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038701.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038709.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038714.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0038715.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039679.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039680.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039681.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039682.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039683.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039684.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039689.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039690.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039691.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039692.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039694.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039695.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039696.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039697.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039699.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039701.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039724.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039729.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039730.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039732.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039733.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039739.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039741.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039742.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039743.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039744.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039745.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039746.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039747.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039748.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039750.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039758.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039761.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039762.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039763.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039764.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039770.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039771.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039772.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039774.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039779.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039780.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039782.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039784.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039786.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039787.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039788.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039789.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039790.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039793.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039794.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039795.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039796.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039797.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039807.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039808.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039809.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039810.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039811.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039812.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039817.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039818.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039819.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039820.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039822.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039823.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039824.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039825.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039827.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039829.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039839.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039844.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039845.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039853.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039854.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039855.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039856.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039857.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039862.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039863.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039864.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039865.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039867.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039868.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039869.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039870.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039872.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039874.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039898.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039899.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039900.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039901.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039902.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039905.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039906.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039914.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039915.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039917.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0039918.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040851.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040859.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040860.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040861.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040862.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040864.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040865.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040866.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040867.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040869.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040871.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040880.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040885.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040886.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040893.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040894.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0040902.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041853.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041854.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041855.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041856.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041857.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041858.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041863.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041864.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041865.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041866.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041868.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041869.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041870.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041871.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041873.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041875.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041884.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041890.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041891.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041900.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041901.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041902.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041903.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041904.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041905.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041910.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041912.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041913.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041914.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041916.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041917.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041918.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041919.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041922.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041924.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041932.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041938.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041939.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041944.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041945.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041962.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041970.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041971.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041972.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041973.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041975.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041976.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041977.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041978.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041980.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041982.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041990.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041995.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041996.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041998.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0041999.old   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042002.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042003.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042008.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042018.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042031.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042033.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042133.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042137.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042139.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042149.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042162.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042163.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042164.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042165.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042166.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042167.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042178.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042186.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042187.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042188.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042189.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042191.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042192.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042193.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042194.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042196.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042198.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042206.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042213.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042214.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042216.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042217.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042234.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042236.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042237.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042238.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042239.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042240.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042242.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042245.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042253.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042256.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042257.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042258.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042259.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042265.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042266.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042267.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042269.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042276.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042277.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042278.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042279.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042280.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042281.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042286.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042287.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042288.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042289.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042291.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042292.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042293.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042294.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042296.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042298.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042308.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042313.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042314.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042316.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042317.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042330.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042332.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042333.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042334.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042335.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042336.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042337.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042338.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042340.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042348.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042351.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042352.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042353.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042354.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042360.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042361.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042362.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042364.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042367.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042368.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042370.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042372.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042374.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042375.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042376.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042377.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042378.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042381.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042385.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042387.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042388.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042389.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042410.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042411.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042412.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042413.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042418.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042419.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042420.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042421.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042422.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042426.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042427.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042428.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042429.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042430.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042431.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042432.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042433.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042434.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042435.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042436.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042437.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042438.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042500.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042503.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042504.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042505.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042506.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042507.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042508.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042509.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042510.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042511.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042512.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042513.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042514.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042515.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042518.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042519.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042520.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042521.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042522.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042523.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042524.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042525.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042526.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042527.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0042528.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043276.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043277.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043278.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043279.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043280.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043281.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043286.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043287.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043288.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043289.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043291.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043292.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043293.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043294.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043296.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043298.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043306.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043311.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043312.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043322.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043323.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043328.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043331.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043332.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043333.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043334.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043335.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043336.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043337.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043339.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043347.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043350.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043351.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043352.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043353.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043359.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043360.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043361.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043363.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043366.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043367.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043369.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043371.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043373.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043374.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043375.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043376.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043377.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043380.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043382.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043383.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043384.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043385.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043386.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043387.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043388.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043407.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043408.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043409.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043410.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043415.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043416.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043417.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043418.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043419.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043423.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043424.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043425.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043426.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043427.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043428.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043429.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043430.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043431.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043432.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043433.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043434.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043435.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043490.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043499.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043504.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043505.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043506.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043507.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043508.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043509.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043510.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043511.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043512.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043514.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043516.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043517.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043518.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043521.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043523.dll   detected: Backdoor.Win32.Bifrose!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043525.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043526.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043527.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043528.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043529.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043530.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043531.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043532.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043533.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043534.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043535.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043536.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043537.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043538.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043539.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043540.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043541.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043542.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043543.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043544.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043545.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043546.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043547.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043548.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043549.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043550.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043551.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043553.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043555.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043558.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043563.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043567.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043570.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043572.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043573.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043574.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043575.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043577.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043578.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043579.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043580.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043581.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043582.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043587.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043588.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043589.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043590.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043591.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043592.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043597.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043598.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043599.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043600.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043604.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043605.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043606.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043607.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043609.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043611.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043615.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043616.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043617.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043618.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043619.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043627.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043635.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043636.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043637.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043638.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043640.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043641.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043642.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043643.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043645.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043647.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043668.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043683.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043687.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043689.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043690.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043694.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043695.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043700.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043702.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043703.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043704.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043705.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043706.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043707.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043715.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043718.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043719.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043720.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043721.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043727.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043728.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043729.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043731.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043734.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043735.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043737.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043739.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043741.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043742.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043743.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043744.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043745.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043748.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043749.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043750.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043751.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043752.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043753.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043754.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043755.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043756.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043775.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043776.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043777.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043778.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043783.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043784.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043785.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043786.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043787.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043791.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043792.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043793.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043794.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043795.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043796.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043797.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043798.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043799.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043800.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043801.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043802.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043803.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043858.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043868.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043871.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043872.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043873.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043874.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043875.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043876.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043877.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043878.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043879.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043880.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043881.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043882.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043883.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043886.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043887.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043888.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043889.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043890.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043891.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043892.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043893.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043894.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043895.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043896.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043897.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043903.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043906.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043907.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043908.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043909.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043911.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043912.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043913.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043914.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043916.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043918.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043926.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043931.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043932.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043949.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043950.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043956.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043959.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043960.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043961.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043962.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043963.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043964.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043965.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043966.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043967.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043970.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043978.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043980.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043981.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043982.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043983.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043989.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043990.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043991.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043993.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043996.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043997.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0043999.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044001.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044003.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044004.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044005.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044006.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044013.dll   detected: Win32.Worm.Poebot.81408.A!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044016.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044017.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044018.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044019.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044021.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044022.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044023.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044024.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044026.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044028.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044036.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044041.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044042.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044044.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044045.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044047.old   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044049.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044050.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044051.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044052.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044054.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044064.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044065.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044066.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044067.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044068.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044069.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044070.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044071.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044072.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044073.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044074.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044075.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044076.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044077.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044078.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044079.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044080.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044081.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044082.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044083.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044084.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044085.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044086.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044087.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044088.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044089.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044090.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044091.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044092.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044093.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044094.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044095.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044096.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044097.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044098.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044099.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044100.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044101.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044102.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044103.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044104.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044105.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044106.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044107.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044108.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044109.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044110.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044111.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044112.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044113.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044114.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044115.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044116.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044117.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044118.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044119.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044120.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044121.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044122.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044123.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044124.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044125.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044126.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044127.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044128.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044129.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044130.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044131.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044132.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044133.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044134.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044135.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044136.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044137.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044138.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044139.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044140.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044141.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044142.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044143.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044144.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044145.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044146.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044147.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044148.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044149.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044150.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044151.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044152.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044153.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044154.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044155.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044156.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044157.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044158.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044159.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044160.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044161.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044162.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044163.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044164.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044165.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044166.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044167.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044168.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044169.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044170.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044171.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044172.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044173.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044174.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044175.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044176.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044177.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044178.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044179.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044180.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044181.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044182.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044183.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044184.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044185.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044186.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044187.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044188.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044189.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044190.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044191.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044192.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044193.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044194.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044195.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044196.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044197.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044198.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044199.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044200.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044201.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044202.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044203.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044204.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044205.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044206.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044207.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044208.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044209.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044210.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044211.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044212.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044213.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044214.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044215.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044216.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044217.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044218.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044219.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044220.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044221.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044222.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044223.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044224.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044225.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044226.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044227.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044228.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044229.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044230.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044231.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044232.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044233.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044234.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044235.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044236.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044237.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044238.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044239.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044240.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044241.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044242.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044243.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044244.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044245.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044246.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044247.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044248.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044249.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044250.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044251.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044252.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044253.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044254.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044255.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044256.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044257.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044258.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044259.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044260.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044261.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044262.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044263.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044264.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044265.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044266.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044267.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044268.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044269.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044270.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044271.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044272.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044273.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044274.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044275.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044276.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044277.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044278.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044279.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044280.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044281.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044282.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044283.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044284.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044285.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044286.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044287.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044288.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044289.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044290.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044291.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044292.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044293.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044294.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044295.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044296.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044297.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044298.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044299.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044300.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044301.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044302.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044303.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044304.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044305.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044306.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044307.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044308.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044309.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044310.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044311.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044312.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044313.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044314.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044315.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044316.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044317.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044318.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044319.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044320.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044321.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044322.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044323.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044324.scr   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044325.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044326.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044327.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044328.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044329.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044330.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044331.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044332.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044333.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044334.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044335.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044336.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044337.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044338.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044339.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044340.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044341.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044342.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044343.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044344.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044345.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044346.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044347.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044348.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044349.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044350.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044351.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044352.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044353.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044354.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044355.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044356.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044357.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044358.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044359.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044360.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044361.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044362.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044363.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044364.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044365.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044366.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044367.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044368.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044369.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044370.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044371.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044372.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044373.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044374.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044375.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044376.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044377.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044378.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044379.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044380.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044381.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044382.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044383.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044384.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044385.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044386.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044387.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044388.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044389.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044390.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044391.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044392.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044393.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044394.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044395.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044396.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044397.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044398.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044399.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044400.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044401.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044402.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044403.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044404.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044405.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044406.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044407.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044408.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044409.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044410.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044411.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044412.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044413.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044414.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044415.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044416.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044417.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044418.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044419.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044420.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044421.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044422.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044423.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044424.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044425.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044426.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044427.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044428.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044429.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044430.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044431.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044432.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044433.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044434.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044435.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044436.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044437.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044438.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044439.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044440.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044441.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044442.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044443.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044444.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044445.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044446.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044447.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044448.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044449.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044450.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044451.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044452.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044453.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044454.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044455.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044456.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044457.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044458.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044459.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044460.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044461.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044462.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044463.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044464.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044465.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044466.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044467.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044468.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044469.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044470.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044471.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044472.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044473.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044474.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044475.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044476.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044477.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044478.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044479.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044480.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044481.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044482.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044483.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044484.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044485.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044486.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044487.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044488.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044489.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044490.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044491.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044492.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044493.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044494.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044495.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044496.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044497.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044498.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044499.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044500.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044501.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044502.exe   detected: Virus.Win32.Sality!IK
C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP32\A0044503.exe   detected: Virus.Win32.Sality!IK

