[Jasmyne]

sorry for freaking out.

i just restarted the laptop and everything's working fine. thank you very much.

It's okay, it happens I'm just glad Essexboy was online when I wasn't to assist you.

Let me know if the task manager and regedit are back after this.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr"=DWORD:0
"DisableRegistryTools"=DWORD:0

Reglock::
[HKEY_USERS\S-1-5-21-2721090859-871738980-3643490546-1003_Classes\CLSID\{692c578d-c51f-45e5-b9e0-cb5fc24c44e9}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000090
"Therad"=dword:0000000f
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
[HKEY_USERS\S-1-5-21-2721090859-871738980-3643490546-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):78,3f,1c,49,4f,36,ac,bf,23,be,a6,52,43,a4,b0,ed,cf,c4,3e,9a,3a,
   ef,07,4e,a6,c1,7d,ea,dd,7e,5b,d5,fc,fe,6f,ee,1e,23,c4,3d,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[Advertisements]

the task manager and regedit are back. thank you.

here is the new log


ComboFix 13-06-03.06 - phani 04-06-2013 20:11:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.91.1033.18.3070.1229 [GMT 5.5:30]
Running from: c:\users\phani\Desktop\ComboFix.exe
Command switches used :: c:\users\phani\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
F:\autorun.inf
F:\fmkw.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-04 to 2013-06-04 )))))))))))))))))))))))))))))))
.
.
2013-06-04 14:48 . 2013-06-04 14:53 -------- d-----w- c:\users\phani\AppData\Local\temp
2013-06-04 14:48 . 2013-06-04 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-04 10:05 . 2013-05-13 20:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDA47BDB-0686-4EE9-82EC-E578CAB9D300}\mpengine.dll
2013-06-03 13:59 . 2013-06-04 03:27 -------- d-----w- c:\programdata\MCShield
2013-06-03 13:59 . 2013-06-03 13:59 -------- d-----w- c:\program files\MCShield
2013-06-03 04:45 . 2013-06-03 04:45 -------- d-----w- C:\_OTL
2013-06-02 07:30 . 2013-06-02 07:30 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2013-05-31 07:51 . 2013-05-31 07:51 -------- d-----w- c:\program files\Dropbox
2013-05-31 07:50 . 2013-06-02 08:43 -------- d-----w- c:\users\phani\AppData\Roaming\Dropbox
2013-05-31 04:40 . 2013-05-31 04:40 -------- d-----w- c:\users\phani\AppData\Local\Scrivener
2013-05-31 04:39 . 2013-06-02 16:17 -------- d-----w- c:\program files\Scrivener
2013-05-30 09:49 . 2013-05-30 09:49 -------- d-----w- c:\programdata\StarApp
2013-05-26 08:12 . 2013-05-26 08:12 323856 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-25 17:01 . 2013-05-25 17:11 -------- d-----w- c:\program files\Google
2013-05-25 16:39 . 2013-05-25 16:39 -------- d-----w- c:\users\phani\AppData\Local\4kdownload.com
2013-05-25 15:46 . 2013-05-25 15:46 -------- d-----w- c:\program files\4KDownload
2013-05-25 13:28 . 2013-06-01 04:02 -------- d-----w- c:\users\phani\workspace
2013-05-25 12:36 . 2013-06-03 11:37 -------- d-----w- c:\users\phani\AppData\Roaming\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----w- c:\program files\Common Files\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----r- c:\program files\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----w- c:\programdata\Skype
2013-05-24 05:58 . 2013-05-24 05:58 -------- d-----w- c:\programdata\Western Digital
2013-05-24 05:47 . 2013-05-24 07:40 -------- d-----w- c:\users\phani\AppData\Roaming\Dev-Cpp
2013-05-24 05:46 . 2013-06-02 16:22 -------- d-----w- C:\Dev-Cpp
2013-05-22 04:12 . 2013-05-22 04:12 -------- d-----w- c:\users\phani\AppData\Roaming\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 20:36 . 2010-07-19 21:32 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"MCShield Monitor"="c:\program files\MCShield\mcshieldrtm.exe" [2013-04-04 607744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-11 159744]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-02 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
.
c:\users\phani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2010-5-20 42168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-6 727592]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 12:04 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-25 17:11 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 17:01]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 17:01]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_in&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files\Internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\idmmbc.dll
TCP: DhcpNameServer = 123.176.37.38 123.176.37.36
FF - ProfilePath - c:\users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.university-world.com/Europe-Universities.html
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - localhost
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 1080
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: IDM CC: [email protected] - c:\users\phani\AppData\Roaming\IDM\idmmzcc3
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Facebook PhotoZoom: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} - %profile%\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>[email protected]: [email protected] - %profile%\extensions\[email protected]
FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-04 20:23
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\sys_drv.dat 7028 bytes
c:\windows\system32\sys_drv_2.dat 6024 bytes
c:\windows\system32\WinFLdrv.sys 10752 bytes executable
.
scan completed successfully
hidden files: 3
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(3724)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\wermgr.exe
.
**************************************************************************
.
Completion time: 2013-06-04 20:28:40 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-04 14:58
ComboFix2.txt 2013-06-03 17:28
.
Pre-Run: 161,383,542,784 bytes free
Post-Run: 161,954,394,112 bytes free
.
- - End Of File - - 8A0937A52389B46B8EC1B452B80D5BCA

[tekkanphan]

the task manager and regedit are back. thank you.

here is the new log


ComboFix 13-06-03.06 - phani 04-06-2013 20:11:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.91.1033.18.3070.1229 [GMT 5.5:30]
Running from: c:\users\phani\Desktop\ComboFix.exe
Command switches used :: c:\users\phani\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
F:\autorun.inf
F:\fmkw.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-04 to 2013-06-04 )))))))))))))))))))))))))))))))
.
.
2013-06-04 14:48 . 2013-06-04 14:53 -------- d-----w- c:\users\phani\AppData\Local\temp
2013-06-04 14:48 . 2013-06-04 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-04 10:05 . 2013-05-13 20:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDA47BDB-0686-4EE9-82EC-E578CAB9D300}\mpengine.dll
2013-06-03 13:59 . 2013-06-04 03:27 -------- d-----w- c:\programdata\MCShield
2013-06-03 13:59 . 2013-06-03 13:59 -------- d-----w- c:\program files\MCShield
2013-06-03 04:45 . 2013-06-03 04:45 -------- d-----w- C:\_OTL
2013-06-02 07:30 . 2013-06-02 07:30 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2013-05-31 07:51 . 2013-05-31 07:51 -------- d-----w- c:\program files\Dropbox
2013-05-31 07:50 . 2013-06-02 08:43 -------- d-----w- c:\users\phani\AppData\Roaming\Dropbox
2013-05-31 04:40 . 2013-05-31 04:40 -------- d-----w- c:\users\phani\AppData\Local\Scrivener
2013-05-31 04:39 . 2013-06-02 16:17 -------- d-----w- c:\program files\Scrivener
2013-05-30 09:49 . 2013-05-30 09:49 -------- d-----w- c:\programdata\StarApp
2013-05-26 08:12 . 2013-05-26 08:12 323856 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-25 17:01 . 2013-05-25 17:11 -------- d-----w- c:\program files\Google
2013-05-25 16:39 . 2013-05-25 16:39 -------- d-----w- c:\users\phani\AppData\Local\4kdownload.com
2013-05-25 15:46 . 2013-05-25 15:46 -------- d-----w- c:\program files\4KDownload
2013-05-25 13:28 . 2013-06-01 04:02 -------- d-----w- c:\users\phani\workspace
2013-05-25 12:36 . 2013-06-03 11:37 -------- d-----w- c:\users\phani\AppData\Roaming\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----w- c:\program files\Common Files\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----r- c:\program files\Skype
2013-05-25 12:36 . 2013-05-25 12:36 -------- d-----w- c:\programdata\Skype
2013-05-24 05:58 . 2013-05-24 05:58 -------- d-----w- c:\programdata\Western Digital
2013-05-24 05:47 . 2013-05-24 07:40 -------- d-----w- c:\users\phani\AppData\Roaming\Dev-Cpp
2013-05-24 05:46 . 2013-06-02 16:22 -------- d-----w- C:\Dev-Cpp
2013-05-22 04:12 . 2013-05-22 04:12 -------- d-----w- c:\users\phani\AppData\Roaming\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 20:36 . 2010-07-19 21:32 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"MCShield Monitor"="c:\program files\MCShield\mcshieldrtm.exe" [2013-04-04 607744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-11 159744]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-02 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
.
c:\users\phani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2010-5-20 42168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-6 727592]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 12:04 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-25 17:11 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 17:01]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 17:01]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_in&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files\Internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\idmmbc.dll
TCP: DhcpNameServer = 123.176.37.38 123.176.37.36
FF - ProfilePath - c:\users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.university-world.com/Europe-Universities.html
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - localhost
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 1080
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: IDM CC: [email protected] - c:\users\phani\AppData\Roaming\IDM\idmmzcc3
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Facebook PhotoZoom: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} - %profile%\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>[email protected]: [email protected] - %profile%\extensions\[email protected]
FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-04 20:23
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\sys_drv.dat 7028 bytes
c:\windows\system32\sys_drv_2.dat 6024 bytes
c:\windows\system32\WinFLdrv.sys 10752 bytes executable
.
scan completed successfully
hidden files: 3
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(3724)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\wermgr.exe
.
**************************************************************************
.
Completion time: 2013-06-04 20:28:40 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-04 14:58
ComboFix2.txt 2013-06-03 17:28
.
Pre-Run: 161,383,542,784 bytes free
Post-Run: 161,954,394,112 bytes free
.
- - End Of File - - 8A0937A52389B46B8EC1B452B80D5BCA

[Jasmyne]

That reset your registry entries and appears to have killed the rest of the infection, but lets make sure before I clean up my tools.

Step 1 - MalwareBytes Scan

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2 - ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here

• Please go here then click on:
  
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

• All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan

Step 3 - Security Check

Download Security Check from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. MalwareBytes Log
2. ESET Online Scan Log
3. Security Check Log (checkup.txt)
4. How is your computer running?

[tekkanphan]

eset online scan is stuck at 99% should i continue or stop the scan .the scan has been going on for 5 hours

[Jasmyne]

Please allow it to continue. The online scans can be quite lengthy depending on the amount of information on your computer.

[tekkanphan]

the thing is. it has been stuck on the same file for over 3 hours. before that there was progress i could see.

