View Full Version : Application Error keeps returning - HJT included
A_Roldan
2010-01-26, 14:58
Hi.
I have an application error that re-occurs every day and I have no idea what is causing this.
I have a shorcut on my desktop to play a total conversion mod for the game CRYSIS. The mod is called "Mechwarrior Living Legends". When I click on the shortcut I get the following error:
"The application failed to initialize properly (0xc000007b). Click on OK to terminate the application.".
The only available option is to click "OK" and close the dialog box.
Also, when I plugged in my joystick (Saitek X45) to play a different game I tried to open the joystick profiling software (that I have used several times before) to edit a profile and I received the same error.
Finally, two days ago I received this error on startup and it referred to "MOM.exe" as having caused the error. I found out that "MOM.exe" is part of my ATI Catalyst Control Center software.
I have since uninstalled and reinstalled all three of these applications. The new install always eliminates the error, but it comes back every day for the game and the joystick. So far, it has not returned on "MOM.exe" and none of the othe software I use every day is affected (ADOBE Photoshop, Corel DRAW, MS Outlook, Windows Explorer, IE, Blackberry Desktop Manager, etc...)
HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:41:32 AM, on 1/26/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcrobatInfo.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
G:\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://anubismmg.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262277748264
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
--
End of file - 5947 bytes
Hello A_Roldan
Welcome to Safer Networking.
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Clean log but we can dig a bit deeper. If nothing is found I can direct you to a windows forum that may be able to help you as this forum is for malware removal only.
Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://forums.whatthetech.com/post_a4255_MBAM.PNG
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report and also a new HJT log please
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
A_Roldan
2010-01-31, 21:57
Thank you for the quick repsone. I hope you are able to help me. I appreciate the offer of another forum as well; if it comes to that.
Following your instructions, here is the text from the Malwarebytes log:
Malwarebytes' Anti-Malware 1.44
Database version: 3669
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
1/31/2010 2:28:47 PM
mbam-log-2010-01-31 (14-28-47).txt
Scan type: Quick Scan
Objects scanned: 115741
Time elapsed: 3 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\wmimgr32.dll (Trojan.Downloader) -> Delete on reboot.
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\wmimgr32.dll (Trojan.Downloader) -> Delete on reboot.
_____________________________________________________
RSIT -> log.txt results
Logfile of random's system information tool 1.06 (written by random/random)
Run by Angel Roldan at 2010-01-31 14:43:21
Microsoft Windows XP Professional Service Pack 3
System drive C: has 97 GB (88%) free of 110 GB
Total RAM: 2047 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:43:35 PM, on 1/31/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
G:\Downloads\RSIT.exe
G:\Downloads\Angel Roldan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://anubismmg.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262277748264
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
--
End of file - 5567 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1904640]
""= []
"NaturalPoint"= []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-26 18081280]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 77824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 118784]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2009-06-03 237568]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2009-06-03 131072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
C:\Documents and Settings\Admin\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-24 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"H:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="H:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"H:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="H:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b0252cc-b02a-11de-8f97-806d6172696f}]
shell\AutoRun\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2fb620a-049d-11df-805b-002421b63a8a}]
shell\AutoRun\command - F:\wd_windows_tools\WDSetup.exe
======List of files/folders created in the last 1 months======
2010-01-31 14:43:21 ----D---- C:\rsit
2010-01-31 14:31:47 ----N---- C:\WINDOWS\system32\wmimgr32.dll
2010-01-26 07:40:37 ----D---- C:\WINDOWS\ERDNT
2010-01-26 07:39:52 ----D---- C:\Program Files\ERUNT
2010-01-25 17:32:37 ----D---- C:\Documents and Settings\All Users\Application Data\Saitek
2010-01-25 16:12:27 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
2010-01-25 16:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-25 16:12:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-25 15:42:09 ----HD---- C:\WINDOWS\PIF
2010-01-25 03:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-01-24 14:37:43 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2010-01-24 14:35:42 ----D---- C:\Program Files\ATI Technologies
2010-01-24 14:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-24 14:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-01-24 14:08:02 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-01-24 14:07:52 ----D---- C:\WINDOWS\system32\windowspowershell
2010-01-24 14:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2010-01-24 14:07:47 ----D---- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search
2010-01-24 14:07:23 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-01-24 14:07:23 ----D---- C:\Program Files\Windows Desktop Search
2010-01-24 14:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-01-24 14:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-01-24 13:52:58 ----D---- C:\WINDOWS\SxsCaPendDel
2010-01-19 13:15:49 ----D---- C:\Documents and Settings\Admin\Application Data\WTablet
2010-01-19 13:15:27 ----D---- C:\WINDOWS\system32\WTablet
2010-01-19 13:15:25 ----A---- C:\WINDOWS\system32\Wintab32.dll
2010-01-19 13:15:25 ----A---- C:\WINDOWS\system32\Wacom_Tablet.exe
2010-01-19 13:15:25 ----A---- C:\WINDOWS\system32\Wacom_Tablet.dll
2010-01-19 13:15:21 ----D---- C:\Program Files\Tablet
2010-01-19 13:06:49 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-01-19 13:06:48 ----D---- C:\Documents and Settings\Admin\Application Data\Office Genuine Advantage
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\zh-TW
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\zh-HK
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\tr-TR
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\sv-SE
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\pt-BR
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\nl-NL
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\nb-NO
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\ko-KR
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\it-IT
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\he-IL
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\fr-FR
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\fi-FI
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\es-ES
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\el-GR
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\de-DE
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\da-DK
2010-01-19 13:04:05 ----D---- C:\WINDOWS\system32\ar-SA
2010-01-14 20:20:46 ----D---- C:\Program Files\Saitek
2010-01-14 19:31:17 ----D---- C:\Config.Msi