Scanned

Files:   154311
Traces:   675221
Cookies:   686
Processes:   32

Found

Files:   1238
Traces:   0
Cookies:   6
Processes:   0
Registry keys:   0

Scan end:   01/10/2009 18:32:09
Scan time:   1:22:57

How Can I get my .exe programs back? Like my WINDOWS floders because they are in quarantine. How can I get the virus out of these floders so I can restore them back. Question

I hope this helps!

ShadowPuterDude

Posted : Friday, October 02, 2009 1:34:10 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

You were not supposed to quarantine anything. Restore everything you quarantined.

Let me know when you have done so.

a-squared Team - www.emsisoft.com

abel

Posted : Friday, October 02, 2009 5:16:18 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

I put everything back, won't this harm my computer? So what do I do now? Run deep scan?

ShadowPuterDude

Posted : Saturday, October 03, 2009 2:59:59 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Follow the instructions on this page: http://myks.wordpress.com/2009/05/16/how-to-remove-sality-virus/

Once you have finished, update a-squared and post a fresh log.

a-squared Team - www.emsisoft.com

abel

Posted : Monday, October 05, 2009 7:59:25 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

I done all of that and this is what a got:

Code:

Norman Malware Cleaner
Version 1.5.0.5
Copyright © 1990 - 2009, Norman ASA. Built 2009/10/04 01:43:23

Norman Scanner Engine Version: 6.01.09
Nvcbin.def Version: 6.01.00, Date: 2009/10/04 01:43:23, Variants: 3952773

Scan started: 04/10/2009 18:30:38

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Home 5.1.2600 Service Pack 3
Logged on user: OWNER-1FC27A8E1\Owner

Scanning running processes and process memory...