[Jasmyne]

If it is still hanging on the same file, go ahead and stop the scan and post the results it already has, also please make note of what file it is stuck on. Sorry it took me so long to reply this time, I had a class this morning.

[tekkanphan]

If it is still hanging on the same file, go ahead and stop the scan and post the results it already has, also please make note of what file it is stuck on. Sorry it took me so long to reply this time, I had a class this morning.

It was still hanging on the same file. it was one of the last files i guess as 99% was already completed.

and no problem. you gave the reply pretty quickly

here are the logs



mwb



Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.05.01

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16512
phani :: PHANI-PC [administrator]

Protection: Enabled

05-06-2013 10:02:19
mbam-log-2013-06-05 (10-02-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210889
Time elapsed: 11 minute(s), 54 second(s)

Memory Processes Detected: 1
C:\Users\phani\AppData\Local\temp\eswjq.exe (Trojan.Dropper) -> 1128 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\phani\AppData\Local\temp\eswjq.exe (Trojan.Dropper) -> Delete on reboot.

(end)

[tekkanphan]

online scan



ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=12cfcae6c9bb72428025d8bd4e07c984
# engine=13999
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-06-05 03:53:57
# local_time=2013-06-05 09:23:57 (+0530, India Standard Time)
# country="India"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=5892 16776638 100 100 105516 207978565 0 0
# scanned=302008
# found=1040
# cleaned=0
# scan_time=31057
sh=06B01B2E00257B8BA8B05BEC649D9DF82BDCA095 ft=1 fh=ff0bdb262065edf6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\Packman.exe"
sh=5C79066B6535B5F6C79BA9F773667EE37C008A74 ft=1 fh=82e6c59cca30db46 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\addr2line.exe"
sh=ABB576C99BE74A9131AB3760BCC8F5F0C087C64B ft=1 fh=8ee1ee0322acd10f vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\ar.exe"
sh=74D7BB0C03338F6CCF39A1573A70C2C0E0221031 ft=1 fh=7dfb2a4fb9484c7e vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\as.exe"
sh=232C6F6BF1B87D12CB86742C273243D11D6531BB ft=1 fh=f757ab3891edd6d3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\c++.exe"
sh=9145825EF88285C23E437317D71F04ACE1068F7A ft=1 fh=add090655203c0a8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\c++filt.exe"
sh=4CA7B982112FD0A7C6F86622082B60A943A2D8A4 ft=1 fh=0b4d544414e97f35 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\cpp.exe"
sh=6205E9D6D031E1D3A9C4CD04981040F191019C13 ft=1 fh=cb91c07cc45f0469 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\dlltool.exe"
sh=CC6FAD9BE92D386FC8094F431F50E25FFF88131D ft=1 fh=d13d459dd766c3d3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\dllwrap.exe"
sh=0F6EF788904753EBAADBF2B2E9764C2789A21052 ft=1 fh=ffec3f839d52dda2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\g++.exe"
sh=9C039B443BFE651218A8716BD0F1CDBF8D167115 ft=1 fh=bd3091c381d0c50a vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\gcc.exe"
sh=1A507EBC9A8FBC1E3FF3B9B7C19E5E78E003AD04 ft=1 fh=dc43c8255fbd2735 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\gcov.exe"
sh=F67E9BD017309FC1FD3A7A1A5C1779DC3D4426BE ft=1 fh=d3fc23e9ee1a7805 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\gdb.exe"
sh=9968F25A4DA2AD07C15BDBC6A25D09F6813C824C ft=1 fh=e7a28b76c6aaa8c4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\gprof.exe"
sh=AE6E0F191396E8F0CE8141ED8323EFA8AEAF543D ft=1 fh=c417dc75978dce25 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\ld.exe"
sh=50510E011EE509A9DB1209CA5B10519DD7F0F03B ft=1 fh=5ec80b9f4503cf03 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\mingw32-c++.exe"
sh=D008E6E5F7D21BF7ACA53B4B915B20BD44DA627C ft=1 fh=0a4cde9769718e17 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\mingw32-g++.exe"
sh=B093228CAB0F34CB23BD463DF0705AFF1819703C ft=1 fh=7015968427f33d3f vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\mingw32-gcc.exe"
sh=D0499E61E31419D58541D60EE12B2D930BB645FA ft=1 fh=e8c9c27808c189d3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\nm.exe"
sh=D01658F8777AD815A623891AF6479051B86DCCB6 ft=1 fh=0076964edcd7718e vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\objcopy.exe"
sh=9DB371A491D631BC64D48206100FA4C500D54CB0 ft=1 fh=aec16dff3af1d977 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\objdump.exe"
sh=36BF6F568488D4A59B715397D98965B4C05E00C8 ft=1 fh=6d962a0b00f57140 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\ranlib.exe"
sh=71B5EA99402FBC5D7B3DF759AFAA0CD7E59EA15F ft=1 fh=ef903028cb44dc2f vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\readelf.exe"
sh=F34217473A1955417A4FCDEA184DE6E4817564CE ft=1 fh=3b160b8061d7a6a1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\rm.exe"
sh=DD31A578D618F134EF4E2429818E03C7E7B66261 ft=1 fh=c61b715a15e8599f vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\size.exe"
sh=5E923FA8E3CD138B66FD89971CA45BC4B6FD9E37 ft=1 fh=2f1aeedd819ddd80 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\strings.exe"
sh=13989E9DA9CEB37C5F6D17931DC62CD73AD6B5C7 ft=1 fh=bd399eb4d009a7c1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\strip.exe"
sh=E2BF1A0FE49917E7883B766BB19EB94FB792C2D4 ft=1 fh=4266f6584bb7460c vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\bin\windres.exe"
sh=B3D7586F490DCB6B9489B39594DDFAE58D9BB93D ft=1 fh=af569d078fd8e3b4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\libexec\gcc\mingw32\3.4.2\cc1.exe"
sh=1785D184FF6E2C4A594555DBE1E7AC63DB727DB8 ft=1 fh=c5d3861c7a4eebfe vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\libexec\gcc\mingw32\3.4.2\cc1plus.exe"
sh=D82A2C799B6EB0E7B5EB0FC187A608C6AB1E7F3D ft=1 fh=ffb1952defc8605f vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\libexec\gcc\mingw32\3.4.2\collect2.exe"
sh=3F704740B2E647C3937BE7F990EF39060EF6D865 ft=1 fh=aa2e1337792a8e26 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\ar.exe"
sh=3BC0748536113F668CA87ECD606E13576D848411 ft=1 fh=97d65d22c13325bb vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\as.exe"
sh=C14F7579D053A812886B9FF768049A8546DB5F78 ft=1 fh=138f5221c55cd459 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\dlltool.exe"
sh=D869984AE80EE554E5D00AF1FC7C44137C0DEFCC ft=1 fh=84c980efe1040d2d vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\ld.exe"
sh=C4277E4400E51ACA1BE769A6B54C5756D5CD066C ft=1 fh=bdc2d3e5124e5e28 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\nm.exe"
sh=975FA263C5E6DF0A3C9EBE154E981FD0602B3E85 ft=1 fh=5b32d6a42d918287 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\ranlib.exe"
sh=D69B54851C61AC3F0D156167E2779F30297CDEB9 ft=1 fh=0942c6ca855fb835 vn="Win32/Sality.NBA virus" ac=I fn="C:\Dev-Cpp\mingw32\bin\strip.exe"
sh=D7C6FE1F14F4AE3052622A0BF55DFF97921D674E ft=1 fh=b7aaa8835b520b9b vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\automod32.exe"
sh=BC4549224F08239BF515F9ED176EA18D81D8360D ft=1 fh=340ce4b3a2507853 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\commands.exe"
sh=8D47CEC1FD143740C8D8267F7882600772789DD1 ft=1 fh=fd08da38eab67dc9 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\HPBI.exe"
sh=6AE0311E11B0A2F09797F9F767BA6F15D00F056D ft=1 fh=6464ba24d05f32e0 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\HPLocale.exe"
sh=5351C7972FA1E2AF7E9A108F0999D404F5F4CF1E ft=1 fh=598303c410658d65 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\HPUtilCK.exe"
sh=44C174BF50FA09028CE0A238CF16524C7D6E50D5 ft=1 fh=d11c910a2ac9fe67 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\HPUtilSK.exe"
sh=397200C204A40DDF524679DA5E69A1DC0360DC94 ft=1 fh=7cd62a18334b22d6 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\HPUtilSL.exe"
sh=030CD59EB8E78F6D850291AD7887AA1FCEBF8703 ft=1 fh=27eacbe6cd37ba55 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\Locale.exe"
sh=F9B2B4A1FE90E4EE585F0F8BF6B4BB9DE4EB20DC ft=1 fh=7ab36aa6bb726f32 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\MsgAction.exe"
sh=AAE08703C2F53296C173CD8033A0BAC00DA7050B ft=1 fh=6af5f60e49343c2b vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\Sleep.exe"
sh=F5DE4BFC74BE30DCFA5B3128F95574B08DE861A2 ft=1 fh=eaeda49b7c03f39d vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\UIni.exe"
sh=B476D4046530612C8EA171550550E09BCD5E5E30 ft=1 fh=4d4adad26c6b4411 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\BIN\WizInstaller.exe"
sh=29E286E76F2971C7E0A20BF716F3A65A2565EBD4 ft=1 fh=827add145e714b33 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\EasySetup\HPCRCGen.exe"
sh=7009B1321F01D269C69D182D3769CA4AD0EE521C ft=1 fh=666fb5173a534a36 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\EasySetup\RubikIconDrop.exe"
sh=9F51E99FBA56C274E3C796FA17F9379BDB1A321E ft=1 fh=67875cd3e57f4a8c vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\EasySetup\SetACL.exe"
sh=7A0F107968A14AB62262EF3E70B2B21FCB3E147C ft=1 fh=debd7769b99b8d21 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_de_at\toolbar.exe"