2010-01-13 20:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-09 21:12:53 ----D---- C:\Program Files\Common Files\Logitech
2010-01-09 01:39:32 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-06 08:57:50 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll
2010-01-06 08:37:14 ----A---- C:\WINDOWS\system32\CSVer.dll
2010-01-06 08:36:12 ----A---- C:\WINDOWS\vncutil.exe
2010-01-06 08:36:11 ----A---- C:\WINDOWS\SkyTel.exe
2010-01-06 08:36:10 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-01-06 08:36:10 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-01-04 07:35:54 ----D---- C:\Program Files\Lame for Audacity
2010-01-03 16:41:00 ----D---- C:\Documents and Settings\Admin\Application Data\dvdcss
2010-01-03 16:40:40 ----D---- C:\Documents and Settings\Admin\Application Data\vlc
2010-01-03 15:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-01-03 15:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-01-03 15:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-01-03 15:13:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-01-03 12:37:05 ----D---- C:\Python26
2010-01-03 12:35:36 ----D---- C:\Documents and Settings\Admin\Application Data\Blender Foundation
2010-01-03 12:35:32 ----D---- C:\Program Files\Blender Foundation
2010-01-03 09:38:22 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-01-03 09:38:20 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-01-03 09:37:53 ----D---- C:\Program Files\Windows Media Connect 2
2010-01-03 09:37:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-01-03 09:37:08 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-01-03 09:36:41 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-01-03 09:28:52 ----D---- C:\Documents and Settings\Admin\Application Data\Roxio
2010-01-03 09:24:01 ----D---- C:\Documents and Settings\Admin\Application Data\Blackberry Desktop
2010-01-03 09:22:21 ----D---- C:\Documents and Settings\Admin\Application Data\Research In Motion
2010-01-03 09:17:49 ----D---- C:\Documents and Settings\Admin\Application Data\InstallShield
2010-01-03 09:17:45 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2010-01-03 09:15:56 ----D---- C:\Program Files\Common Files\Sonic Shared
2010-01-03 09:15:55 ----D---- C:\Program Files\Roxio
2010-01-03 09:15:55 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2010-01-03 09:15:07 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-03 09:14:30 ----D---- C:\Program Files\Research In Motion
2010-01-03 09:13:54 ----D---- C:\Documents and Settings\All Users\Application Data\Research In Motion
2010-01-03 09:13:49 ----D---- C:\Program Files\Common Files\Roxio Shared
2010-01-03 09:13:35 ----D---- C:\Program Files\Common Files\Research In Motion
2010-01-02 06:20:04 ----D---- C:\Program Files\MSXML 4.0
2010-01-01 16:59:58 ----A---- C:\WINDOWS\ALCMTR.EXE
2010-01-01 16:41:35 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-01-01 16:41:35 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-01-01 16:41:35 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-01-01 16:41:35 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-01-01 16:41:20 ----D---- C:\Program Files\ATI
2010-01-01 14:27:59 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2010-01-01 11:23:00 ----D---- C:\Program Files\Common Files\Control Panels
2010-01-01 11:21:05 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2010-01-01 11:15:54 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2010-01-01 11:15:54 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2010-01-01 11:12:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-01 11:11:56 ----D---- C:\Program Files\Bonjour
2010-01-01 11:10:16 ----D---- C:\Program Files\Adobe
2010-01-01 11:06:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-01-01 10:37:06 ----D---- C:\Program Files\Common Files\Adobe
2010-01-01 10:34:13 ----RD---- C:\Documents and Settings\Admin\Application Data\Brother
2010-01-01 10:33:51 ----A---- C:\WINDOWS\BRWMARK.INI
2010-01-01 10:33:51 ----A---- C:\WINDOWS\BRPP2KA.INI
2010-01-01 10:26:32 ----D---- C:\Documents and Settings\Admin\Application Data\Corel
2010-01-01 10:24:05 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2010-01-01 10:22:42 ----D---- C:\Program Files\Common Files\Corel
2010-01-01 10:15:55 ----A---- C:\WINDOWS\system32\muweb.dll
2010-01-01 10:15:55 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-01-01 10:15:55 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-01-01 09:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
======List of files/folders modified in the last 1 months======
2010-01-31 14:43:24 ----D---- C:\WINDOWS\Prefetch
2010-01-31 14:33:55 ----D---- C:\WINDOWS
2010-01-31 14:32:00 ----A---- C:\WINDOWS\system.ini
2010-01-31 14:31:47 ----D---- C:\WINDOWS\system32
2010-01-31 14:31:22 ----D---- C:\WINDOWS\system32\drivers
2010-01-31 14:31:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-31 14:30:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-26 07:39:52 ----RD---- C:\Program Files
2010-01-25 20:12:57 ----D---- C:\WINDOWS\Temp
2010-01-25 20:12:13 ----HD---- C:\WINDOWS\inf
2010-01-25 20:12:04 ----SHD---- C:\WINDOWS\Installer
2010-01-25 20:11:57 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-25 16:17:39 ----RSD---- C:\WINDOWS\Fonts
2010-01-25 16:03:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-24 15:23:26 ----RSD---- C:\WINDOWS\assembly
2010-01-24 14:37:29 ----D---- C:\WINDOWS\WinSxS
2010-01-24 14:19:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-24 14:12:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-24 14:11:39 ----D---- C:\WINDOWS\security
2010-01-24 14:10:09 ----A---- C:\WINDOWS\imsins.BAK
2010-01-24 14:09:57 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-01-24 14:07:55 ----D---- C:\WINDOWS\system32\config
2010-01-24 14:07:52 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2010-01-24 14:07:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-24 14:07:24 ----D---- C:\WINDOWS\system32\en-us
2010-01-24 14:07:23 ----D---- C:\WINDOWS\system32\wbem
2010-01-24 13:51:18 ----D---- C:\Program Files\MSBuild
2010-01-22 21:45:39 ----D---- C:\WINDOWS\system32\DirectX
2010-01-21 15:59:47 ----D---- C:\Program Files\Internet Explorer
2010-01-21 15:59:27 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-19 14:00:26 ----SD---- C:\WINDOWS\Tasks
2010-01-19 11:08:26 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-17 07:51:01 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-14 19:43:53 ----D---- C:\WINDOWS\system32\Restore
2010-01-14 18:28:16 ----D---- C:\Documents and Settings\Admin\Application Data\Adobe
2010-01-09 21:13:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-09 21:12:53 ----D---- C:\Program Files\Common Files
2010-01-06 09:06:23 ----A---- C:\WINDOWS\setuplog.txt
2010-01-06 09:06:17 ----A---- C:\WINDOWS\system32\wpa.bak
2010-01-06 08:36:40 ----D---- C:\WINDOWS\system32\RTCOM
2010-01-06 08:36:04 ----D---- C:\Program Files\Realtek
2010-01-04 18:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 07:43:31 ----D---- C:\WINDOWS\Media
2010-01-03 16:30:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-03 12:42:23 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-03 09:37:59 ----A---- C:\WINDOWS\win.ini
2010-01-03 09:37:53 ----D---- C:\Program Files\Windows Media Player
2010-01-03 09:37:51 ----D---- C:\WINDOWS\Help
2010-01-03 09:36:45 ----D---- C:\WINDOWS\system32\LogFiles
2010-01-02 06:53:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-02 06:52:42 ----D---- C:\Program Files\Microsoft Works
2010-01-02 06:50:44 ----D---- C:\Program Files\Common Files\System
2010-01-01 17:37:56 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-01 17:37:51 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-01-01 17:37:51 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-01-01 17:20:18 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-01 16:41:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-01 10:42:02 ----D---- C:\WINDOWS\system32\inetsrv