C:\Program Files\Softwin\BitDefender8\bdnagent.exe (Infected with W32/Sality.AI)
File marked for defered repair (reboot required)

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Infected with W32/Sality.AI)
File marked for defered repair (reboot required)

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe(1780) (C:\WINDOWS\system32\vcmgcd32.dll!0x023B0000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\QuickTime\qttask.exe (Infected with W32/Sality.AI)
File marked for defered repair (reboot required)

C:\Program Files\QuickTime\qttask.exe(1788) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\Common Files\Real\Update_OB\realsched.exe(1812) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe(1828) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\WINDOWS\system32\hkcmd.exe (Infected with W32/Sality.AI)
File marked for defered repair (reboot required)

C:\WINDOWS\system32\hkcmd.exe(1868) (C:\WINDOWS\system32\vcmgcd32.dll!0x00A50000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\WINDOWS\system32\igfxpers.exe (Infected with W32/Sality.AI)
File marked for defered repair (reboot required)

C:\WINDOWS\system32\igfxpers.exe(1888) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\WINDOWS\system32\ctfmon.exe(1928) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\Windows Live\Messenger\msnmsgr.exe(1952) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\Internet Explorer\iexplore.exe(332) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\Internet Explorer\iexplore.exe(2656) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe(1236) (C:\WINDOWS\system32\vcmgcd32.dll!0x00B60000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

C:\WINDOWS\explorer.exe(228) (C:\WINDOWS\system32\vcmgcd32.dll!0x10000000) (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

Number of processes/threads found: 4149
Number of processes/threads scanned: 4149
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 1m 52s

Scanning file system...

Scanning: C:\*.*

C:\DELL\drivers\R58201\Setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\AEEnable.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\AEEnable.exe (Infected with W32/Delf.EIEB)
Deleted file

C:\DELL\drivers\R66937\RemADI.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\Setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\SMAXWDM\SE\inst16.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\install.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\Remove.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R66937\Sys\DSndUp.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R67150\Win2K\PROUnstl.exe (Infected with W32/Sality.AI)
Repaired file

C:\DELL\drivers\R67150\WinXP\PROUnstl.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\Desktop\icons\cf hack\MPGH.net+VIP+Authentication+Generator.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\Desktop\icons\cf hack\PerX.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\Desktop\icons\cf hack\Pro-Evolution Gaming Hack\PE-Gaming Injector.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\Desktop\x64\DrvSetup\setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\Local Settings\Temp\Geek4Ever.exe (Infected with W32/Sality.AI)
Repaired file

C:\Documents and Settings\Owner\My Documents\setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\Fraps\fraps.exe (Infected with W32/Sality.AI)
Repaired file

C:\Fraps\uninstall.exe (Infected with W32/Sality.AI)
Repaired file

C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe (Infected with W32/Sality.AI)
Repaired file

C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe (Infected with W32/Sality.AI)
Repaired file

C:\NGM\NGM.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\a-squared Anti-Malware\a2cmd.exe (Infected with W32/Sality.AI)
Failed to repair file

C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe (Infected with W32/Sality.AI)
Failed to repair file

C:\Program Files\a-squared Anti-Malware\a2start.exe (Infected with W32/Sality.AI)
Failed to repair file

C:\Program Files\a-squared Anti-Malware\a2upd.exe (Infected with W32/Sality.AI)
Failed to repair file

C:\Program Files\a-squared Anti-Malware\a2wizard.exe (Infected with W32/Sality.AI)
Failed to repair file

C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Analog Devices\SoundMAX\AEEnable.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Analog Devices\SoundMAX\AEEnable.exe (Infected with W32/Delf.EIEB)
Deleted file

C:\Program Files\Analog Devices\SoundMAX\install.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Analog Devices\SoundMAX\RemADI.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Analog Devices\SoundMAX\Remove.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Adobe AIR\Versions\1.0\template.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\zipper.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\Equation\eqnedt32.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\MSDraw\msdraw.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\Shoebox\piolch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\WordArt\Wrdart32.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkscal.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdc.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CrisisX\CrisisX Client v8.1\CrisisX.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CrisisX\CrisisX Client v8.1\Uninstall.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CrisisX\CrisisX Client v8.1\rt\bin\unpack200.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CyberLink\PowerDVD\cltest.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CyberLink\Shared Files\richvideoinstall.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\CyberLink\Shared Files\richvideouninstall.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\DivX\DivX Web Player\dotdivxapp.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Infected with W32/Sality.AI)
File already marked for defered repair (reboot required)

C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0}\Setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\Setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Internet Explorer\ExtExport.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\java-rmi.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\java.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\javacpl.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\javaws.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\keytool.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\kinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\klist.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\ktab.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\orbd.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\pack200.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\policytool.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\rmid.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\rmiregistry.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\servertool.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\ssvagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\tnameserv.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Java\jre1.6.0_07\bin\unpack200.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Messenger\msmsgs.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\msworks.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkfud.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkgdcach.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wklnckml.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkpdfsnf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkplmstp.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wksab.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wksdb.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\WksProj.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkssb.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wksss.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\WksWP.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Microsoft Works\wkwcestp.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\gengal.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\msfontextract.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\nsplugin.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\odbcconfig.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\senddoc.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\setofficelang.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\stclient_wrapper.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\testtool.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.3.4\bin\python.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.3.4\lib\distutils\command\wininst.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\crashrep.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\python.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\sbase.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\scalc.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\sdraw.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\simpress.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\smath.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\soffice.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\sweb.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\swriter.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\unoinfo.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\program\unopkg.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\URE\bin\regcomp.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\URE\bin\regmerge.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\URE\bin\regview.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\OpenOffice.org 3\URE\bin\uno.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\QuickTime\QTInfo.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\QuickTime\qttask.exe (Infected with W32/Sality.AI)
File already marked for defered repair (reboot required)

C:\Program Files\QuickTime\QuickTimeUpdater.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Real\RealPlayer\fixrjb.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Real\RealPlayer\realjbox.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Real\RealPlayer\rphelperapp.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Real\RealPlayer\converter\Update\r1puninst.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\BDLITE.EXE (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\bdnagent.exe (Infected with W32/Sality.AI)
File already marked for defered repair (reboot required)

C:\Program Files\Softwin\BitDefender8\bdnews.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\bdsubmit.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\bdswitch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\register.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\rtvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\upgrepl.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Softwin\BitDefender8\Quarantine\HostOL.dll (Infected with W32/HotBar.ANR)
Deleted file

C:\Program Files\Softwin\BitDefender8\Quarantine\Srv.exe (Infected with W32/180Solutions.A!genr)
Deleted file

C:\Program Files\Softwin\BitDefender8\Quarantine\ZangoSAHook.dll (Infected with W32/180Solutions.ALS)
Deleted file