sh=6514ECEDD577B56B2C1E789E3EE08FA1281EB79D ft=1 fh=358fcdeac10f5e33 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_de_de\toolbar.exe"
sh=C1322E0E6633926EB9D08A9CAA5F3A8837F80830 ft=1 fh=e641d92d98501e31 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_en_in\toolbar.exe"
sh=243C2580633B97553619B7EFA94757BACEA3631B ft=1 fh=38e359ff44663a91 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_en_uk\toolbar.exe"
sh=A24CD329FD356F3B32AE2D0AEDB0B320C90FDD9D ft=1 fh=c55004308cdf2290 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_es_es\toolbar.exe"
sh=A943EF77A51F793EDC4095E13B40AF2D51035E92 ft=1 fh=3b71863c585954ca vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_fr_fr\toolbar.exe"
sh=43822A91DFE555B74A23810568EB9D3CD186B434 ft=1 fh=73b27df5d869e3c8 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_it_it\toolbar.exe"
sh=2B31D2AF662D6065BEE85335338C32BC3984829B ft=1 fh=a073c42e2ae3fafd vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\ietb5_hp_nl_nl\toolbar.exe"
sh=30F686F56D75E85299E7972B9F79F8454395C15A ft=1 fh=7248b39ab8817e33 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\Yahoo_bits\ytb_7.0.5.0_hptb5_cf_setup_.exe"
sh=59FC8D0C12673D26C4DA548AEDE57548BD096467 ft=1 fh=3453e54308c87e72 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\IEtoolbar\Yahoo_bits\ytb_7.0.5.0_ysp_1.1_hptb5_us_setup_.exe"
sh=C9B0E94A562C2D3A05D154CE4F28D06573F568C3 ft=1 fh=79f8400612cad536 vn="Win32/Sality.NBA virus" ac=I fn="C:\HP\HPQWare\MediaRing\Bits\MRTalkSetup_2_1_1_0-hp.exe"
sh=F4A52F5F2F0E10FD08377CB991125FC1E7AA75A5 ft=1 fh=a8015c538d3b0f77 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\4KDownload\VideoDownloader\4kvideodownloader.exe"
sh=84B74939362BE5A49655F177B603D5AF6D7DA80E ft=1 fh=356fac0f997d5469 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Bridge CS3\Adobe DNG Converter.exe"
sh=1D0A3143EAF91EDCF992324E3497ABA5BC2AC3B2 ft=1 fh=1cace81f93478298 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Bridge CS3\Bridge.exe"
sh=2BE1E9DC3DA5DF62DC521D3572A9635DC637479D ft=1 fh=9539a15363bdb972 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Bridge CS3\bridgeproxy.exe"
sh=08352DCC1C5A85CB5D69299F64E790E7C3262CAB ft=1 fh=73db494fda02967c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe"
sh=D06B6219BA331854A950F7648A32077EC59FB42B ft=1 fh=27918fc57285ef1f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Help Viewer\1.1\ahv.exe"
sh=2B1E28C0DB3FB6258E25AAEBD4C402BC8714EA24 ft=1 fh=852deb419741047b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Stock Photos CS3\Adobe Stock Photos CS3.exe"
sh=4686091138DA55FA6E6052596C6334D352DB2621 ft=1 fh=3ca7d9c99eb698f6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe"
sh=07A942B58E1AEFCF371798A3E78C1DA3B36FC90E ft=1 fh=788062123938933f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe"
sh=5A3C76863292D5DDC951461887F5E4B0112DF18B ft=1 fh=8592bbe7440a1249 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe"
sh=C6E424FCE7891584683E8A227EC979A2F37BB09F ft=1 fh=645ebb6646fc6d26 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.exe"
sh=C76B120A809594DB7782F4C1DC7BCAB60E37B102 ft=1 fh=f60066d9522e82c4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A91000000001}\Adobe AIR Installer.exe"
sh=DF69CA0A71F1933BFC26FD9131DD91EF7AAEAAD6 ft=1 fh=d550d56226490a21 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A91000000001}\AirShareInstaller.exe"
sh=271E5A9B5E4F71A399CA2E454A8F0A150C77E3EF ft=1 fh=b0b48598d5362511 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A91000000001}\Setup.exe"
sh=3A2EA19396F14CF9856AE6D9B1858BBD97049DE0 ft=1 fh=207ab3af8423eef0 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\addressBook.exe"
sh=61A9647F50CBA34D1F0ADE38CAB58860808C742E ft=1 fh=21f2a7bee3678e5a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\aim6.exe"
sh=97FA8D572F1AA9FA1D27BEB0233DC3E754D34E58 ft=1 fh=7dd5246f3c6a9abc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\anotify.exe"
sh=FD63D43305C97B370568D3B61C46A9DF3DA83551 ft=1 fh=a07d71d5d2823a35 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\AOLHostManager.exe"
sh=608538E4AC3382A74F71ADE2CDD28F33D46E4D0A ft=1 fh=be132b7dcdc8d267 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\aollaunch.exe"
sh=1F4CC61649C41D3046634F29A5C6A93F2BD725DE ft=1 fh=e874e5984e88503d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\aolsoftware.exe"
sh=0AED0E508894A0A1680224A0D7C6255A05CE8AFA ft=1 fh=1f0d7bc3f4b509c1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\migrator.exe"
sh=8D010029ED7D298945F9687FC8FDAB640238149A ft=1 fh=c8dc4b270f14f385 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\rbm.exe"
sh=112BF3B22476BECC9F9985694C8B1F241C7B109D ft=1 fh=cf91667bff6681ea vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\uninstall.exe"
sh=735FE2AF342CF459C7CDA17A6A46E127295DD1BD ft=1 fh=cfa84ecb5d93cd0b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\services\softwareUpdate\ver2_14_7_5\aolretc.exe"
sh=178A9D5568CA0CAF879B1D6763F281B2CA1FF7D9 ft=1 fh=8ee61225c633b1a4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\AIM6\services\softwareUpdate\ver2_14_7_5\aolsetup.exe"
sh=105B289B736C3F2E208AE761653AA381DCDB4DE7 ft=1 fh=e8d34e4cd8ce64cf vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Apoint2K\Ezcapt.exe"
sh=9BB56E431BFEB8828A5E9DAD770A97242BA3BA38 ft=1 fh=30b38b88a15a0ee6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Adobe\Adobe Asset Services CS3\AssetServicesCS3.exe"
sh=DC84709C2C927D032738E841405D5F43817235A1 ft=1 fh=c920115722b40f3b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
sh=180BE5CDD3211CF7CB423B821CD474B8BDA30AE0 ft=1 fh=f67249c44d5b67f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdaterInstallMgr.exe"
sh=2D429396A7F6789F679C57E2D5D6EF6701DEB503 ft=1 fh=91aa059983e51c49 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe"
sh=A10ADF34AFF6115895BA4A3C3F3019F1AFCD58A9 ft=1 fh=6458daa7f7357176 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\AOL\AOLDiag\tbunins.exe"
sh=7CD2471F64B08A5ECA4C4C5710D146283BAE6621 ft=1 fh=0d2849e3d7b425cc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\AOL\Loader\alunins.exe"
sh=B5E7D2FAB9FCB2CD5BD8390A6BB0FE2DA7B5CA83 ft=1 fh=4ae54e99e8cbe64d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\AOL\Loader\aolload.exe"
sh=6D8CB4C18BBB868012E8C6E1FE488BB31233D939 ft=1 fh=3e7c555ab5996948 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"
sh=A51221D1A7066D4E9CDC6F8C89473B54BC5A28E0 ft=1 fh=08a897e2a04f6a45 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriver.exe"
sh=AA3320AF9268282965CCB46B13E79597129EDE1A ft=1 fh=2521b9aef2405b2c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriver2.exe"
sh=D5A2FF54877E2A83919AE4F5056ABD0808252BE8 ft=1 fh=9ae0e81275779d6e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe"
sh=1ABC6C0FA0966508201C337187092AEB24344BA4 ft=1 fh=34639b8a81cd3a01 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe"
sh=C11D92EF2B6E5D6B68F942DEB392E4C17A851184 ft=1 fh=b981e90955ec4715 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe"
sh=BF4BFFBE66FAFF3B51E682E084C4AAF4CEE72F24 ft=1 fh=422e2bd8cd1300b5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_02.b06\launcher.exe"
sh=385536576B1012E41CD6AC1D7AEF7AFED0E98FFE ft=1 fh=43795470d9ba405a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_02.b06\patchjre.exe"
sh=F39EF05E53D08A63E43A4A5E0C6B2FF2B5469C73 ft=1 fh=89fbb11f06084594 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\LightScribe\LSLauncher.exe"
sh=42D435FA43711EBEE7AE24EF35C375CAB0E212AB ft=1 fh=e8f5b0262c15ebeb vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\LightScribe\LSPrintDialog.exe"
sh=53E661BA55FB8F83686BF71739A89C4A20E53163 ft=1 fh=785c3f2ac1cccce2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\LightScribe\LSPrintingDialog.exe"
sh=4B2EA6FBD267F771E278DDA629B2911CAD38FE20 ft=1 fh=0df782bac2d1980d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\microsoft shared\OFFICE12\ACECNFLT.EXE"
sh=B42D9070A135A86AD3887646EB7C7BF365F1CEB0 ft=1 fh=d27a377eda149765 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\PX Storage Engine\pxhpinst.exe"
sh=37AF1BD200C14A234FC539AEAB85513B090170FB ft=1 fh=b4c4f3b9ef182959 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Common Files\SafeIT Security\Dlls\SITInstallWrapperEXECOM.exe"
sh=CA95102EDD3D1C09B25CE83FC934CAA42441D763 ft=1 fh=79f3800a328db226 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE"
sh=60674CA47DA913112F1F9F352711A5F7C9A6EB13 ft=1 fh=27486cb9c7483378 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Core Concepts\DPS\CoreLauncher.exe"
sh=8F20D93B01B7316F7A2380FA6D7888FCAF43F192 ft=1 fh=9119e2b01f3ce6a5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Core Concepts\DPS\DigitHuntDemo.exe"
sh=7F16BBC474E5CB078042E31B2CEE89DBE8FF06D6 ft=1 fh=a6e6d0a40df8609d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\CDSVersion.exe"
sh=D053148A0685F286B48C5D42C3713A57A3C5BA0E ft=1 fh=9884b4880130a653 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\HowTo.exe"
sh=310AC7EBD3BB602BDACC7D97CAEE6353ACD7886A ft=1 fh=7273dc6a51fb740f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe"