2010-01-01 10:23:48 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-01 09:53:22 ----D---- C:\WINDOWS\Registration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-24 4463104]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-26 4968448]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NPUSB;NPUSB; C:\WINDOWS\system32\drivers\npusb.sys [2004-03-30 133156]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-09-25 115328]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2009-06-10 14080]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [2009-06-10 36992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S3 atimtai;atimtai; C:\WINDOWS\System32\DRIVERS\atimtai.sys [2001-08-17 281600]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 NPUSBRNM;NPUSBRNM; C:\WINDOWS\system32\drivers\npusbrnm.sys [2004-04-13 146628]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH053C;SaiH053C; C:\WINDOWS\system32\DRIVERS\SaiH053C.sys [2007-05-01 132232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-09-11 14984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-24 602112]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-01 66872]
R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 1373480]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-01 675328]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 94208]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 933888]
-----------------EOF-----------------
______________________________________________________
RSIT info.txt reults:
info.txt logfile of random's system information tool 1.06 2010-01-31 14:43:37
======Uninstall list======
-->MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{107254A0-0ADF-11D4-9397-00D0B7020B38}\setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"D:\Program Files\7-Zip\Uninstall.exe"
Add or Remove Adobe Creative Suite 3 Design Standard-->C:\Program Files\Common Files\Adobe\Installers\cc3de31c9bb4dd729259509c74a7512\Setup.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Creative Suite 3 Design Standard-->MsiExec.exe /I{AD14F66C-EEC8-40EA-B5D7-421F524FC333}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{934F5F1F-79EE-48C7-9CAE-7A70586A0D7F}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"G:\Program Files\Audacity\unins000.exe"
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /i{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /I{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}
BlackBerry® Media Sync-->MsiExec.exe /X{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
EN-->MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
HijackThis 2.0.2-->"G:\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Jane's Combat Simulations F/A-18-->C:\WINDOWS\IsUninst.exe -f"H:\Program Files\Jane's Combat Simulations\FA-18\Uninst.isu"
LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MechWarrior 4 Mercenaries-->"G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\UNINSTAL.EXE" /runtemp /addremove
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Python 2.6.4-->MsiExec.exe /I{E7394A0F-3F80-45B1-87FC-ABCD51893246}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Roxio Media Manager-->MsiExec.exe /X{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}
Saitek SD6 Programming Software 6.6.6.9-->MsiExec.exe /X{49480197-4A67-4EAB-AD44-001862FCEEB7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TrackIR-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{356591FC-D6F2-4B97-8A3F-872B56C1065E}\setup.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931}
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VLC media player 1.0.3-->G:\Program Files\VideoLAN\VLC\uninstall.exe
Wacom Tablet-->C:\Program Files\Tablet\Wacom\Remove.exe /u
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2010-01-25]
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2010-01-25]
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 [2010-01-25]
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab [2010-01-25]
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2010-01-25]
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2010-01-25]
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2010-01-25]
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2010-01-25]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [2010-01-25]
======System event log======
Computer Name: ANGEL02
Event Code: 50
Message: {Delayed Write Failed}
Windows was unable to save all the data for the file . The data has been lost.
This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.
Record Number: 1689
Source Name: Fastfat
Time Written: 20100102201604.000000-360
Event Type: warning
User:
Computer Name: ANGEL02
Event Code: 20
Message: Printer Driver Brother MFC-240C USB Printer for Windows NT x86 Version-3 was added or updated. Files:- brio06a.dll, briu06a.dll, BRMF240C.PDD, brio06a.hlp, brmf240c.ini, bril06a.dll, brio06a.dat, briwm06a.ini, brqikmon.exe, brqikmon.hlp, brio06aa.bcm, brio06ab.bcm, brio06ac.bcm, brio06af.bcm, brio06ag.bcm.
Record Number: 1585
Source Name: Print
Time Written: 20100102072351.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ANGEL02
Event Code: 20
Message: Printer Driver Send To Microsoft OneNote Driver for Windows NT x86 Version-3 was added or updated. Files:- msonpdrv.dll, msonpui.dll, msonpui.dll.
Record Number: 1557
Source Name: Print
Time Written: 20100102065404.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ANGEL02
Event Code: 3
Message: Printer Send To OneNote 2007 was deleted.
Record Number: 1556
Source Name: Print
Time Written: 20100102065403.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ANGEL02
Event Code: 4
Message: Printer Send To OneNote 2007 is pending deletion.
Record Number: 1555
Source Name: Print
Time Written: 20100102065401.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: ANGEL02
Event Code: 1020
Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Record Number: 212
Source Name: ASP.NET 1.1.4322.0
Time Written: 20091231163546.000000-360
Event Type: warning
User:
Computer Name: ANGEL02
Event Code: 4440
Message: The CRM log file was originally created on a computer with a different name. It has been updated with the name of the current computer. If this warning appears when the computer name has been changed then no further action is required. KIDSPC
Server Application ID: {02D4B3F1-FD88-11D1-960D-00805FC79235}
Server Application Instance ID:
{D8D100A0-AF82-40C5-84EB-E475F3458FE6}
Server Application Name: System Application
Comsvcs.dll file version: ENU 2001.12.4414.702 shp
Record Number: 208
Source Name: COM+
Time Written: 20091231163535.000000-360
Event Type: warning
User:
Computer Name: ANGEL02
Event Code: 1020
Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Record Number: 185
Source Name: ASP.NET 2.0.50727.0
Time Written: 20091231151432.000000-360
Event Type: warning
User:
Computer Name: KIDSPC
Event Code: 1000
Message: Faulting application setup.exe, version 1.1.0.1, faulting module setup.exe, version 1.1.0.1, fault address 0x0003054b.
Record Number: 134
Source Name: Application Error
Time Written: 20091231143426.000000-360
Event Type: error
User:
Computer Name: KIDSPC
Event Code: 1000
Message: Faulting application setup.exe, version 1.1.0.1, faulting module setup.exe, version 1.1.0.1, fault address 0x0003054b.
Record Number: 123
Source Name: Application Error
Time Written: 20091231140231.000000-360
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Hi,
C:\WINDOWS\system32\wmimgr32.dll <--This file is real nasty, has back door capabilities . Malwarebytes removed it but I still see it present on the RSIT log after you ran Malwarebytes, did you reboot your machine after running Malwarebytes ?????