C:\Program Files\Subagames\CrossFire\CF_G4box.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Subagames\CrossFire\crossfire.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Subagames\CrossFire\patcher_cf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Subagames\CrossFire\selfupdate_cf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\TeamViewer\Version4\install.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Tencent\QQMiniDownloader\comm\QQDL.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Tencent\QQMiniDownloader\QQCF_V036_full\MiniQQDL.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Tencent\QQMiniDownloader\QQCF_V036_patch\MiniQQDL.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Tencent\TT\Plugins\1SnapShot\SnapShot.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Connect 2\wmccds.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Connect 2\WMCCFG.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\dlimport.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmdbexport.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmlaunch.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmpenc.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmpnetwk.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmpnscfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmpshare.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows Media Player\wmsetsdk.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Windows NT\hypertrm.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\WinRAR\Rar.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\WinRAR\RarExtLoader.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\WinRAR\Uninstall.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\WinRAR\UnRAR.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\WinRAR\WinRAR.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Z8Games\CrossFire\CF_G4box.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Z8Games\CrossFire\crossfire.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Z8Games\CrossFire\patcher_cf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Z8Games\CrossFire\selfupdate_cf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ZD Soft\Screen Recorder\ScnRec.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ZD Soft\Screen Recorder\setupdrv.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\CFSelWorld.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\launchcrossfire.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\selfupdate.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\selfupdate_cf.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\ServiceInstaller.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\ÌÚÑ¶ÓÎÏ·\CrossFire\KeyCrypt\ServiceInstaller.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\unvise32qt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB923561\SP3QFE\wordpad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB955839\SP3QFE\tzchange.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlmp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrpamp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\sc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\telnet.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\tlntsess.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB969897-IE8\SP3QFE\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\admin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ahui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\alg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\at.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\attrib.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\author.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\autochk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\autoconv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\autofmt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\autolfn.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cacls.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cmd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\conf.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\conime.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\cscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\csrss.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\defrag.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\diantz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\explorer.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\findstr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fontview.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ftp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\help.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\hh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\iedw.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\imapi.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\locator.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\logagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\logman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\logon.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\logonui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\lsass.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\magnify.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\makecab.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\migload.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\migrate.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mmc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mshta.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msimn.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\mtstocom.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\narrator.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\net.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\net1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\netdde.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\netsh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\netstat.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\notepad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\osk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\packager.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\pinball.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ping.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\progman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\proquota.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rcp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\reg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\regedit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rexec.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rsh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\runonce.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\savedump.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\services.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sethc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\setup50.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\setup_wm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\shtml.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\skeys.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\smss.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\snmp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sort.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\spider.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\stimon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\svchost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\telnet.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\tracert.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\unregmp2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\ups.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\userinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\utilman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wab.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wextract.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\winver.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wmplayer.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB923561$\wordpad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB951978$\cscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB951978$\wscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB955839$\tzchange.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB956572$\sc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB956572$\services.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB960859$\telnet.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallKB970653-v3$\tzchange.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ie8\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ie8\iexplore.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ie8\mshta.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ie8updates\KB969897-IE8\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ie8updates\KB972260-IE8\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_D545A9F0ED09_444B_A962_2628559DCDE6.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\helpicon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\maintenance_icon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\texticon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Installer\{8BFFDBAB-FD81-4137-A98E-A769C828080C}\texticon.exe (Infected with W32/Obfuscated.C!genr)
Deleted file

C:\WINDOWS\Installer\{F44DA61E-720D-4E79-871F-F6E628B33242}\soffice.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\network diagnostic\xpnetdiag.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\accwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\admin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ahui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\alg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\at.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\atmadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\attrib.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\auditusr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\author.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\autochk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\autoconv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\autofmt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\autolfn.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\blastcln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cacls.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cisvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cmd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cmstp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\comrepl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\comrereg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\conf.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\conime.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\cscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\csrss.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\defrag.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\diantz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\diskpart.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dllhost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dmremote.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dwwin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\evntwin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\explorer.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\extrac32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\findstr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fltmc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fontview.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\forcedos.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fpcount.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ftp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\fxscover.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\grpconv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\help.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\helpctr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\hh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\hscupd.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\iedw.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\iexplore.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\iexpress.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\imapi.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ipv6.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\irftp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\locator.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\logman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\logon.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\logonui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lsass.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\magnify.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\makecab.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\migload.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\migregdb.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\migwiz.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\migwiza.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mobsync.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\moviemk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mplay32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msconfig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msdtc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mshta.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msiexec.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msimn.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\msoobe.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mspaint.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mstinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\muisetup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\napstat.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\narrator.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\net.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\net1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\netdde.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\netsetup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\netsh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\netstat.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\notepad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\nppagent.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\nslookup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ntkrnlmp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ntkrpamp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\oemig50.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\oschoice.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\osk.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\osloader.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\packager.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\perfmon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\pinball.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ping.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\powercfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\progman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\proquota.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\qprocess.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rasphone.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rcp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rdshost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\reg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\regedit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rexec.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rsh.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rstrui.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\rundll32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\runonce.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\savedump.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\scrcons.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\services.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sethc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\setup.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\setup50.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\setupn.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\shtml.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\shutdown.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sigverif.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\skeys.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\slrundll.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\slserv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\smbinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\smss.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\snmp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sort.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\spider.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sspipes.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ssstars.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\stimon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\svchost.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\tcptest.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\telnet.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\tracert.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\tzchange.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\uploadm.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\ups.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\userinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\utilman.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\verclsid.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\vssvc.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wab.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wabmig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wextract.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\winver.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wordpad.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wscript.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\xcopy.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\ie4uinit.exe (Infected with W32/Sality.AI)
Repaired file

C:\WINDOWS\system32\hkcmd.exe (Infected with W32/Sality.AI)
File already marked for defered repair (reboot required)

C:\WINDOWS\system32\igfxpers.exe (Infected with W32/Sality.AI)
File already marked for defered repair (reboot required)

C:\WINDOWS\system32\vcmgcd32.dll (Infected with W32/Sality.X)
File marked for defered cleaning (reboot required)

Scanning: C:\System Volume Information\*.*

Running post-scan cleanup routine:

Number of files found: 52451
Number of archives unpacked: 0
Number of files scanned: 52419
Number of files not scanned: 32
Number of files skipped due to exclude list: 0
Number of infected files found: 749
Number of infected files repaired/deleted: 743
Number of infections removed: 746
Total scanning time: 31m 16s

AFTER THAT I restarted my computer and did another scan:

Code:

Then run Symantec W32.Sality.AE Removal Tool 1.0.0

Code:

Symantec W32.Sality.AE Removal Tool 1.0.0

W32.Sality.AE has not been found on your computer.