sh=33EF8E7344E524D8AA80AECC54833E70EB59B8CB ft=1 fh=8aa5300734843c0b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\Welcome.exe"
sh=7B371B05963587C2019F4C7365E8A40C7658DAFD ft=1 fh=2cadeebdfa448210 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe"
sh=5C5F8AD3D492763BB5FF6487076520B6340209C7 ft=1 fh=bcbd359708d55a2f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\OLRSubmission\OLRStateCheck.exe"
sh=497C892132F2033C4D0CE0B98422180C283D539F ft=1 fh=5feadaf469e59d48 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\DVD Suite\OLRSubmission\OLRSubmission.exe"
sh=E5C45EEDD66D0EE19DA4C012375A3001641E6490 ft=1 fh=1b06cdc54f3826c2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe"
sh=B0A380834FF298FA3E7CEC50033E87D56AEF802A ft=1 fh=f4b16bfb5308ab80 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe"
sh=5BCB8C45824A2B9316B875306E611016C627D599 ft=1 fh=bcbd35972e66f04e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\LabelPrint\OLRSubmission\OLRStateCheck.exe"
sh=B7863265073E1CAC95F3E3FA016C3A6C7D06ED40 ft=1 fh=5feadaf49d57459e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe"
sh=E8C00CB5BACBF85328DD125F0636AC14B61A881A ft=1 fh=fb719ba298960d79 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\CLDrvChk.exe"
sh=39ACC2D75A7ECC9B9CF317463DD24EBF4727A9D6 ft=1 fh=db19bbc886b4dca4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\CLRegAccess.exe"
sh=37C66AA3C9568F6CC968F6B81739B3F1F942FD08 ft=1 fh=24f8191605b2d027 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Power2Go.exe"
sh=50372C55A843C8BC97215B4A57420BF20F0D9A13 ft=1 fh=85aecb4c5a2cb900 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe"
sh=A975B6596774B84E63D85DD49DC90DBA88BC7426 ft=1 fh=17548ced50d58fb3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Ara\SecurityBrowser.exe"
sh=E9DA43B68962D21D95096E625EE245CAB738BE5A ft=1 fh=a934dc0774b8dea4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Chs\SecurityBrowser.exe"
sh=BB69B7DFB7B3A17CC06F90D82A413E64E1E83413 ft=1 fh=f84bdc9e355fe07d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Cht\SecurityBrowser.exe"
sh=6C2E2ADECE8ED2630D7E22CEB452D5275A5DFD71 ft=1 fh=a389398259ad9921 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Csy\SecurityBrowser.exe"
sh=F12F19CAEDC0A9797CF9FB873E791761CC733980 ft=1 fh=0744e92e133b63f6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Dan\SecurityBrowser.exe"
sh=1F959D2A9FCDCE0133AA652EEB4BC85533FE8161 ft=1 fh=0002a57a0b07deb1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Deu\SecurityBrowser.exe"
sh=B7B6E8D184CAB3CA7D4AB3FF64B4EDCBEF7B58DF ft=1 fh=dbb38590333719f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Ell\SecurityBrowser.exe"
sh=220FEE0572C977FD582DA5CEEFBA986BBDE78246 ft=1 fh=c1813a91b4096f42 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Eng\SecurityBrowser.exe"
sh=7EF77A0360A231B11DF990FB3154D64680D89C17 ft=1 fh=40f52a126527b812 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Enu\SecurityBrowser.exe"
sh=641E014D89A389A9B685A456B04114FA57877F75 ft=1 fh=1326c88a59187de6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Esp\SecurityBrowser.exe"
sh=364BE1356C72EB760BE7189E5FD54F80894F53C6 ft=1 fh=9f321e81ebe88260 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Fin\SecurityBrowser.exe"
sh=B3D6DE712A72F4E9B4BD1FF3303CAF0D456CC2B0 ft=1 fh=0357ec0e82ab1fb8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Fra\SecurityBrowser.exe"
sh=CCDFB450B8AC3C26E7087B300649D6BF19349B8C ft=1 fh=2d07f2b0391e1747 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Heb\SecurityBrowser.exe"
sh=B2DBD951F83015A12455674510482941B7FDA324 ft=1 fh=3b094b857ab53ed7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Hun\SecurityBrowser.exe"
sh=328F7E77D0E455EA67BD19E09664301A8C9B4E91 ft=1 fh=92c90d2fdab54b09 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Ita\SecurityBrowser.exe"
sh=D5A93C632B3197A0E261943EC2E1FADD4C582CCD ft=1 fh=9eef11ad9a75011f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Jpn\SecurityBrowser.exe"
sh=801251876172E89547328309B4DA155F4B13AF87 ft=1 fh=eb89a4b948ebc591 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Kor\SecurityBrowser.exe"
sh=4E08BAF273842590FC75A813DB91AB29DAA31484 ft=1 fh=aa409332394f5d0c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Nld\SecurityBrowser.exe"
sh=9FD596D5B39A122BF1364EA148EA91FC1F89580D ft=1 fh=22b675064cadb892 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Nor\SecurityBrowser.exe"
sh=40352786CAC7B6665EFD82088BA56C1C968010AF ft=1 fh=93eb095c14415ee9 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Plk\SecurityBrowser.exe"
sh=D8971D6BF8109ACE3D40B9C741ED2EEEA7072D3A ft=1 fh=0ecfac16f6446727 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Ptb\SecurityBrowser.exe"
sh=6B949423338B05EE4FE615DE8C692F3D2C4A7267 ft=1 fh=3f0e502795d358ea vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Ptg\SecurityBrowser.exe"
sh=E3B1F242BF061FDD288EF178B76F784FBBCB89FF ft=1 fh=bd2a38a92ca35213 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Rus\SecurityBrowser.exe"
sh=61209F2170F222CEC09CC7C2615B60D87594728A ft=1 fh=396383a337906c66 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Sky\SecurityBrowser.exe"
sh=B6511304352AABB7B59C852760ED18ACD4D40F86 ft=1 fh=682074bb6afa6e91 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Sve\SecurityBrowser.exe"
sh=3EB82209402A8D5F7942EE4B2E9DB21C28877AF6 ft=1 fh=7f1c79b11ebb76c6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\Language\Trk\SecurityBrowser.exe"
sh=86AFC48001A1071E8FAB1E4E9C0D71A756F20B5E ft=1 fh=2cadeebd135cc0a7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe"
sh=8854D260286BB0B3B990913A3198A89A5F58E070 ft=1 fh=bcbd3597e3938ae8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\OLRSubmission\OLRStateCheck.exe"
sh=64DA626086CE736FE1A30453789E37DEFCB5A390 ft=1 fh=5feadaf4d12d685c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe"
sh=2E3BA3788569349E651C861D03035323CF74F7AE ft=1 fh=1d3d400887527907 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\PDR.exe"
sh=D8EC5219EA8DB8B6CF5FFCAC94907EA8715F133A ft=1 fh=5f91946ccab73921 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\UACAgent.exe"
sh=228BC6D632A2DFA51597E8D08F4F87B48E03BE04 ft=1 fh=2cadeebde6896b15 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe"
sh=CCB7CFAA39C071256ED7EA62803865B84EF13944 ft=1 fh=bcbd35970ec46c42 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\OLRSubmission\OLRStateCheck.exe"
sh=F0DE3B4CF3E2406DA6FB2C9D2A4A329CC7E9C750 ft=1 fh=5feadaf496afc208 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\OLRSubmission\OLRSubmission.exe"
sh=92DF5DCFB3979F72AF7AB530909491122CDAEB71 ft=1 fh=583ed89aff07766c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\Trial\Trial.exe"
sh=AD2764C3D6BD4DE0A2B3E7630D4DB0FAD4006285 ft=1 fh=a4515bf9f43e2372 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\PowerDirector\Trial\TrialMgr.exe"
sh=7B01F01AEE2CC18102EBDBABEDE388CD22AF9159 ft=1 fh=8dc7e9d45ec3bf59 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Shared Files\EffectExtractor.exe"
sh=7D42C593D723E049E96506BC8240425A080E9118 ft=1 fh=73ccb8f874c058f5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Shared Files\richvideoinstall.exe"
sh=5B456F76DDBFF58C09F02C6159392CB34FF18CEF ft=1 fh=e791dd48f67d97aa vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\Shared Files\richvideouninstall.exe"
sh=1E8010463B1A8122FDC2BB795638E3139B9E4943 ft=1 fh=38bf3c8689942bf9 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\YouCam\YouCam.exe"
sh=A030C6D00B04E9270E65C4586F17B6D4B2D80209 ft=1 fh=e43843eced376ab1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\YouCam\BigBang\CLUpdater.exe"
sh=BE85098E73602ADE7606D961A87A9D9F85A1BC89 ft=1 fh=81ee49ed5432a357 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\YouCam\Language\youcam-tutorial.exe"
sh=929BDC3FBE7F3B258A98404D027D693197C79325 ft=1 fh=88a1c032faf07842 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\CyberLink\YouCam\MUITransfer\Debug\MUIStartMenu.exe"
sh=3435E8BA26D362277A57DCA88188C9693CF2FF07 ft=1 fh=4ff5a9fd622d3f6c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DAEMON Tools Lite\uninst.exe"
sh=771D69576EFD2DDBCCCCF00DB4E70F13DCF39984 ft=1 fh=92f78893f1ba4e8b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DPExpImp.exe"
sh=B2A87AA23ACA50477BF7427029A45CB8FDCB8981 ft=1 fh=b3e4e4159f953b6b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DpFpLogonManager.exe"
sh=3FCF30237714820EFFE873BAAFE75476CE486494 ft=1 fh=2eac304caa2c41d2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DpProperties.exe"
sh=E65A4E68D44FCC802AE27F45A65655B3EB7FA67E ft=1 fh=76c742af1f950e33 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DpRegApp.exe"
sh=A6FCE04B60FB265B87DFE230988E4E3F01CFF97F ft=1 fh=e67eb52bda3d7432 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DPRunDll.exe"
sh=71C77ED3221CD3EC63153E56B514FB74F7A7B64E ft=1 fh=6f22ba69f4f07ea0 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DigitalPersona\Bin\DpRunHlp.exe"