Please run this free online virus scanner from ESET (http://www.eset.eu/online-scanner)
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic
A_Roldan
2010-01-31, 23:28
I did reboot after I ran Malwarebytes and before I ran RSIT.
I will run that online Virus Scan right now and post the results as soon as it is done.
Thanks.
~Angel
A_Roldan
2010-02-01, 00:50
OK, small problem. The log file from ESET is too large to copy/paste here. What do I do with it?
I received the following error on my repy when I tried to post it:
"The text that you have entered is too long (232173 characters). Please shorten it to 64000 characters long."
The ESET scanner found and cleaned 1637 infected files though. WOW! It took a little over an hour.
Let me know what to do about the log file and thanks for all the help so far. I appreciate it.
Go ahead and break it up , take as many replies as you need
A_Roldan
2010-02-01, 12:38
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=e68a60b1f38e754a8fec3c20a34e520e
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-01-31 11:39:48
# local_time=2010-01-31 05:39:48 (-0600, Central Standard Time)
# country="United States"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=217111
# found=1637
# cleaned=1637
# scan_time=4077
C:\cabs\D00644-001-001\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2064\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2064\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2064\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2064\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2064\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Admin\Local Settings\Application Data\Installer2404\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Adobe\Adobe Help Viewer\1.0\ahv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Adobe\Adobe Help Viewer\1.1\ahv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI\CIM\Bin\InstallManagerApp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI\CIM\Bin\SetACL.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Branding\CCCInstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Branding\CLI.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Branding\MOM.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-PreInstall\atishlx.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-PreInstall\CCCInstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\installShell.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\DXStress.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ATI Technologies\ATI.ACE\MOM-InstallProxy\MOM.InstallProxy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Blender Foundation\Blender\blender.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Blender Foundation\Blender\blenderplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Asset Services CS3\AssetServicesCS3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\database-template\bin\x86\mysqladmin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\database-template\bin\x86\mysqld-nt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\database-template\bin\x86\mysqldump.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\database-template\bin\x86\mysqlimport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\java.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\javacpl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\javaw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\javaws.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\jucheck.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\jusched.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\keytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\kinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\klist.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\ktab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\orbd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\pack200.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\policytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\rmid.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\rmiregistry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\servertool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\tnameserv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\jre\bin\unpack200.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\plugins\com.adobe.versioncue.aum_3.1.0\native\win32\VCUpdateCheck.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Corel\Shared\Writing Tools\13\WT13sptlEN.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriver.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriver2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Microsoft Shared\Office10\MSOICONS.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Microsoft Shared\VBA\VBA6\link.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ERUNT\AUTOBACK.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ERUNT\ERUNT.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\ERUNT\NTREGOPT.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\GameSpy\Comrade\Comrade.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\GameSpy\Comrade\156\Updater.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\InstallShield Installation Information\{107254A0-0ADF-11D4-9397-00D0B7020B38}\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\InstallShield Installation Information\{356591FC-D6F2-4B97-8A3F-872B56C1065E}\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\InstallShield Installation Information\{43801800-CFEE-11D2-A41B-006097B55AD3}\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\InstallShield Installation Information\{5556E378-9A12-4236-9AD7-6F883389DE98}\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Internet Explorer\ExtExport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Lame for Audacity\lame.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Messenger\msmsgs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\msn\msncorefiles\install\msnsusii.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\SkyTel.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\Alcmtr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\AlcWzrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\ChCfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\KB888111xpsp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\MicCal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\RTHDCPL.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\RTLCPL.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\RtlUpd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Realtek\InstallShield\SoundMan.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Research In Motion\BlackBerry Media Sync\BlackBerry Music Sync.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Roxio\Audio Master 9\RXAutoMix9.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Saitek\SD6\Software\ny.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Saitek\SD6\Software\ProfileEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Connect 2\wmccds.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Connect 2\WMCCFG.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\dlimport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmdbexport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmlaunch.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmpenc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmpnetwk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmpnscfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmpshare.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows Media Player\wmsetsdk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows NT\hypertrm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\python.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\pythonw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\w9xpopen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\Lib\distutils\command\wininst-6.0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\Lib\distutils\command\wininst-7.1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\Lib\distutils\command\wininst-8.0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\Lib\distutils\command\wininst-8_d.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Python26\Lib\distutils\command\wininst-9.0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-776561741-1177238915-725345543-1005\Dc1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-776561741-1177238915-725345543-1005\Dc3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-776561741-1177238915-725345543-1005\Dc4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ALCMTR.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ALCWZRD.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\IsUninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\MicCal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\RTLCPL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\RtlUpd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SkyTel.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SOUNDMAN.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\vncutil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB923561\SP3QFE\wordpad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrpamp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\sc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\telnet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\tlntsess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB976325-IE8\SP3QFE\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$hf_mig$\KB978207-IE8\SP3QFE\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\admin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ahui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\alg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\aspnet_regiis.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\aspnet_wp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\asr_fmt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\asr_pfu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\at.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\attrib.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\author.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\autochk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\autoconv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\autofmt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\autolfn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\bootcfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cacls.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cipher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cmd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\comsdupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\conf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\conime.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\cscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\csrss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\davcdata.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\defrag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\diantz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dlimport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\driverquery.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\drvqry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\evcreate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\eventcreate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\eventtriggers.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:38
C:\WINDOWS\$NtServicePackUninstall$\evtrig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\explorer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\faxpatch.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\findstr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fontview.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fpsrvadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ftp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\getmac.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\gpresult.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\gprslt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\help.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\hh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\iedw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\iisrstas.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\imapi.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\inetin51.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\irftp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\locator.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\logman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\logon.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\logonui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\lsass.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\magnify.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\makecab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\migload.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\migrate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mmc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mqbkup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mqsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mqtgsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mshta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msimn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\mtstocom.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\muisetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\narrator.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\net.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\net1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\netdde.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\netfxupdate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\netsh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\netstat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\notepad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntbackup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntkrnlmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntkrpamp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\openfiles.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\opnfiles.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\oschoice.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\osk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\osloader.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\packager.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\pinball.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ping.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\progman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\proquota.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rcp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\reg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rsh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rsnotify.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\runonce.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\savedump.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\schtasks.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sctasks.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\secedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\services.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sethc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\setregni.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\setup50.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\setup_wm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\shtml.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\skeys.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\slrundll.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\slserv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\smss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\snmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sort.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spdwnwxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spider.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spiisupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\spupdwxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\stimon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sysinfo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\systeminfo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\taskkill.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tasklist.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\telnet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tlntadmn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tlntsess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tlntsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\togac.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tp4mon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tracerpt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\tracert.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\unregmp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\ups.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\utilman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wextract.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\winver.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wmic.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wmplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB923561$\wordpad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB926139-v2$\PSCustomSetupUtil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB926139-v2$\PSSetupNativeUtils.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB951978$\cscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB951978$\wscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB956572$\sc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB956572$\services.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB960859$\telnet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB960859$\tlntsess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB971486$\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallKB976098-v2$\tzchange.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:39