I have followed your instructions and did what you have said . I didn't finish the last scan.

abel

Posted : Monday, October 05, 2009 8:01:19 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

SORRY. I mean I did finish the last scan. SORRY

ShadowPuterDude

Posted : Monday, October 05, 2009 9:39:14 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Post a fresh a-squared log.

a-squared Team - www.emsisoft.com

abel

Posted : Tuesday, October 06, 2009 7:36:44 AM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

I still got the virus:

Code:

a-squared Anti-Malware - Version 4.5
Last update: 05/10/2009 18:26:36

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   05/10/2009 18:28:12

[1772] C:\Program Files\Softwin\BitDefender8\bdnagent.exe   detected: Virus.Win32.Sality!IK
[1788] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe   detected: Virus.Win32.Sality!IK
[1788] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1816] C:\Program Files\QuickTime\qttask.exe   detected: Virus.Win32.Sality!IK
[1816] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1860] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1904] C:\WINDOWS\system32\hkcmd.exe   detected: Virus.Win32.Sality!IK
[1904] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1912] C:\WINDOWS\system32\igfxpers.exe   detected: Virus.Win32.Sality!IK
[1912] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1956] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1972] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[3516] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[1712] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[420] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
[128] C:\WINDOWS\system32\vcmgcd32.dll   detected: Win32.Worm.Poebot.81408.A!IK
c:\documents and settings\owner\application data\weatherdpa   detected: Trace.Directory.HotBar!A2
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt   detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@com[1].txt   detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt   detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@rubiconproject[2].txt   detected: Trace.TrackingCookie.rub!A2
C:\DELL\drivers\R58201\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\RemADI.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\SE\inst16.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\install.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\Remove.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Sys\DSndUp.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\Win2K\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\WinXP\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Desktop\icons\cf hack\MPGH.net+VIP+Authentication+Generator.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\Owner\Desktop\icons\cf hack\PerX.exe   detected: Virus.Win32.Sality!IK

Scanned

Files:   23008
Traces:   671511
Cookies:   780
Processes:   34

Found

Files:   14
Traces:   1
Cookies:   4
Processes:   16
Registry keys:   0

Scan end:   05/10/2009 18:37:11
Scan time:   0:08:59

SORRY didn't have time to finish it, but there still is a virus. There is another virus in my computer and I cant delete it. I need to delete it manual on both virus. GOT ANY IDEA?
I ran the Symantec W32.Sality.AE Removal Tool 1.0.0 and it said it can't find no virus

Code:

Symantec W32.Sality.AE Removal Tool 1.0.0

W32.Sality.AE has not been found on your computer.

ANY IDEAS TO FIX THIS?

ShadowPuterDude

Posted : Tuesday, October 06, 2009 2:07:49 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Download file rmslt.exe

Then run the tool for removal of infected files. The tool will automatically scan all available discs and will try to heal the infected files. If an active virus is found in memory, the tool will ask the user to reboot the computer. Healing will be performed during operating system boot-up sequence, so any active virus cannot interfere with the healing process.

-----------------------------------------------------------

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See HERE for help

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. (C:\ComboFix.txt)

-----------------------------------------------------------

Post fresh logs for:

ComboFix (C:\combofix.txt)
a-squared Free

ISeeYouXP

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

a-squared Team - www.emsisoft.com

abel

Posted : Wednesday, October 07, 2009 6:31:29 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Combofix log also I scan is 2 times:

Code:

ComboFix 09-10-06.04 - Owner 07/10/2009 17:10.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.510.272 [GMT 1:00]
Running from: c:\documents and settings\Owner\Desktop\Security\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\vcmgcd32.dl_

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TESSAFE
-------\Service_TesSafe

((((((((((((((((((((((((( Files Created from 2009-09-07 to 2009-10-07 )))))))))))))))))))))))))))))))
.

2009-10-04 19:03 . 2009-10-04 19:03   --------   d-----w-   c:\windows\system32\OLEDSP32.DLL
2009-10-03 10:37 . 2009-10-03 10:37   --------   d-----w-   c:\program files\Z8Games
2009-10-02 16:26 . 2009-10-04 18:06   114688   ----a-w-   c:\windows\system32\igfxpers.exe
2009-10-02 16:26 . 2009-10-04 17:51   86016   ----a-w-   c:\windows\unvise32qt.exe
2009-10-02 16:21 . 2009-10-04 17:51   421888   ----a-w-   c:\windows\NEXON_EU_DownloaderUpdater.exe
2009-09-30 09:43 . 2009-09-30 09:43   --------   d-----w-   c:\documents and settings\Owner\Application Data\TeamViewer
2009-09-30 09:42 . 2009-09-30 09:42   --------   d-----w-   c:\program files\TeamViewer
2009-09-30 09:41 . 2009-09-30 09:41   --------   d-----w-   c:\documents and settings\Owner\temp
2009-09-28 18:43 . 2009-09-28 18:44   --------   d-----w-   c:\windows\.file_store_32
2009-09-28 17:35 . 2009-10-07 16:06   --------   d-----w-   c:\program files\a-squared Anti-Malware
2009-09-27 09:19 . 2009-09-27 09:19   --------   d-----w-   C:\.crisisx_file_store_32
2009-09-27 09:03 . 2009-09-27 09:03   --------   d-----w-   c:\program files\CrisisX
2009-09-27 06:56 . 2009-09-27 06:56   --------   d-----w-   c:\program files\IObit
2009-09-23 13:19 . 2009-10-07 08:19   --------   d-----w-   c:\documents and settings\Owner\Local Settings\Application Data\Temp
2009-09-20 11:59 . 2001-08-17 12:48   12160   -c--a-w-   c:\windows\system32\dllcache\mouhid.sys
2009-09-20 11:59 . 2001-08-17 12:48   12160   ----a-w-   c:\windows\system32\drivers\mouhid.sys
2009-09-20 11:59 . 2008-04-13 23:15   10368   -c--a-w-   c:\windows\system32\dllcache\hidusb.sys
2009-09-20 11:59 . 2008-04-13 23:15   10368   ----a-w-   c:\windows\system32\drivers\hidusb.sys
2009-09-18 16:17 . 2009-09-18 16:30   --------   d-----w-   c:\program files\MSECache
2009-09-13 12:42 . 2009-09-13 12:42   --------   d-----w-   c:\documents and settings\NetworkService\Application Data\Xfire
2009-09-10 13:00 . 2009-06-21 21:44   153088   -c----w-   c:\windows\system32\dllcache\triedit.dll
2009-09-09 16:54 . 2009-09-09 16:54   --------   d-----w-   c:\program files\Common Files\xing shared
2009-09-09 16:54 . 2009-09-09 16:54   --------   d-----w-   c:\program files\Real
2009-09-09 16:54 . 2009-09-09 16:54   --------   d-----w-   c:\program files\Common Files\Real