sh=672E3E013A31D73FD7BA43B730FC20A5A9867CC1 ft=1 fh=b40275f2aab3f7e4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe"
sh=1747AAC72FFD86EDC0DC22786E05E02350C6AB0E ft=1 fh=042332fb82da056a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX Control Panel\dplreg.exe"
sh=804AA5E486255909C393F1DBBB5DED423DF4CF41 ft=1 fh=7d52dcc0a105e2c9 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX Plus Converter\DivXConverterLauncher.exe"
sh=E7D070A2AE4ADB01A5C080FFAE6ADA15FF97BF01 ft=1 fh=f2498c0bbac87ccd vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe"
sh=E193D75AB1374988E5672B3D3E8BAB038871568A ft=1 fh=5e92f0f44dd4342b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX To Go\DivXToGoLauncher.exe"
sh=E94008AD7D1C7F8AC705E1ED5B02C76EF743680F ft=1 fh=0906be22e54cd987 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\DivX\DivX Transcode Engine\DivXEngine.exe"
sh=8C5D317A5D061BA3419C30F10605926B5526286E ft=1 fh=6015f9bb93173ab5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Dropbox\DropboxProxy.exe"
sh=D68A98F2F45957428D1ED9A66DA74777E92BDB00 ft=1 fh=2107b0b87de083e2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\EasyInfo.exe"
sh=80AB83098853BB90359783205367D14DA2628399 ft=1 fh=330a9eb5c58b2c2f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\EReg.exe"
sh=A8F4F89EFDEA4948F190B66D2D899C86B342CD84 ft=1 fh=ae66921ce2652711 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\go_ez.exe"
sh=FDAEAE49A9CF8CDA991F27F040D64BA9A8A8CADB ft=1 fh=5850b9bd3640dd67 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\Need For Speed Underground_code.exe"
sh=D7B4978B887964C2269C56B4EB36B8C2747C3338 ft=1 fh=0a5bca18f6b34adc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe"
sh=256CC6B7439173BCB4BBC6F24835FC85015DF10D ft=1 fh=ea20a857def4f023 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\EA GAMES\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe"
sh=89953B98FD29354EB5C9E03177A0C0C9163F0D3A ft=1 fh=e40b4143ce0e9506 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Electronic Arts\Harry Potter and the Half-Blood Prince™\pc\hp6.exe"
sh=50F7882D035EDAFEB6C118526389158287420D44 ft=1 fh=5dc7cdd7901c6905 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Electronic Arts\Harry Potter and the Half-Blood Prince™\Support\Harry Potter and the Half-Blood Prince_code.exe"
sh=B72462E34D3939B0E15B282EAE5774C77F8A4081 ft=1 fh=91dec98d1196eb95 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Electronic Arts\Harry Potter and the Half-Blood Prince™\Support\Harry Potter and the Half-Blood Prince_uninst.exe"
sh=CF8A163C63D39361E1B5866AC888B7E083BE86D7 ft=1 fh=16c21627dea90191 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\eMule\LinkCreator.exe"
sh=5CB60C5DC46019CB56158D31B48D403F50C7062B ft=1 fh=a8dbf8f02f7285fc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Fingerprint Sensor\drivers\ATInstallDrv.exe"
sh=17EEFC2D74911D81C2A0D5B142B09A1E3CC8E7DC ft=1 fh=251c1e96c0746ec1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Folder Lock 6\Folder Lock 6.exe"
sh=5B14EA1CFCCFAB82F946FC2AC3F7F49999E2BF56 ft=1 fh=9956da8379cfbdbd vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\27.0.1453.94\27.0.1453.94_chrome_installer.exe"
sh=3EE838A1649B2C4EB49950EDCCF71D135DFEFFF7 ft=1 fh=9853f6abae6784c1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\ESU for Microsoft Vista\ESUVTVer.exe"
sh=8BFB81D634EAFD946CEA95A95ADCC29258421B8C ft=1 fh=0fd754c25d2719c8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Battery Check\HPDOM\CheckBattery.exe"
sh=D1AC675770B96806B69E0EEACFFFD35B5D11EF9B ft=1 fh=bb74823c547b5c5c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Battery Check\HPDOM\HPDiags.exe"
sh=965F6F61A2CB9246C099E52F3EA58A7D543A5FDC ft=1 fh=d4fb533a33bd0520 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\hpdobject.exe"
sh=5245F1D9FB5CA90AD56372F7F115E3F6D751F80E ft=1 fh=b2c8fbfa1090d744 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\HPDownload.exe"
sh=409F23084CF2EDD314E690223B526CEB9A0F9E14 ft=1 fh=4335a74a9bd5b526 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Health Check\HPAsset\HPAsset.exe"
sh=85EDD4EDB816F12D4ED29F51EC3040E21D4C3408 ft=1 fh=ed0bad01ea361d8a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Health Check\tools\ResetFileTime.exe"
sh=E34BDEDFA7FEC086CC65967605DB4E5340BA6D4F ft=1 fh=3d00a5b74aab61f5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Health Check\tools\unzip.exe"
sh=660E6B2E43784CF80A4EBF48AD6CC35D50524339 ft=1 fh=a7639dcda2b5e626 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Info Center\HP Info Center.exe"
sh=3547A3E9A1CE725D0CE7A4099793019EEAE61B5C ft=1 fh=f56b06537a75a6f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Info Center\HpInfoSetup.exe"
sh=AFCE478C04CFE4D66F1061D4A34EB4B080C2E9B2 ft=1 fh=c2276cd7225c1580 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddDriver.exe"
sh=79DC03963A5BF8A3910D529F1B839766083785FD ft=1 fh=d4b3ac9f7233b843 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\btnactn.exe"
sh=19580AA3F36A17207067AE348937096353229C98 ft=1 fh=6fdd7ae77b761264 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\DspSwtch.exe"
sh=E45242F87980D4679B9AB783C40FBAE630E0CB32 ft=1 fh=f44814f84d6bbd4a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\GetPresTile.exe"
sh=0004D5B15F5573C898A09D11BB021DA76FD26B59 ft=1 fh=deb37c5004a100b6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqlbVer.exe"
sh=7A9C02A44F21587690DA2005912FF0B450141B18 ft=1 fh=b4178e7867c6b3a2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpSysInfo.exe"
sh=11BAA0208FF756145CCC5F2A877C35E786CF831E ft=1 fh=02e6f5cbec2eb730 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\launchAP.exe"
sh=0BAA7B7F8DFF26E3CC2782A71D130D8BB16372C6 ft=1 fh=503913beea74abba vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\MonDisp.exe"
sh=16A599B4A51506DB696B1D037E827C22DF67282A ft=1 fh=9a7c27ce2602f8b4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\qlbPres.exe"
sh=4346F92FF736FF2198DEC6AFBAD8A4104B71D9C3 ft=1 fh=02b089e9a25fcf3b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QMenu.exe"
sh=1D1F18E5EFD84571E70366BA02BE4405D84C2390 ft=1 fh=6ee26aa7f9903e3c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QMenuOV.exe"
sh=91E4AB532AD544FD1801AF9B3CEF207C2C03B375 ft=1 fh=0484ac5d1952fecb vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\RollBackDr.exe"
sh=11AF7D846BDE11DFB76E87A74A3A9971056AB6EE ft=1 fh=1b22111785c7aedf vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\WMIrep.exe"
sh=5C2693AD834ED5D85F11EEA1959DD9C0684811AE ft=1 fh=4a5876a7a6c35ce2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP QuickTouch\SelectiveSound.exe"
sh=65E0C108CF78E5128F3F418BC11EA9FFE8D71537 ft=1 fh=280ae68455f6eaec vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPQWAVer.exe"
sh=9AA87BCE38BF7F680E2B307B49D95D5CE3D27A53 ft=1 fh=6c847d6b2a0b35a2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPQWA_UI.exe"
sh=C27ECD6A371E6112A8D5FB83205E053AE370BD5E ft=1 fh=c8f7c2d755f6eaf6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WAMobCtr.exe"
sh=999E15D258D51F92FAEF1E02B0DC9B97F833E3AB ft=1 fh=cdb6141d731a15b7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\Wireless.exe"
sh=BAB6C3C9D3838517C3D254DCB6C7A56A1F3586F5 ft=1 fh=d0cf62fa5e4c99ee vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\MSCU for Microsoft Vista\MSCUVer.exe"
sh=A48FB9209127574B17A5D1EB8E75187C878718B1 ft=1 fh=e4b319d3e4158e53 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPHTMLGen.exe"
sh=842B7D0F843D5B1A8371CEBD77BC05421AABC76F ft=1 fh=a481d78a991036c8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPQSI.exe"
sh=CA39CD4820F57AE827C25BEBA4B943580A43B03B ft=1 fh=e25f356bca1f356e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe"
sh=8C99A433CACEB48B04764C4A98EF3F714079C38B ft=1 fh=3caef6aa0fb4037f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPSUSettings.exe"
sh=4ECD07954B4A31ED87FDA0A77C89EA4BBB90B941 ft=1 fh=8afc3a07085bbb31 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPWaitWindow.exe"
sh=FF230386F6F8BE66981B4E251C21C117A0A38A4E ft=1 fh=c9fd630b00f69825 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\HPWriter.exe"
sh=A6D0D51CD9EDD4A67DAEA5E327B57A2369BEC513 ft=1 fh=92070cb93ab1db40 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\OOBEEzsetup.exe"
sh=08932633977739C08C9993CD7B1B94DF8D56EABA ft=1 fh=8ddfdf4c5d8555cb vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\SDP\RegistrationInfo.exe"
sh=7DCE6EB75773ECEA844110753C40E768141F1004 ft=1 fh=3ba367ab17393d58 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Hewlett-Packard\Shared\MCOEMInfo.exe"
sh=A1DAF675C53784AA30C8B5D8999BFBBC8D49A666 ft=1 fh=44afe2b7e93f51c6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\HpqPSApl.exe"
sh=D7CE51A1C31819734EF01CA64AFAE8FEC1B0DE3E ft=1 fh=c3a33f8579a39e7e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"
sh=E6C04EF33B79795376EDF81B437433B7CCD7BFA2 ft=1 fh=bb38e060b141bc27 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"
sh=E9326C0E4D52C1D040DE7CDF167F01697FEEB370 ft=1 fh=6f66638f0700faf2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe"