C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3615.38680__90ba9c70f846762e\LOG.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Downloaded Program Files\dwusplay.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ie8\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ie8\iexplore.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ie8\mshta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ie8updates\KB976325-IE8\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ie8updates\KB978207-IE8\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\BBMediaSyncUninstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{32A72502-BC2C-4C39-ACEA-BC3D463F0697}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{49480197-4A67-4EAB-AD44-001862FCEEB7}\ProfileEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{49480197-4A67-4EAB-AD44-001862FCEEB7}\Profiler.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut90.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut900.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9000.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9001.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut901.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut902.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut903_CC5820041A9C446BB9018F9ECF582DD1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut91.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut910.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9100.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9101.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut911.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut912.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut913_CC5820041A9C446BB9018F9ECF582DD1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut92_CC5820041A9C446BB9018F9ECF582DD1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut93_CC5820041A9C446BB9018F9ECF582DD1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9_1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\Comrade.exe_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut7_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut8_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}\RoxioCentral.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut5.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut8.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\ARPPRODUCTICON.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{E7394A0F-3F80-45B1-87FC-ABCD51893246}\python_icon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}\DesktopMgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\network diagnostic\xpnetdiag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\accwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\admin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ahui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\alg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\aspnet_state.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\aspnet_wp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\at.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\atmadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\attrib.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\auditusr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\author.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\autochk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\autoconv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\autofmt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\autolfn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\blastcln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\bootcfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cacls.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\caspol.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cipher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cisvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cmd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cmstp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\comrepl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\comrereg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\conf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\conime.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\csc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\cscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\csrss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\davcdata.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\defrag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\diantz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\diskpart.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dlimport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dllhost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dmremote.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\drvqry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dumprep.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dwwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\evcreate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\evntwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\evtrig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\explorer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\extrac32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\findstr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fltmc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fontview.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\forcedos.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fpcount.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ftp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\fxscover.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\getmac.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\gprslt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\grpconv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\help.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\helpctr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\hh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\hscupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\iedw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\iexpress.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\iisrstas.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ilasm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\imapi.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\inetin51.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\installutil.exe Win32/Sality.NAE.gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ipv6.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\irftp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\jsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\locator.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\logman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\logon.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\logonui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lsass.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\magnify.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\makecab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migload.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migrate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migregdb.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migwiza.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\migwiz_a.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mobsync.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\moviemk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mplay32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mplayer2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mqbkup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mqsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msdtc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mshta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msiexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msimn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\msoobe.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mspaint.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mstinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mstsc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\muisetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\napstat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\narrator.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\net.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\net1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\netdde.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\netsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\netsh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\netstat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ngen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\notepad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\nppagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\nslookup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ntbackup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ntkrnlmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:40
C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ntkrpamp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\oemig50.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\opnfiles.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\oschoice.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\osk.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\osloader.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\packager.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\perfmon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\pinball.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ping.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\powercfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\progman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\proquota.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\qprocess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rasphone.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rcp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rdshost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\reg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\regasm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\regedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rsh.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rstrui.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\rundll32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\runonce.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\savedump.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\scrcons.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sctasks.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\secedit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\services.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sethc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\setup50.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\setupn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\setup_wm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\shtml.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\shutdown.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sigverif.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\skeys.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\slrundll.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\slserv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\smbinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\smss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\snmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sort.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spider.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sspipes.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ssstars.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\stimon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\svchost.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\taskkill.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tasklist.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tcptest.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\telnet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tlntadmn.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tlntsess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tracerpt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tracert.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tscupgrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\tzchange.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\unregmp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\uploadm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\ups.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\userinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\utilman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\vbc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\verclsid.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\vssvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wabmig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wextract.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\winver.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wmic.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wmplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wordpad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wscript.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\xcopy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\2fb654de6ecfe5a35a556d5a5c387a87\pintool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\73e29923811a3a72ca5380ec0acd4745\SP3GDR\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\73e29923811a3a72ca5380ec0acd4745\SP3QFE\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\91fdb2bb23ba8edd195d7bed698912e5\SP3GDR\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\91fdb2bb23ba8edd195d7bed698912e5\SP3QFE\ie4uinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2gdr\mqbkup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2gdr\mqsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2gdr\mqtgsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2qfe\mqbkup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2qfe\mqsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\a855eed5ad28db3548ad40195130e787\sp2qfe\mqtgsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c1ad4c0b03377fd9fe896d0341be831a\powershell.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c1ad4c0b03377fd9fe896d0341be831a\PSCustomSetupUtil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c1ad4c0b03377fd9fe896d0341be831a\PSSetupNativeUtils.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c1ad4c0b03377fd9fe896d0341be831a\update\PSCustomSetupUtil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c1ad4c0b03377fd9fe896d0341be831a\update\PSSetupNativeUtils.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\mceur2\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm10\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm10l\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm10mix\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm11\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm9\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\SoftwareDistribution\Download\c3956d36f53e113fd98ce9c30d597580\wm9l\logagent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\wmimgr32.dll Win32/Sality.NAF virus (deleted (after the next restart) - quarantined) 00000000000000000000000000000000 C
D:\Documents and Settings\Angel Roldan.ARTWURK-PB451RC\Application Data\Microsoft\Installer\{738CA2C0-BE31-4681-87C7-4D3AC9963EC8}\_7475D59D448C_4758_B246_BA5CC039D0A0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054152.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\Crysis\instmsi30.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\Crysis\punkbustersvc\pbsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\Crysis\vc80_redist\vcredist_x64.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\Crysis\vc80_redist\vcredist_x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