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-06 18:39 . 2009-09-03 17:32   158256   ----a-w-   c:\windows\system32\TesSafe.sys
2009-10-06 17:38 . 2009-07-14 10:19   --------   d-----w-   c:\program files\Common Files\Softwin
2009-10-05 20:56 . 2009-09-03 17:32   17920   ----a-w-   c:\windows\system32\TesDrvPt.sys
2009-10-05 17:37 . 2009-07-14 11:16   --------   d-----w-   c:\program files\QuickTime
2009-10-02 20:02 . 2009-07-14 11:13   14   ----a-w-   c:\documents and settings\Owner\getfile.dat
2009-10-02 16:28 . 2009-07-14 10:50   --------   d-----w-   c:\program files\Windows Desktop Search
2009-10-02 16:28 . 2009-07-14 10:49   --------   d-----w-   c:\program files\Windows Media Connect 2
2009-10-01 16:34 . 2009-07-14 11:19   --------   d-----w-   c:\program files\OpenOffice.org 3
2009-09-30 10:08 . 2009-07-15 15:55   --------   d-----w-   c:\program files\Microsoft Works
2009-09-28 17:26 . 2009-07-14 09:04   --------   d-----w-   c:\program files\a-squared Free
2009-09-27 13:07 . 2009-07-14 08:58   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-09-24 16:33 . 2009-07-16 16:25   15688   ----a-w-   c:\windows\system32\lsdelete.exe
2009-09-19 13:38 . 2009-07-17 14:44   37   ----a-w-   c:\documents and settings\Owner\jagex_runescape_preferences.dat
2009-09-19 12:11 . 2009-09-02 15:22   45   ----a-w-   c:\documents and settings\Owner\jagex_runescape_preferences2.dat
2009-09-18 16:39 . 2009-07-14 11:18   --------   d-----w-   c:\program files\Java
2009-09-03 17:22 . 2009-07-17 04:52   --------   d-----w-   c:\program files\Tencent
2009-09-03 17:17 . 2009-09-03 17:17   --------   d-----w-   c:\program files\ÌÚÑ¶ÓÎÏ·
2009-09-03 11:56 . 2009-07-14 08:58   --------   d-----w-   c:\program files\Common Files\InstallShield
2009-09-03 10:22 . 2009-09-03 10:22   --------   d-----w-   c:\program files\ZD Soft
2009-09-02 16:25 . 2009-09-02 16:25   --------   d-----w-   c:\documents and settings\Owner\Application Data\uTorrent
2009-08-06 18:24 . 2009-07-14 08:47   327896   ----a-w-   c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2009-07-14 08:47   209632   ----a-w-   c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2009-07-14 08:47   35552   ----a-w-   c:\windows\system32\wups.dll
2009-08-06 18:24 . 2008-10-16 13:09   44768   ----a-w-   c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2009-07-14 08:46   53472   ------w-   c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-12 13:56   96480   ----a-w-   c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2009-07-14 08:46   575704   ----a-w-   c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2009-07-28 07:07   215920   ----a-w-   c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2009-07-28 07:07   274288   ----a-w-   c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2009-07-14 08:47   1929952   ----a-w-   c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-12 14:01   204800   ----a-w-   c:\windows\system32\mswebdvd.dll
2009-07-27 06:53 . 2009-07-14 11:14   30184   ----a-w-   c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-25 04:23 . 2009-07-17 04:33   411368   ----a-w-   c:\windows\system32\deploytk.dll
2009-07-17 19:01 . 2004-08-12 13:55   58880   ----a-w-   c:\windows\system32\atl.dll
2009-07-14 11:16 . 2009-07-14 11:16   64160   ----a-w-   c:\windows\system32\drivers\Lbd.sys
2009-07-14 10:33 . 2009-07-14 10:33   14   ----a-w-   c:\windows\system32\getfile.dat
2009-07-14 08:46 . 2009-07-14 08:46   21640   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-07-13 22:43 . 2004-08-12 14:10   286208   ----a-w-   c:\windows\system32\wmpdxm.dll
.

------- Sigcheck -------

[-] 2009-10-04 . 5489D52ECCDEF8501F5B7D9E15445571 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2009-10-04 . E3487C9BA13AF080CF5A8F1F6B980F33 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

c:\windows\system32\ctfmon.exe ... is missing !!
.
((((((((((((((((((((((((((((( SnapShot@2009-10-06_17.53.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-07 16:17 . 2009-10-07 16:17   16384 c:\windows\temp\Perflib_Perfdata_234.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-10-04 122368]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-09 198160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Tencent\\QQMiniDownloader\\comm\\QQDL.exe"=
"c:\\NGM\\NGM.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Tencent\\TT\\bin\\QQDeskUpdate.exe"=
"c:\\Program Files\\Tencent\\TT\\bin\\TTraveler.exe"=
"c:\\Program Files\\Tencent\\TT\\bin\\TTLiveUpdate.exe"=
"c:\\Program Files\\Tencent\\TT\\bin\\TTCrashReport.exe"=
"c:\\Program Files\\ÌÚÑ¶ÓÎÏ·\\CrossFire\\QQDL.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58487:TCP"= 58487:TCP:Pando Media Booster
"58487:UDP"= 58487:UDP:Pando Media Booster

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [14/07/2009 12:16 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1028432]
S2 gupdate1ca077de1980be8;Google Update Service (gupdate1ca077de1980be8);c:\program files\Google\Update\GoogleUpdate.exe [18/07/2009 09:00 133104]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 TesDrvPt;TesDrvPt;c:\windows\system32\TesDrvPt.sys [03/09/2009 18:32 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:32]

2009-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 08:00]

2009-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 08:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-07 17:17
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(984)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Completion time: 2009-10-07 17:22 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-07 16:22
ComboFix2.txt 2009-10-06 18:00

Pre-Run: 67,883,925,504 bytes free
Post-Run: 68,036,632,576 bytes free

208   --- E O F ---   2009-09-21 17:04

a-squared Anti-Malware - Version 4.5 scan log:

Code:

a-squared Anti-Malware - Version 4.5
Last update: 07/10/2009 17:28:23

Scan settings:

Scan type: N/A
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   07/10/2009 17:28:38

C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt   detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt   detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@com[1].txt   detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt   detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt   detected: Trace.TrackingCookie.mediaplex!A2
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt   detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[3].txt   detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt   detected: Trace.TrackingCookie.zedo!A2
C:\DELL\drivers\R58201\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\RemADI.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Setup.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\SE\inst16.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\install.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\SMAXWDM\W2K_XP\Remove.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R66937\Sys\DSndUp.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\Win2K\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\DELL\drivers\R67150\WinXP\PROUnstl.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe   detected: Virus.Win32.Sality!IK
C:\Qoobox\Quarantine\C\WINDOWS\system32\vcmgcd32.dll.vir   detected: Win32.Worm.Poebot.81408.A!IK
C:\Qoobox\Quarantine\C\WINDOWS\system32\vcmgcd32.dl_.vir   detected: Virus.Win32.Sality!IK
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe   detected: Virus.Win32.Sality!IK

Scanned

Files:   130673
Traces:   671511
Cookies:   793
Processes:   28

Found

Files:   15
Traces:   0
Cookies:   8
Processes:   0
Registry keys:   0

Scan end:   07/10/2009 18:13:24
Scan time:   0:44:46

I delete the cookies and put the virus in the Quarantine. It kill most of the virus> Smile