sh=FF9F2A8B480D5F8FB901A860919C18B8FD8F4EA6 ft=1 fh=ced9ac70f483d424 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"
sh=10A30F196FB809E5887A13017EB54BD380A72437 ft=1 fh=40bda992fd0b5b73 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\bin\hpqtax11.exe"
sh=CFF004D5F9C5D262B4F4BCD337D7E8C48E4F6F76 ft=1 fh=c41e6b7672027600 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\Digital Imaging\photosmartessential\hpzmsi01.exe"
sh=3D3EE24DF65C53007F82DCACAD1AB9A2730AB2EC ft=1 fh=9bcf26d8596e4cfd vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\HP Software Update\HPWUCli.exe"
sh=CC3137D12F566C1801D16AD8FE7E17836FB7B737 ft=1 fh=2842b9756f2af024 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\DVDP.exe"
sh=00FAD334DD1035B6B9D1DA1C226753DBD992AD43 ft=1 fh=4bf7411018d1cc2e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\ODDOpen.exe"
sh=089EF965C94DCCF4D8821118F01D289A8ABC5032 ft=1 fh=cb7366c5a872d703 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QP.exe"
sh=1C6BC9FB814CCFBE1E0137EB44D31EF84EAAC17A ft=1 fh=71c5e44ee912c190 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPDVD.exe"
sh=24EEA2307C31A2D82F5AF31F53CECFE6B7318E1D ft=1 fh=c7fb5601645acf1b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPKaraoke.exe"
sh=AB3C7CA6D6BD51AD3EFA5937B31ADB508635BF46 ft=1 fh=e9276f7462145c94 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPManager.exe"
sh=8CBEC21E7900A55E426BD3428FD1417EA0500AD2 ft=1 fh=a2a516ae7271ac5b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPMenu.exe"
sh=EB010131D5F86F121038D19409837FE8A77A0F6A ft=1 fh=bbcef3f370a7aded vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPMusic.exe"
sh=3B1723F2D708E21E810977FA529007B135EA3FB7 ft=1 fh=b774822f476e49e3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPMVP.exe"
sh=EA530A62A30232B2C2EE9C70E0B16A08FB1468B2 ft=1 fh=900f8007e74e7a4f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPPhoto.exe"
sh=AC842AF490F384737D1AC4DDAA52B21E448E266A ft=1 fh=fbc02bd091a919bc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPTV.exe"
sh=4869DC155566B3FEE960746229FDD5E0574A73F7 ft=1 fh=e3cc789cd6612b78 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\QPWebcam.exe"
sh=B9E21D07EC0555333E0817C5AE66D272C897FDEA ft=1 fh=8cbceb5f535e4fbc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\regsvr32.exe"
sh=5293EC0D0E81C035767B3C0810D6865CBD3C51DB ft=1 fh=57b89e0254896758 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\Partner\DVD.exe"
sh=28E373EF6506690C55D6F73B5A5B727465851BFD ft=1 fh=f5b03be752082d7c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\Partner\Games.exe"
sh=4DCBA00A481C163D515841C2C65C181D830011FB ft=1 fh=0df9e6c095006c5e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\Partner\Karaoke.exe"
sh=B837C9A7454DEAABF73F375B65BB11A9DF44556D ft=1 fh=ad95b214891753f8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\Partner\MobileTV.exe"
sh=587EA0C4D8899DB7E13E61304E446923846A27CC ft=1 fh=589c65e8a335e4e1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\Partner\MPV.exe"
sh=721239BCF06ADF8CF1E8638D6BD26B2153F263DF ft=1 fh=dbc08242b3bdaa42 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\TV\CapInst.exe"
sh=7234703991E3FA251496F58FB1966F5EACB5F0C3 ft=1 fh=a8e505b41c4286ed vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Kernel\TV\CapUninst.exe"
sh=A1D330C3E7E1575552AF5EF4DA73D9053B79868A ft=1 fh=6b9f624c6ef39ca7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP\QuickPlay\Koan\TouchStone.exe"
sh=A19FF147DE838DC400F7894B6CCF3A159BB9FC96 ft=1 fh=2025cf5363919e97 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\3D Ultra Minigolf Adventures\MGA-WT.exe"
sh=2BAE3C5AE364DF2DE7F3CB82E956DC91B5171E7C ft=1 fh=1812dcec80f1767a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\7 Wonders of the Ancient World\Wonders-WT.exe"
sh=5B16203DB6449FE46BCD91C8D7A30F9AF5C6D902 ft=1 fh=044a8fb40f7e4710 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Bejeweled 2 Deluxe\WinBej2-WT.exe"
sh=958129F102C53D01464617C63EB266DF060037B4 ft=1 fh=09579efe8492aabc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Blasterball 2 Revolution\bb2-WT.exe"
sh=07DDD5BFC8D5AC2389D8B2EDF3F654F2C87DE7A3 ft=1 fh=c0490dfd52cc4857 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Blasterball 3\BlasterBall3-WT.exe"
sh=8364B3ECAEF0A13F3D2F37770B9C4228442B95E7 ft=1 fh=e0b1b4d9b9b0f862 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Chuzzle Deluxe\Chuzzle-WT.exe"
sh=E484693E361D1C78DC6AF922B5F3C11BF73F0CA3 ft=1 fh=ebb103d45535949e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Crystal Maze\Maze-WT.exe"
sh=059D447674A1031E17B8C7016E2948E875F73716 ft=1 fh=87d8b5d5cce02a99 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Diner Dash\Diner Dash-WT.exe"
sh=5CA1D5751CDD45FF22946385A1F1CB34A6F579E0 ft=1 fh=93de9bbaab46366b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\FATE\Fate-WT.exe"
sh=FED4213B004CFECB490C3A204D95B4B4FBD08F76 ft=1 fh=87d5a8fcbe1273cc vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Final Drive Nitro\Racing-WT.exe"
sh=B18453D376288D4F48C9FC457194D10989B71642 ft=1 fh=e293d079b3d41b5b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Fish Tycoon\FishTycoon-WT.exe"
sh=7D7E084FCCF972C2F117831ED6AEDE10CF828B6A ft=1 fh=8943ea53c9788b90 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Insaniquarium Deluxe\InsaniquariumDeluxe-WT.exe"
sh=F92E61249B679CD38627F10C713897486D706AFF ft=1 fh=828810254572668f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Jewel Quest\JewelQuest-WT.exe"
sh=36CE336B323C6A5BD3D0705710EFD2D8DF8B66F5 ft=1 fh=1ccafb38bff74b97 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe"
sh=4D535635FD0CE33798D0908B60A9520B0BDE660E ft=1 fh=3e92e39a3b2c1b43 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Magic Academy\academy-WT.exe"
sh=3DF6D6774DE547B2B0534BE6167332179ED0B9A2 ft=1 fh=0fed5ad0ceeee2ba vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Mah Jong Quest\mahjong-WT.exe"
sh=6E489B216BEFA23C56AE5ECB734E3116227114BA ft=1 fh=e37a9f35eaa25055 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\My HP Game Console\GameConsole.exe"
sh=430594E1A9F37ED10894E4A6472388E41E87D45F ft=1 fh=9dd4e1975dafff47 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Otto's Magic Blocks\otto-WT.exe"
sh=0322FD3894F0D845A301BD7FD45DBDF934AC02F4 ft=1 fh=23c988d5ec741e1a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Peggle\Peggle-WT.exe"
sh=6F9DEB375D98A049C75F49543E4F44AE2D42D0BC ft=1 fh=3235b6b155d4926b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Penguins!\penguins-WT.exe"
sh=0AA9737EDDF57B462B425E752AFE8DEEE4A295AE ft=1 fh=f195b9c2ad84a1e5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Polar Bowler\Polar-WT.exe"
sh=BDAFBDC098EB34B2A33B334A8EB8DB0D72AD3E89 ft=1 fh=405109a3817f11d1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Polar Golfer\golf-WT.exe"
sh=44B516A5A73D1F65EDACC20CB2C63F9F30035CFF ft=1 fh=6eeeab13c231fae4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Polar Golfer Pineapple Cup\golf-WT.exe"
sh=D12601D73A61DF8FC3E7AE406DAEB2C801B31896 ft=1 fh=b81965d15a5dba3c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Ricochet Lost Worlds\Ricochet-WT.exe"
sh=49B9000AD4DF195BF1A4E6333E70B03DEEE47CAA ft=1 fh=7e2fe8be63e93029 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Shooting Stars Pool\ssp-WT.exe"
sh=87E582709E9730D2A71581D4C231C3B9DEF6AA6F ft=1 fh=b4176c96f4337e95 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Slingo Deluxe\Slingo-WT.exe"
sh=EAACB5506FAB193257D241F3B8A354D28730A40A ft=1 fh=25a00749a6772014 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Super Granny\granny-WT.exe"
sh=1843E59B186ADB24A8EBDEFF7AA892D5D7C0A6DA ft=1 fh=0eeb32c9817a6c80 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Tradewinds\tradewinds-WT.exe"
sh=1EA5A99E19C81847246D8259423833365C926483 ft=1 fh=54f1bca02c068bf7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Virtual Villagers - A New Home\VirtualVillagers-WT.exe"
sh=F44D88C13B273A4763ED2C90669100472AA139DE ft=1 fh=d522e5b0fef9f71c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Virtual Villagers - The Lost Children-WT.exe"
sh=C31571AFEF14EBC75A7EE5060503BA13BDC3E5E7 ft=1 fh=fe603b5dfcc29081 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HP Games\Zuma Deluxe\Zuma-WT.exe"
sh=F99957082042D98D5FBF472C62CCC65AE9FFC722 ft=1 fh=caac133f35775a7e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HPQ\HP Info Center\HP Info Center.exe"
sh=71943CF77E90B8B7B0BFD468F917AD69456B4F03 ft=1 fh=b8bf4c935bdb202f vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\HPQ\HP Info Center\HpInfoSetup.exe"
sh=221E032B746A554C259E3112B23C840BACB90770 ft=1 fh=b070dad983b1c270 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\InstallShield Installation Information\{19F0F386-FBF4-4289-8A94-54789DF72F0D}\setup.exe"
sh=7D4DA066B9E8F934E25D3EE8F18ADA62755CDE88 ft=1 fh=ebe9c7f723791493 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\setup.exe"
sh=BF6BC904C0807E895B81364D965F51E3877046F6 ft=1 fh=d02b3eb6abaf4821 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\setup.exe"