D:\FOUND.010\FILE0000.CHK Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\C_DILLA\setup\cdremove.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00010\gemmeta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00015\gemmeta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00031\gemmeta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00035\gemmeta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00499\dmiextractor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00499\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01185\google_pref.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01980\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App02237\powman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App03011\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App03621\bigfixinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App03621\setprotect.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App03621\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App03621\_isdel.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04153\zprocess.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\autorun.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\copymar.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\fontinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\mnybb.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\mnybbsvc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\mnyimprt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\mnyinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\msmoney.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\salv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\signin.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\uninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04782\money\update.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App05551\recovery-m-creator.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App06745\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App06745\emver\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App06745\oeminfo\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App08758\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App10402\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App10894\googlebae.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App10894\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App12072\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App14093\marker.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App14417\p2go.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App14417\olrsubmission\olrsubmission.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App14562\shipxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App15241\deletebundle.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17014\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17014\support_reg_em_us.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App18467\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20155\aspnet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20164\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20398\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20460\imgvemver1.6.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App21287\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App21837\usbbiosx.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\chcfg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\rtlupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\setcdfmt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\mshdqfe\win2k3\us\kb888111srvrtm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\mshdqfe\win2k_xp\us\kb888111w2ksp4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\mshdqfe\win2k_xp\us\kb888111xpsp1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\mshdqfe\win2k_xp\us\kb888111xpsp2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\alcmtr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\alcwzrd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\miccal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\rthdcpl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\rtlcpl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\rtlupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22209\wdm\soundman.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23093\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23330\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App24081\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App24081\oobe_logo_em.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App25291\create drv-apps cd update.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:40
E:\i386\Apps\App25764\embrand.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26413\napster-trial.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26413\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28581\mcafee_fw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28581\mcdat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28581\mcdatupd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28709\startmenu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30984\support4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31066\mcafeeboot.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31327\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31327\p2go\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31327\pdvd\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31327\pstarter\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31528\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App32136\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App00023\gemmeta.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\autorun.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\common\msshared\equation\eqnedt32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\common\msshared\wkshared\wkcalrem.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\common\msshared\wkshared\wkscal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\msworks.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkdstore.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkgdcach.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wklnckml.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkplmstp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wksab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wksdb.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wksdict.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkssb.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wksss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkswp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pfiles\msworks\wkwcestp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pss\j4sp8w2k.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pss\j4sp8wxp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pss\wks8rm9x.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01607\pss\wks8xp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App01741\user_guide_8511279.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04039\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04039\windowsxp-kb892130-enu-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App04039\windowsxp-kb910728-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App06902\kb912919.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App10019\oobe eula text eng us 3402777.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App11069\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App11069\windowsxp-kb901214-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App11069\windowsxp-kb903235-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\coach\aolcinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\flash\flashax.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\rp\realpl8.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\rp\real_upd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\rp\rp9codec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App17981\comps\vwpt\vpprepop.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19824\windowsxp-kb908519-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19824\windowsxp-kb912919-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsmedia9-kb885492-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb833987-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb834707-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb867282-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb873333-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb873339-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb885250-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb885835-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb885836-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb888113-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb888239-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb888302-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb890047-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb890175-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App19917\windowsxp-kb891781-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20068\windowsxp-kb904706-v2-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20068\windowsxp-kb905915-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App20068\windowsxp-kb910437-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsinstaller-kb893803-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsxp-kb890859-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsxp-kb890923-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsxp-kb892944-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsxp-kb893066-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App22396\windowsxp-kb893086-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\dise2006-gtwid.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\launcher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pisetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\common\msshared\pi\rmvsuite.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pi\imprtwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pi\pi.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pi\pip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pod\common\msshared\pi\rmvsuite.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pod\pi\imprtwiz.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pod\pi\pixpscor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pod\pi\pixpstry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\pod\pi\pod.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\redist\ie6\ie6setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App23742\windows\twunk_32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App24078\aolfix.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App25433\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26163\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\oe6.0sp1-kb897715-windows-2000-xp-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\stepbystepinteractivetraining-kb898458-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsinstaller-kb893803-v2-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb883939-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb890046-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb893066-v2-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb896344-v2-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb896358-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb896422-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb896426-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26435\windowsxp-kb896428-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App26841\oobeconfig.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb896688-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb899589-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb900725-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb901017-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb902400-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb904706-dx9-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb905414-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb905749-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App27672\windowsxp-kb906569-v2-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28844\windowsxp-kb896256-v3-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App28844\windowsxp-kb896424-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30227\60 day trial - office 2003.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb893357-v2-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb893756-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb894391-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb895953-v4-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb896727-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb899587-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb899588-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30560\windowsxp-kb899591-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\mcappins.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\mpf\mcappins.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\mpf\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\msk\mcappins.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\msk\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\vs\mcappins.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App30921\vs\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\qinstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\windowsmedia-kb911564-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\windowsmedia10-kb911565-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\windowsxp-kb901190-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\windowsxp-kb911927-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\Apps\App31262\windowsxp-kb913446-x86-enu.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\i386\DRV\MOD\hxfsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\options\deleterp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\options\devlog.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\options\drvinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\options\oemreset.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\sminst\install_app.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\updgoi\temp\asexec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054160.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054166.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054167.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054168.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054169.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054170.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054172.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054173.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054174.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054176.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054177.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054178.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054179.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054180.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054181.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054182.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054183.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054184.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054185.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054186.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054187.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054188.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054189.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054190.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054191.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054192.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054193.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054194.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054195.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054197.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054198.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054199.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054200.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054201.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054202.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054204.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054205.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054206.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054208.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054210.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054211.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054214.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054216.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054217.