What should I do now? I think all the virus are gone SO I JUST WANT TO SAY A BIG THANK YOU TO YOU ALL THAT HELPED ME! Very Happy

YOU SAVED MY LIFE Very Happy

Well am pretty sure all virus are gone and should I do anymore virus scan to make sure? Thanks again! Very Happy

ShadowPuterDude

Posted : Thursday, October 08, 2009 12:29:37 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

OK. run the Norman Malware Cleaner again, and post the resulting log.

a-squared Team - www.emsisoft.com

abel

Posted : Friday, October 09, 2009 7:11:15 AM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Code:

Norman Malware Cleaner
Version 1.5.0.5
Copyright © 1990 - 2009, Norman ASA. Built 2009/10/08 10:30:32

Norman Scanner Engine Version: 6.01.09
Nvcbin.def Version: 6.01.00, Date: 2009/10/08 10:30:32, Variants: 4003615

Scan started: 09/10/2009 06:02:34

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Home 5.1.2600 Service Pack 3
Logged on user: OWNER-1FC27A8E1\Owner

Set registry value: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS = -> ""
Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000
Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000
Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000

Scanning running processes and process memory...

Number of processes/threads found: 3812
Number of processes/threads scanned: 3812
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 1m 8s

Scanning file system...

Scanning: C:\*.*

C:\Documents and Settings\Owner\Desktop\icons\cf hack\Pro-Evolution Gaming Hack\PE-Gaming Injector.exe (Infected with W32/Sality.AI)
Repaired file

C:\Program Files\Z8Games\CrossFire\GameGuard\GameMon.des (Infected with W32/Packed_B)
Deleted file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000181.des (Infected with W32/Packed_B)
Deleted file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000202.des (Infected with W32/Packed_B)
Deleted file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000215.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000216.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000217.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000218.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000219.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000220.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000221.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000222.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000223.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000224.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000225.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0000226.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP5\A0003340.exe (Infected with W32/Sality.AI)
Repaired file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP5\A0003364.des (Infected with W32/Packed_B)
Deleted file

C:\WINDOWS\system32\GameMon.des (Infected with W32/Packed_B)
Removed service: npggsvc
Deleted file

Scanning: C:\System Volume Information\*.*

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP5\A0003365.des (Infected with W32/Packed_B)
Deleted file

Running post-scan cleanup routine:

Number of files found: 57902
Number of archives unpacked: 0
Number of files scanned: 57862
Number of files not scanned: 40
Number of files skipped due to exclude list: 0
Number of infected files found: 20
Number of infected files repaired/deleted: 20
Number of infections removed: 20
Total scanning time: 37m 14s

Man, this virus never gives up.... What should I do now?

ShadowPuterDude

Posted : Friday, October 09, 2009 1:44:56 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

1. Disconnected your computer from the network.

2. Turn off “System Restore” when in cleaning process.

3. Copy the contents of the below quote box to Notepad; Save As repair.inf to your Desktop; make sure File Type: is set to All Files (*.*).

Code:

[Version]
Signature="$Chicago$"
Provider=Nobody

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, "Explorer.exe"
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\CurrentControlSet\Services\lanmanserver\parameters, AutoShareWks,0x00010001,0
HKLM, SYSTEM\CurrentControlSet\Services\lanmanserver\parameters, AutoShareServer,0x00010001,0
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoDriveTypeAutoRun,0x000000ff,255
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer, NoDriveTypeAutoRun,0x000000ff,255

[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr

Close Notepad.

Locate repair.inf on your Desktop. Right-click on it and choose 'install'.

4. Scan with Norman Malware Cleaner please note because this virus will infected files with extesion .exe .com and .scr you have to rename Norman_Malware_Cleaner.exe with new extension example Norman_Malware_Cleaner.cmd

Make sure you downloaded a fresh copy of the cleaner from norman's official website and don’t run it before you change the extension or this cleaner will get infected first before it can eliminate sality.

5. Repair Safe Mode: Download safemoderepair.zip and merge only registry patach for your Operating System.

7. Copy the contents of the below quote box to Notepad; Save As repair.inf to your Desktop; make sure File Type: is set to All Files (*.*).

Code:

[Version]
Signature="$Chicago$"
Provider=Nobody

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, "Explorer.exe"
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\CurrentControlSet\Services\lanmanserver\parameters, AutoShareWks,0x00010001,0
HKLM, SYSTEM\CurrentControlSet\Services\lanmanserver\parameters, AutoShareServer,0x00010001,0
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoDriveTypeAutoRun,0x000000ff,255
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer, NoDriveTypeAutoRun,0x000000ff,255
HKLM, SOFTWARE\Microsoft\Security Center, AntiVirusDisableNotify,0x00010001,0
HKLM, SOFTWARE\Microsoft\Security Center, AntiVirusOverride,0x00010001,0
HKLM, SOFTWARE\Microsoft\Security Center, FirewallDisableNotify,0x00010001,0
HKLM, SOFTWARE\Microsoft\Security Center, FirewallOverride,0x00010001,0
HKLM, SOFTWARE\Microsoft\Security Center, UacDisableNotify,0x00010001,0
HKLM, SOFTWARE\Microsoft\Security Center, UpdatesDisableNotify,0x00010001,0

[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKLM, SOFTWARE\Microsoft\Security Center\Svc

Close Notepad.

Locate repair1.inf on your Desktop. Right-click on it and choose 'install'.

8. Reboot your computer and scan again with norman malware cleaner.

Reboot

Post fresh logs for:
Norman Malware Cleaner

a-square Free/Anti-Malware

a-squared Team - www.emsisoft.com

abel

Posted : Friday, October 09, 2009 6:09:37 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

It says installation Failed on the first notepad. What should I do now?

ShadowPuterDude

Posted : Saturday, October 10, 2009 1:32:28 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Download from this link http://www.istanto.net/wp-content/uploads/2009/03/repair.inf and right-click and select install.

a-squared Team - www.emsisoft.com

abel

Posted : Saturday, October 10, 2009 11:35:53 AM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

a-squared Anti-Malware scan log:

Code:

a-squared Anti-Malware - Version 4.5
Last update: 10/10/2009 10:23:08

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   10/10/2009 10:25:31

C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt   detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt   detected: Trace.TrackingCookie.doubleclick!A2

Scanned

Files:   212737
Traces:   678189
Cookies:   870
Processes:   29

Found

Files:   0
Traces:   0
Cookies:   2
Processes:   0
Registry keys:   0

Scan end:   10/10/2009 11:21:03
Scan time:   0:55:32

Norman Malware Cleaner log:

Code:

Norman Malware Cleaner
Version 1.5.0.5
Copyright © 1990 - 2009, Norman ASA. Built 2009/10/09 08:55:55

Norman Scanner Engine Version: 6.01.09
Nvcbin.def Version: 6.01.00, Date: 2009/10/09 08:55:55, Variants: 4017892

Scan started: 10/10/2009 09:52:45

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Home 5.1.2600 Service Pack 3
Logged on user: OWNER-1FC27A8E1\Owner

Set registry value: HKCR\scrfile\shell\open\command\ = ""%1" %*" -> ""%1" /S"

Scanning running processes and process memory...