sh=E085B1FCECD05F2DC177A95EFD5F411FE0CB661D ft=1 fh=d405ebf2a6732000 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\InstallShield Installation Information\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}\setup.exe"
sh=570AEE9D720F8D051405EC19260E21D3EF013B0E ft=1 fh=5efb721bc6938bba vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\InstallShield Installation Information\{B97CF5C3-0487-11D8-A36E-0050BAE317E1}\Setup.exe"
sh=DF6234608E4EBD6AB0B9CFD74A50B4176F08B659 ft=1 fh=035e3b9df6022640 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe"
sh=57C2EA89C006633AE6448EADC0DE92086694830F ft=1 fh=4e748c0048058c58 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Intel\Intel Matrix Storage Manager\migrStatus.exe"
sh=D826907F0632365D0118B4C44AA7EE61F3D27AB9 ft=1 fh=d109cae9a60d0492 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe"
sh=0BEA4EFBADC800F9BBCCCDF3862699A599CCDF18 ft=1 fh=23709429d9089e36 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Internet download manager\idm5193.exe"
sh=246DEA61F38CDBD9FEF31144BBD557204D45E79B ft=1 fh=66029346092f3d9d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Internet download manager\IDMGrHlp.exe"
sh=1EEAB4C6FEDE9248ECBE3EEC62FEFF11AF20CB1E ft=1 fh=6e0a14487e899188 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Internet download manager\IEMonitor.exe"
sh=0BBF6F38754977A4E637C3A22EC300825B6F6B0C ft=1 fh=ab2798e24f389782 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\java-rmi.exe"
sh=106E60ACFDC82B626737D33A685B930DA622DBFC ft=1 fh=23aa41c4413ae272 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\java.exe"
sh=F610A175452B4FCC4279DB59FB96734B60E042EF ft=1 fh=799fece14c7360f0 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\javacpl.exe"
sh=56B0BE26DE4E398920B045F95B0948138C0D8014 ft=1 fh=8855fdf5c460f5c8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe"
sh=4EF92BB1699A7588F51EB39551FF673723ACD3E8 ft=1 fh=53ac6c3ed13e7813 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe"
sh=9D727A9058787FFDDBF294179F1CEA39A4BFD379 ft=1 fh=18124aa318385cd3 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\jureg.exe"
sh=58DA6E45274D87CA0D890BBC57ABAFD114F5A78E ft=1 fh=c71c0011e9da8f7a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\keytool.exe"
sh=0846EAE99276118C867D9D46B7F4004D203F0805 ft=1 fh=48e168b22e6cdf7d vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\kinit.exe"
sh=F035FC3C237C7F59B5C13F2EBF4FEF4C8E6BB460 ft=1 fh=111e160bf00e4552 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\klist.exe"
sh=81BC71BD7B964C3695DCE90CD31D8CB7A91F53D4 ft=1 fh=c71c0011f1dacf98 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\ktab.exe"
sh=10CA415E1EAD6ED834FFCEF0E8764943A97A6B72 ft=1 fh=7e9cfe02ef98f1a6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\orbd.exe"
sh=F7C99CABB22F9794903FF2F181C883FD71DF4496 ft=1 fh=3f50286c53c4f2ad vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\pack200.exe"
sh=2725381B82F923DD3787948774206F63A6F08B75 ft=1 fh=55d50f4b2082621b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\policytool.exe"
sh=6F5518DE6DBB06F2BF565DCE864DE035B1BFC6AF ft=1 fh=8ad30440468f3607 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\rmid.exe"
sh=C126E52844F0EF85A12EDDB9FEE7E90E018D2311 ft=1 fh=f8113e82f0695d22 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\rmiregistry.exe"
sh=E77112033CF597D91E87A75E368D39CFCF1967C6 ft=1 fh=f918f0fd80371c25 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\servertool.exe"
sh=34BB930C67FD57AFD418E374E3441DC8E9C9C8C9 ft=1 fh=afee30a0fd1c3e93 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\tnameserv.exe"
sh=8E2604A6E93F96DA073494894CBDE44257FF0131 ft=1 fh=104e4573d9836a78 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Java\jre1.6.0_02\bin\unpack200.exe"
sh=1C6FE382093B01930A0766D4979EE73189C30A91 ft=1 fh=7ccae9a87ba39425 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Marvell\Miniport Driver\installu.exe"
sh=AD31E4C309815376FFDDD3E4FC2ED7CA90ACFCF7 ft=1 fh=8e43fe7a6a377a01 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\90\Shared\SqlDumper.exe"
sh=2A910BBDC58C56419090662E94575D8290D56E24 ft=1 fh=d13659f2140b9934 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\90\Tools\Binn\bcp.exe"
sh=37E5C6CCC6F3AA21D51B4CD3171DE491C69BFE4B ft=1 fh=802f96e6b70c8ae9 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\90\Tools\Binn\OSQL.EXE"
sh=53E58391D4938CAE3D3931B8F37B9DCD98DFD0D3 ft=1 fh=50ed69450b92a639 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\90\Tools\Binn\SQLCMD.EXE"
sh=54F7648FAA21A85F9AE55B07F70B27473D9BD5BC ft=1 fh=54babdb6b079a61a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\90\Tools\Binn\SQLdiag.exe"
sh=F28AFF8353821B6D38E286FF42743F71DFF9612C ft=1 fh=d21a16bd331a0e74 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlmaint.exe"
sh=2CE1B129FF3C8900053C9C016ABB9B99DAB8037B ft=1 fh=c7ac9022f87e1cd6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\xpadsi90.exe"
sh=FAB6E4CB4A869ABE4F56427FDAE557D3684DE183 ft=1 fh=ece11fff0698814e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\chm_helper.exe"
sh=6DA270448CCAD929CA938DB4FC5C33D0F912D58C ft=1 fh=e897de125c68d4bb vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchFlash.exe"
sh=43FEE797CEE37BC05EED89DBE089EF16D25CF672 ft=1 fh=5b7d904159dd3442 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchHelp.exe"
sh=D76E1B9E9E04604EB70432BB361A8F1416CBE747 ft=1 fh=af1ddb30beb09662 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\Flash\loader_pc_mprojector.exe"
sh=391B12A89014A65B2A6346FAB07548FC6588541E ft=1 fh=c57aa5486f893312 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\Flash\fscommand\applauncher.exe"
sh=9B5A7E71739DFC410AD7CB1E1CC09B8E6136FBB5 ft=1 fh=dd7780667d6b9cb1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Online Services\Bigpond\WizLink.exe"
sh=3A8514D972948267F16421CFAAEECD3149728C2A ft=1 fh=b973609aa6d6c1d4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Online Services\eBay\WizLink.exe"
sh=EC4780091E10D7E987711B40574D726AD653BC65 ft=1 fh=d7b2b5a05f59d822 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Online Services\ESP\WizLink.exe"
sh=672FC127DA3A0E927FCF98C09800306A3C0156C7 ft=1 fh=ca1a30787b95c02e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Online Services\Mercado\WizLink.exe"
sh=7042A143518A5F7075CE182212746B8BAF7B6565 ft=1 fh=667d8c3e242ab98a vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Real Alternative\mpclauncher.exe"
sh=D44DA28EEA76B6A1B618921C69AD8B19F1BBF7E1 ft=1 fh=1c20f83c58a54343 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Real Alternative\settings.exe"
sh=5114659C8576D6313562F35DC37AC8D96059535C ft=1 fh=5dc36f9e66ed5e26 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Real Alternative\Update_OB\upgrdhlp.exe"
sh=23F23737696C3CB4EF6BF5DA51931DE38FD72F3B ft=1 fh=dedd4e9979b52056 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\SafeIT Security\Digital Document Shredder\SITFileShredding.exe"
sh=090A54761183BDB0B29CDDEDAC248C0580382A7E ft=1 fh=eccec79605691586 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\Scrivener.exe"
sh=711AD0CC35E915F1AF83C154E607035968A41B4F ft=1 fh=a416b1b26f7fe097 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\Aspell\bin\aspell.exe"
sh=211289ED90E58FC61316D1C5B12F6A28B4663801 ft=1 fh=9937b60222314191 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\Aspell\bin\word-list-compress.exe"
sh=7E3A0BF18094EA1156580C9051DF33DEDEA3E5A5 ft=1 fh=ba6f9c6d91c92766 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\docformats\ddr.exe"
sh=C9D9784DE34B796EE1677930A60A756A0380D323 ft=1 fh=63ae12ef5a36a774 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\docformats\doc2any.exe"
sh=17CFA39E41F02A9BB690B2A6F80E7A0B33E33EC1 ft=1 fh=9878dae369b7314e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\Scrivener\docformats\mmd.exe"
sh=D23D74A53C88B991689A28C218A1A8B88FC9E985 ft=1 fh=7dd0159a1f475b52 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe"
sh=7794BA420BA77550EA215A074A3B8BF94BCA0D8B ft=1 fh=48feb48076b69f13 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe"
sh=79F3FD1D8A66E8DB8AF6ADEAE5696D4B59295D9F ft=1 fh=1459b88c2d6e7bf1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe"
sh=A3DA017C6F9BE4E1941AE603F4B987B78D43B936 ft=1 fh=36472865332b9f1e vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe"
sh=92E2534BE6928B90DD79A8B4EF4FE7A847C846ED ft=1 fh=1decd4cfec5818c4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\BtwHtmlPrint.exe"
sh=8C820BF6A7E379C72C8E11BC03AB7B52D0F68150 ft=1 fh=f62e0cfd60d1a290 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\gzip.exe"
sh=7E6417BA06CB87026E1DA87EC482992B3B3AC90B ft=1 fh=3c7b2cad977e27a7 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\bin\BTInvoke.exe"
sh=6232E2331A76B830CFD9DA2AB633DB28C6EFFDD8 ft=1 fh=ce35979420266742 vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"
sh=B0C8A349EDA61C74F31CF8062A44601A4D6FC672 ft=1 fh=5ea0d093b6dea23b vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\bin\CheckWindow.exe"