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054219.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054220.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054222.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054223.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054224.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054225.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054226.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054227.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054228.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054229.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054230.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054231.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054233.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054234.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054235.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054236.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054237.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054238.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054239.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054240.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054241.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054242.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054243.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054244.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054245.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054246.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054248.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054250.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054252.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054253.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054255.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054257.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054258.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054260.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054261.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054263.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054264.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054265.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054267.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054268.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054269.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054270.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054272.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054273.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054274.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054275.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054276.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054277.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054280.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054281.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054282.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:41
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054283.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054284.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054285.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054286.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054287.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054288.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054289.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054290.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054291.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054292.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054293.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054294.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054295.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054296.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054297.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054298.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054299.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054300.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054301.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054302.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054303.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054304.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054317.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054318.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054327.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054328.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054329.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054333.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054335.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054336.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054337.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054338.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054339.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054340.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054342.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054343.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054344.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054345.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054346.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054347.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054348.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054350.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054351.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054352.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054353.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054354.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054355.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054356.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054357.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054358.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054360.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054361.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054362.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054364.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054365.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054366.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054368.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054369.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054370.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054371.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054373.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054374.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054375.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054376.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054377.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054379.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054380.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054381.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054382.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054383.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054384.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054385.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054386.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054387.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054388.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054389.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054390.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054391.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054392.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054393.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054394.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054395.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054396.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054397.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054398.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054399.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054400.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054401.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054402.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054403.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054404.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054406.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054407.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054408.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054409.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054410.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054411.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054412.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054413.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054416.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054417.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054418.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054419.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054420.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054421.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054422.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054424.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054425.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054426.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054427.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054428.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054429.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054430.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054431.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054433.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054434.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054435.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054436.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054437.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054438.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054439.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054440.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054442.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054443.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054444.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054445.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054446.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054448.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
E:\System Volume Information\_restore{F308C598-FB69-4249-AEAE-73ABAA51CCE4}\RP97\A0054449.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\ARTWURK\MarioForever.exe Win32/Pinit.W worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\ARTWURK\Artwurk\setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\ARTWURK\Artwurk\Application Files\ConversionChartInches_1_0_0_4\ConversionChartInches.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\ARTWURK\Artwurk\Application Files\ConversionChartInches_1_0_0_5\ConversionChartInches.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\mercpr1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\siw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Swf2Avi_Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\WPApply.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Assault_Tech_MEKTEK\SetupMTX1.0.0.9.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Blackberry\501_b049_english\WindowsInstaller-KB893803-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Blackberry\501_b049_english\_setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Blackberry\501_b049_english\SR_MM\INSNTMSI.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\MWLL\TripleCPackV1.31\Triple_C_PackV1.31--Installer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\MWLL\TripleCPackV1.31\Triple_C_PackV1.31--UNInstaller.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Data\Disk1\Brolink\Brolink0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Data\Disk1\Diagnosis\BrCollect.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Bul\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\CanFre\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Chn\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Cze\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Dan\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Dut\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Eng\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Fin\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Fre\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Ger\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Hun\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Ita\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Nor\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Pol\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Por\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Rom\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Rus\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Spa\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Swe\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\Printer\Setup240C\Usa\Setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Downloads\WinFlash\WinFlash.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\gs\uninstgs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\gs\gs7.04\bin\gswin32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\gs\gs7.04\bin\gswin32c.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\MechWarrior3\Copy of Mech3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\MechWarrior3\mech3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\Worms Armageddon\HSBRCiv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\Worms Armageddon\Landgen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\Worms Armageddon\WA.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\MicroProse\Worms Armageddon\User\BankEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\7-Zip\7z.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\7-Zip\7zFM.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\7-Zip\7zG.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\HELP.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\MW2Win.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\realMW2Win.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\register.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\runmw2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\help\HELP.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\uninstall\slaunch.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Activision\Mechwarrior 2 Titanium\uninstall\Uninstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Adobe\Acrobat 8.0\PDFMaker\AutoCAD\PDFMAec.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Adobe\Acrobat 8.0\Setup Files\{AC76BA86-1033-0000-7760-000000000003}\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Adobe\Adobe Photoshop CS3\Required\Droplet Template.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Adobe Type Manager\atmfm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Armagetron Advanced\armagetronad.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Audacity\audacity.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Auslogics\Auslogics Disk Defrag\cdefrag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Auslogics\Auslogics Disk Defrag\diskdefrag.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\3dsmax.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\3dsmaxcmd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\AdSubAware.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\MaxFind.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\maxunzip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\maxzip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\notify.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\senddmp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\mentalray\imf_copy.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\mentalray\imf_diff.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\mentalray\imf_disp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\stdplugs\Cube2QTVR.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Autodesk\3ds Max Design 2010\stdplugs\ShineExp\ra_tiff.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\BitTorrent\bittorrent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\BitTorrent\choose_language.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\BitTorrent\maketorrent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\BitTorrent\w9xpopen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\AddrBook.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\BrCollect.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\BrDmSfhc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Brinstck.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\BrScUtil.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\BrStDvPt.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\BrWiEvRg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\PCfxDial.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\PCfxSet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\rms2csv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Brolink\Brolink0.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\BrmfBAgP.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\BrmfBAgS.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\BrmfRsmg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\brqikmon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\2000\BrmfBAgP.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\2000\BrmfBAgS.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\2000\BrmfRmPA.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Brother\Brmfl06a\Para_USB\2000\BrmfRsmg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\CDBurnerXP\cdbxpp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Corel\CorelDRAW Graphics Suite 13\FontNav\FontNav.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Curious Labs\Poser 5\poser.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DivX\DivX Codec\config.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DivX\DivX Codec\DivXsm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DivX\DivX Converter\DivX Converter.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DivX\DivX Player\DivX Player.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Download Manager\RptCrash.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DVD Decrypter\DVDDecrypter.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\DVD Shrink\DVD Shrink 3.2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\DSLauncher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa_server.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa_setup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\patch_backup\DSLauncher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\patch_backup\mohpa_server.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\support\EasyInfo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:41