Number of processes/threads found: 3290
Number of processes/threads scanned: 3290
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 58s

Scanning file system...

Scanning: C:\*.*

Running post-scan cleanup routine:

Number of files found: 56489
Number of archives unpacked: 0
Number of files scanned: 56460
Number of files not scanned: 29
Number of files skipped due to exclude list: 0
Number of infected files found: 0
Number of infected files repaired/deleted: 0
Number of infections removed: 0
Total scanning time: 23m 42s

It looks clear and there is no virus. WOW thanks for your help, I think it worked!! Very Happy

THANK YOU VERY MUCH FOR HELPING ME! I think the virus is gone. Very Happy

I don't know what to say.... Surprised

Should I do anymore scans to make sure that the virus is gone Question

If is gone then YOUR the greatest person ever!!!

Thank you again for helping me!

abel

Posted : Saturday, October 10, 2009 11:39:23 AM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Also am I allowed to turn back my restore point and delete the repair notepad? Question

ShadowPuterDude

Posted : Sunday, October 11, 2009 12:43:43 AM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Doing a System Restore from an earlier Restore Point, may reinfect the system. If you choose to do so, post fresh logs. I will check to see if any malware was restored.

a-squared Team - www.emsisoft.com

abel

Posted : Tuesday, October 13, 2009 5:40:25 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

I just scaned now and got this:

Code:

Norman Malware Cleaner
Version 1.5.0.5
Copyright © 1990 - 2009, Norman ASA. Built 2009/10/09 08:55:55

Norman Scanner Engine Version: 6.01.09
Nvcbin.def Version: 6.01.00, Date: 2009/10/09 08:55:55, Variants: 4017892

Scan started: 12/10/2009 19:46:44

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Home 5.1.2600 Service Pack 3
Logged on user: OWNER-1FC27A8E1\Owner

Scanning running processes and process memory...

Number of processes/threads found: 3760
Number of processes/threads scanned: 3760
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 1m 23s

Scanning file system...

Scanning: C:\*.*

C:\Program Files\Z8Games\CrossFire\GameGuard\GameMon.des (Infected with W32/Packed_B)
Deleted file

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0003285.des (Infected with W32/Packed_B)
Deleted file

C:\WINDOWS\system32\GameMon.des (Infected with W32/Packed_B)
Removed service: npggsvc
Deleted file

Scanning: C:\System Volume Information\*.*

C:\System Volume Information\_restore{9E391BBA-B017-45B6-9A8D-AB6F76849504}\RP1\A0003287.des (Infected with W32/Packed_B)
Deleted file

Running post-scan cleanup routine:

Number of files found: 55606
Number of archives unpacked: 0
Number of files scanned: 55576
Number of files not scanned: 30
Number of files skipped due to exclude list: 0
Number of infected files found: 4
Number of infected files repaired/deleted: 4
Number of infections removed: 4
Total scanning time: 50m 23s

There is something called W32/Packed_B in my computer, I think it is a virus. I don't know. Also I didn't do a System Restore from an earlier Restore Point.

ShadowPuterDude

Posted : Tuesday, October 13, 2009 9:43:54 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Norman says it deleted the files. Restore points can't be individually deleted, you must trun off system Restore to remove Restore Points.

Post a fresh a-squared log.

a-squared Team - www.emsisoft.com

abel

Posted : Wednesday, October 14, 2009 7:19:21 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Norman Malware Cleaner log:

Code:

Norman Malware Cleaner
Version 1.5.0.5
Copyright © 1990 - 2009, Norman ASA. Built 2009/10/14 12:51:19

Norman Scanner Engine Version: 6.01.09
Nvcbin.def Version: 6.01.00, Date: 2009/10/14 12:51:19, Variants: 4050607

Scan started: 14/10/2009 18:36:23

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Home 5.1.2600 Service Pack 3
Logged on user: OWNER-1FC27A8E1\Owner

Scanning running processes and process memory...

Number of processes/threads found: 3840
Number of processes/threads scanned: 3840
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 1m 51s

Scanning file system...

Scanning: C:\*.*

C:\WINDOWS\PEV.exe (Infected with Smalltroj.TUBE)
Deleted file

Scanning: C:\System Volume Information\*.*

Running post-scan cleanup routine:

Number of files found: 61459
Number of archives unpacked: 0
Number of files scanned: 61427
Number of files not scanned: 32
Number of files skipped due to exclude list: 0
Number of infected files found: 1
Number of infected files repaired/deleted: 1
Number of infections removed: 1
Total scanning time: 26m 50s

Now there is a virus called Smalltroj.TUBE. It says it delete the file?

ShadowPuterDude

Posted : Wednesday, October 14, 2009 11:28:24 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Why are you still running Norman? PEV.exe is not a trojan that is a False Positive.

a-squared Team - www.emsisoft.com

abel

Posted : Thursday, October 15, 2009 7:19:09 PM

Rank: Member
Groups: Member

Joined: 9/29/2009
Posts: 16

Sorry I forgot and here a-squared Anti-Malware - Version 4.5 log:

Code:

a-squared Anti-Malware - Version 4.5
Last update: 15/10/2009 17:25:47

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:   15/10/2009 17:29:51

C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt   detected: Trace.TrackingCookie.atdmt!A2

Scanned

Files:   219409
Traces:   678560
Cookies:   985
Processes:   32

Found

Files:   0
Traces:   0
Cookies:   1
Processes:   0
Registry keys:   0

Scan end:   15/10/2009 19:01:22
Scan time:   1:31:31

It looks all clear and there is no virus. You can close this thread because it is Resoled. Just want to say MANY THANKS FOR HELPING ME! Very Happy

If there is any problems I will post a new thread in the new forums. Smile

Many Thanks Again!!!

P.S. close this thread

ShadowPuterDude

Posted : Thursday, October 15, 2009 11:43:54 PM

Rank: Advanced Member
Groups: Member, Moderation

Joined: 5/23/2006
Posts: 2,252
Location: Northern NY

Thread Closed

Reason: Resolved

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread

a-squared Team - www.emsisoft.com

Users browsing this topic

Guest User

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Anti-Malware Forum - Emsi Software - Anti-Virus, Anti-Trojan and Anti-Spyware