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\support\EReg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\support\Medal of Honor Pacific Assaulttm_uninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Fiesta Download Manager\f-manager.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\FileZilla\FileZilla.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\FileZilla\FzSFtp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\GameSpy Arcade\Aphex.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\GameSpy Arcade\fpupdate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\GameSpy Arcade\GSAPak.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\GameSpy Arcade\RptCrash.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\GameSpy Arcade\UNWISE.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\ImTOO\FLV Converter\avc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\ImTOO\FLV Converter\Update.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\ImTOO\FLV Converter\vc5.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\ImTOO\FLV Converter\XCrashReport.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Install Creator\ic.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Install Creator\Uninstal.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\java.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\jpicpl32.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\jucheck.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\keytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\kinit.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\klist.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\ktab.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\orbd.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\policytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\rmid.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\rmiregistry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\servertool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\bin\tnameserv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Java\j2re1.4.2_04\javaws\javaws.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Lead Pursuit\Battlefield Operations\bfopsupdate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Lead Pursuit\Battlefield Operations\ctdupl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Lead Pursuit\Battlefield Operations\FalconAF.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\LEGO Company\LEGO Digital Designer\LDD.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\java.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\javac.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\javaw.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\keytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\policytool.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\rmid.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\rmiregistry.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Dreamweaver MX 2004\JVM\bin\tnameserv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Extension Manager\Extension Manager.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Extension Manager\Replace.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Fireworks MX 2004\Fireworks.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Flash.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\SAFlashPlayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\Debug\Install Flash Player 7 AX.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\Debug\SAFlashPlayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\Release\Install Flash Player 7 AX.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\Release\SAFlashPlayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\Flash MX 2004\Players\Release\FlashLite1.0\SAFlashLite.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\FreeHand MXa\FreeHand MX.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Macromedia\FreeHand MXa\Macromedia Flash Player 6.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\MekTek\Assault Tech1 BattleTech\AT1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\crashreporter.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\updater.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xpcshell.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xpidl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xpt_dump.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xpt_link.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xulrunner-stub.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\mektek.net\MTX\xulrunner\xulrunner.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\autoconfig_MERCS.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\cabarc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\clokspl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\md5sum.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\MW4EdMP3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\MW4Mercs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\NFMEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\UNINSTAL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Microsoft Games\Mechwarrior Mercenaries\Mw4\mw4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Naturalpoint\TrackIR\NaturalPoint.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Naturalpoint\TrackIR\regperm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Naturalpoint\TrackIR\w2kdrinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\cmdwrap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlmaint.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlstbss.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\Studio 10\UNWISE.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\Studio 10\Patch_Backup\studio.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\Studio 12\Bin\amcap.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\Studio 12\Plugins\Export\ffmpeg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Pinnacle\Studio 12\Programs\PinnacleWebPublisher.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\QuickPar\QuickPar.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\QuickPar\uninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Real Alternative\Update_OB\upgrdhlp.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Lotus Notes5.0\ODSViewer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\RWCursorEditor\RWCursorEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Seven-G\Demo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Seven-G\data\fx\fxc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Seven-G\data\gudata\GDATAEDITOR.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Seven-G\data\gudata\GDATAEDITOR5weapon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\Seven-G\data\gudata\RADAR_para_editor_mfc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\SMPlayer\dxlist.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\SMPlayer\smplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\SMPlayer\mplayer\mplayer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\tamasoftware\pepakura3en\designer\extlink_designer_en.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\tamasoftware\pepakura3en\designer\pepakura3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\tamasoftware\pepakura3en\designer\unzip\unzip.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\tamasoftware\pepakura3en\viewer\extlink_viewer_en.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\tamasoftware\pepakura3en\viewer\pepakura_viewer3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\WinFF\ffmpeg.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\WinFF\ffplay.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\Program Files\WinFF\winff.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\ProVenture\Invoices\EasyInv.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
G:\RECYCLER\S-1-5-21-1993962763-1957994488-1801674531-1003\De277\setupdrvdemo.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\BitTorrent\bittorrent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\BitTorrent\choose_language.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\BitTorrent\maketorrent.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\BitTorrent\w9xpopen.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Electronic Arts\Crytek\Crysis\Mods\mwll\Joystick.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Infogrames Interactive\Scrabble Complete\ScrabbleComplete.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\CLOKSPL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\f18.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\JAUTO.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MakeCat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\WorldSwapper.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\EaHelp\IP.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\Ereg\EREGIP.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\Ereg\IP.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\CLOKSPL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\f18.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\MakeCat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\WorldSwapper.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\NCape\CLOKSPL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\NCape\F18.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\MODS\TSH v4.02\NCape\MakeCat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\Ncape\CLOKSPL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\Ncape\F18.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Jane's Combat Simulations\FA-18\Ncape\MakeCat.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Lead Pursuit\Battlefield Operations\bfopsupdate.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Lead Pursuit\Battlefield Operations\ctdupl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Lead Pursuit\Battlefield Operations\FalconAF.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Lead Pursuit\Battlefield Operations\REMOVE_ZERKPIT.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Logitech\Profiler\LWEMon.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\autoconfig_MERCS.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\cabarc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\clokspl.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\md5sum.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\MW4EdMP3.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\MW4Mercs.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\NFMEditor.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\UNINSTAL.EXE Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Microsoft Games\Mechwarrior Mercenaries\mw4\mw4.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Naturalpoint\TrackIR\NaturalPoint.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Naturalpoint\TrackIR\regperm.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\Naturalpoint\TrackIR\w2kdrinst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\TSH Hi-Res\Installer.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\TSH Hi-Res\TEAM SUPER HORNET\HiRes-Wideview\F18.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\TSH Hi-Res\TEAM SUPER HORNET\New Higher Resolutions\F18.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Program Files\TSH Hi-Res\TEAM SUPER HORNET\Wideview\F18.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\RECYCLER\S-1-5-21-776561741-1177238915-725345543-1005\Dh1.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\RECYCLER\S-1-5-21-776561741-1177238915-725345543-1005\Dh2.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\AviSynth2\uninst.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\BeSweet\BeSweet.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\DivFix\DivFix.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\DVD2AVI\DVD2AVI.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\GSpot\GSpot.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\GSpot\Uninstall.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\headac3he\HeadAC3he.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\PVAS\cmdshell\cPVAS.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\PVAS\gui\PVAStrumento.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\TMPGEnc-2.525.64.184-EN-Free\TMPGEnc.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\Virtualdub\auxsetup.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
H:\Tools\Virtualdub\VirtualDub.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
I:\Program Files\7-Zip\7z.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
I:\Program Files\7-Zip\7zFM.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
I:\Program Files\7-Zip\7zG.exe Win32/Sality.NAE virus (cleaned - quarantined) 00000000000000000000000000000000 C
A_Roldan
2010-02-01, 12:42
OK. That's all of it.
Thanks.
~Angel
Good Morning Angel,
I am afraid I have some bad news for you, your infected with an uncleanable virus named Sality This virus is a file infecter that infects all .exe and most other files. If you look through the ESET scan report you will see all or most of your programs are infected as well as all the windows files in the there back up folders.
C:\WINDOWS\system32\wmimgr32.dll <--This was the tip off but I wanted to be 100% sure so I had you run ESET
You can read this about Virut , Sality is the same type of file infecter.
See miekiemoes' blog for similar comments here:
http://miekiemoes.blogspot.com/2009/02/vir...s-throwing.html (http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html)
This virus like I said is uncleanable, your only option is to do a complete reformat of your hard drive ( I mean even deleting the partition that the operating system resides on ) create a new partition and do a clean install of windows. These infections are ever changing, so at this point I am really not sure if any of your documents or pictures are infected as well.
Angel, a complete format is needed, if you use your windows disk to do a repair the infection will still be there.
If you need help with a reformat and reinstall of windows please let me know and I can link you to a windows forum that can help you.
A_Roldan
2010-02-01, 14:00
Ken,
OK, thanks for all of your help with this issue.
I will do a clean install in the next day or two. The down time is not a big deal as I have a laptop I can work from.
I will delete the partition the OS is on, reformat the drive, create a new partition and do a clean install of Windows. The only thing on that drive is the operating system. Do I need to worry about the other HDDs? What about the files on those drives? Will they cause WinXP to be infected again once it needs to reference or use any of those files?
Thanks again for all the help. I do appreciate it.
~Angel
Hi Angel,
I am looking at E and G being infected also.
A_Roldan
2010-02-01, 14:34
Alright, that stuff is mostly storage or software from an old PC. I'll move it to a removeable storage drive to keep it seperated (in case there is something I'll need in there) and reformat those drives as well. I'll reinstall the software I need one at a time as I need it.
Any file with an .exe or .scr will be infected, not sure of anything else
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.