sh=95FC687DD55ECCC266E920A415E02CA1313D83DF ft=1 fh=622d84018506756c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WIDCOMM\Bluetooth Software\DfuWizard\SetupBluetoothFirmware.exe"
sh=4EC8A3497EEE1CEB8066E585422F85057858619E ft=1 fh=f371628619c21a3c vn="Win32/Sality.NBA virus" ac=I fn="C:\Program Files\WinRAR\RarExtLoader.exe"
sh=43A9749BB4D2B8EE612D9AE1E7BB5C3CD2A85D7D ft=1 fh=73c00ac2f4b81b74 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\ASPEncoder\Uninstaller.exe"
sh=92EC8F15BF704698A57504EDA83D32853B6C1EC4 ft=1 fh=72173b66255bfe75 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\ControlPanel\Uninstaller.exe"
sh=29CF40C0AC2E7F9877C4B91422A5925852347961 ft=1 fh=1ec1215c0dd2064d vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\Converter\Uninstaller.exe"
sh=A313B47D7334AD43CE5C0517EC9E4B51D95A6E1A ft=1 fh=2944a770f1ed7c1c vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe"
sh=F813ED28F6A7BBE0F28385DB0EFD779AB12D8C86 ft=1 fh=a210deba2d1c532d vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DivXDecoderShortcut\Uninstaller.exe"
sh=D0DFC5E18F72AC57336B90FAB5E375E49D498362 ft=1 fh=fb5d2ec610895791 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DivXPlusShortcuts\Uninstaller.exe"
sh=837017FAA7E2525E4446204482F59B49FB11CEBA ft=1 fh=71259b9ae8357ba1 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DSAACDecoder\Uninstaller.exe"
sh=3CEB3AA07E81759F16C0CA3D2B6CEB0BB00DB0B1 ft=1 fh=4b632fbeb87a7c2b vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DSASPDecoder\Uninstaller.exe"
sh=7EB3479EADFD5D888EA754FC831EACAC6145A4FB ft=1 fh=b42ba0163da6200f vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DSAVCDecoder\Uninstaller.exe"
sh=52829ABCF1F2E229DC86307E6472519608E0C8C3 ft=1 fh=de9691b22f6988f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\DSDesktopComponents\Uninstaller.exe"
sh=488A63C2D3E6DBD2B30392C16AE001A304F7287A ft=1 fh=06a875fec7ed4268 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe"
sh=110EB539B81F44B664C969350C5B77E41A0D7C52 ft=1 fh=91644a572cfa9d1e vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe"
sh=CAF12C721CF12BFF887F8163EAB271900926E941 ft=1 fh=b8d2fb572ded1c31 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\Player\Uninstaller.exe"
sh=F8D53E729F1A05CCA0DB350E2D932901EDC4EB9B ft=1 fh=3bcc380aab4e9c99 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\Qt4.5\Uninstaller.exe"
sh=22865BF8F784AE657F10E66FFF6B652A7A8715C8 ft=1 fh=86f09488d2c3ea0e vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe"
sh=C96050C5DA8B119EE71F0AD2835ACAA81AD42051 ft=1 fh=03ec2d30b7c4981a vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\TransferWizard\Uninstaller.exe"
sh=104ADB6CD31590A0F3A2C138A6E28ECBF3D47123 ft=1 fh=9c246f9ff74de8b5 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\Update\Uninstaller.exe"
sh=55EAE83815374BB8A43CDEEB359148462C626FEC ft=1 fh=538505372fed3dae vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\DivX\WebPlayer\Uninstaller.exe"
sh=A2F12CF4CD980E7AA4DF90DB2B43C6BF51313E9E ft=1 fh=0e96da13fbbf4fec vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\Macrovision\FLEXnet Connect\6\agent.exe"
sh=A97E44AFCE6D257A9B59FBC1F8A121623AFA9C0B ft=1 fh=7db21ecd3ae68964 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\Macrovision\FLEXnet Connect\6\dwusplay.exe"
sh=DB0ED2AB05ABBE6C7D30B91B7D53203E020CB436 ft=1 fh=79357389b6fa13fd vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\Macrovision\FLEXnet Connect\6\ISDM.exe"
sh=D1673114CB61069860D19488FC46DF6650E1B0E1 ft=1 fh=531350d47f1fb215 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\Macrovision\FLEXnet Connect\6\issch.exe"
sh=B3443BBAE17A150AF3A39EF88D541A260C1C1F7D ft=1 fh=4c7b95570a3f6ccb vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe"
sh=C392EB9DC49A2FE7583F077E002F501D1575EEEB ft=1 fh=42350fc6bd17639b vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\MCShield\MCShield-Setup.exe"
sh=BD23B3D50FC2B8B383F71EFBFC05410F649200D9 ft=1 fh=5382d624de846e65 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\10dbb1bc-ef1b-4c2e-9bea-aaba3f42532c-extr.exe"
sh=F6753BDCCE0617FCEBF610DC2BD772F5137F8298 ft=1 fh=ac400163d906ee08 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\12629730-a7ef-4776-90c2-15bd80aebe01-extr.exe"
sh=E3C0B2CE30B5501B3534903C093C1FD3EF81AA8E ft=1 fh=9b7fae60e31ba9d2 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\134726E5-0682-43C5-8AA2-DD4D6A866DD4-extr.exe"
sh=3E92DF4FD96C417FA618448190A265EAC055211B ft=1 fh=2ff9c37f3cfcf1c2 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\2698CE7D-5E0F-45A5-B451-557D8A56C3B9-extr.exe"
sh=F1465846A84105199DF3E13DC0885A600EAF8813 ft=1 fh=bfa95e703fdeae4b vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\360A3A90-895C-469D-A2F9-1B9ED1DB7F7C-extr.exe"
sh=A50A0EF3B99B32C04FFEC82CD0B5DDCE0A0C6E0D ft=1 fh=957b6efbcf548c6d vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\3C448D22-AD49-43EC-85C5-A6020A10E823-extr.exe"
sh=698A0BCF27952430D3CAC3B2E881F49578286176 ft=1 fh=882aaed6ff703d9b vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\49edfae8-e0cc-45fb-96e6-d60571dd122d-extr.exe"
sh=A4C89D50EE56078D43B87AF5A48E4B7CF778E234 ft=1 fh=dd39152e331e7f79 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\53E95F38-82F7-4304-8E82-B6993C2A9FCA-extr.exe"
sh=19BC596E88BA1D60EB48EF3C29DC6BCC2D5A3E93 ft=1 fh=0769d86728708a8a vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\5efc38bb-2dab-4442-8e97-38975fa121af-extr.exe"
sh=9140D9719AFA38EC522224E1C06332B7DA294CE4 ft=1 fh=32bd2dcd591fcddf vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\6B2E06FE-9D3B-476F-A58A-28CD98C654B5-extr.exe"
sh=6BE9BAC68EC5D389884FB5210201C92AD1253D02 ft=1 fh=811fd9a319bf6303 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\6c94658d-56c8-489d-b890-742d98d7367e-extr.exe"
sh=784CFAB3238D2A1443418441F8B022AEA5B7CA36 ft=1 fh=0412d0bdc311914f vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\6E7DD52D-205E-4D6D-AF6A-0C34703DFA61-extr.exe"
sh=86903E01CC3BC2CAF0945E61637B4A441E1318A9 ft=1 fh=258c77004cf18704 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\735D55C1-EA16-4128-8762-43E626AC0FC5-extr.exe"
sh=7E6DB6E402B40D5C1B437A6C7E2127E0B0070B8E ft=1 fh=8a72825cad7b52ab vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\81401A6B-F2DF-4140-8D06-68F5238D9796-extr.exe"
sh=0F39149E4B2FB011AA16B4D9ECB70FE0ADAECF3F ft=1 fh=8796b0762a3a0a1f vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\951226E3-26FC-40BC-8085-3677B1128F59-extr.exe"
sh=A259AEEBB3CB838A572BF602267C8B087376470C ft=1 fh=ad5bf7ebbb2814db vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\a382b548-99a3-4dca-9a58-62b8e08af23d-extr.exe"
sh=1F9BCFA74EE1C0728CAED7CBE05541639B398BFF ft=1 fh=384cfc1a1ca2a982 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\A4B598D2-9BFF-456F-A667-D3B8A0849286-extr.exe"
sh=3F9A8965DCDD666247458FD282065F8307C7A139 ft=1 fh=484a1d6b0d6f94b8 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\BC3D43F7-BC64-490D-92B5-D2AABEC7FA85-extr.exe"
sh=2F20DE9ED9862FC94BE85BB901FDDEF606C2A3CD ft=1 fh=30a893ff1e2ef2ed vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\C8DEFEB5-AFE9-48D0-A9E6-355F537F0BAD-extr.exe"
sh=68FE762E1F629BC28879BC0B513B1C8CE07A8764 ft=1 fh=e17e9ac9a2ee66cf vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\D019FD02-0A27-49B6-903B-4BA3E04F568F-extr.exe"
sh=DC1B9226F78539AAF70946DE56D9D10412765C09 ft=1 fh=ef99941424276e5e vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\D3FA6542-CA31-4ADB-89A0-837D4136F8F8-extr.exe"
sh=E874337B1F1A3A8919ABD8C86B18595E6D77291C ft=1 fh=f31ebff02667fe43 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\E1C0210F-E01D-446A-8A15-9E2C938199DD-extr.exe"
sh=319DB86A7C4EF0BE1C2EBA7DD9CE206B1C727334 ft=1 fh=cf4a35e796fda49e vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\e2b97a3a-abc8-4666-a349-e68f8db02613-extr.exe"
sh=F43767F4FE2ABBD2F8AA6F98D2CC03A7D891501C ft=1 fh=4122635fb172cf24 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\F97B8890-7DD9-4E9B-ABD9-772FE25169FC-extr.exe"
sh=A25A48CC7A5594C5BB73A3B624F9AECF3354CBB4 ft=1 fh=18f7aaec8eda5f0c vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\FA9E2D68-8707-44C8-B93D-2FF048183749-extr.exe"
sh=A62454E42FB0647AB99C33157C5817263220013F ft=1 fh=015cf01e92d9ab49 vn="Win32/Sality.NBA virus" ac=I fn="C:\ProgramData\WildTangent\oem-eula.exe"
sh=2965AA0BFDFCD31FDC8815DD9D3AFC90A5E6001A ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="C:\Qoobox\Quarantine\D\_autorun_.inf.zip"
sh=3CDD702CAE0676FF961FAB4859A729AFA2F0D0DC ft=1 fh=c71c0011efe8899a vn="Win32/Sality virus" ac=I fn="C:\Qoobox\Quarantine\F\fmkw.exe.vir"
sh=182BCB27E2900F2037C720199BF528FE28EC2AE5 ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="C:\Qoobox\Quarantine\F\_autorun_.inf.zip"
sh=D754ED0CE63E6C1CDC4689A4B473B44A6301B18B ft=0 fh=0000000000000000 vn="Win32/Sality virus" ac=I fn="C:\Qoobox\Quarantine\F\_fmkw_.exe.zip"
sh=79765A691E9B173A67776EC09CFCAD9EAB977B22 ft=0 fh=0000000000000000 vn="Win32/Sality virus" ac=I fn="C:\Qoobox\Quarantine\F\_tomj_.exe.zip"
sh=7EB4B40440E2B78D567D8A29B6B04EA2E71892A1 ft=1 fh=03eb58aff6f82736 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\Firefox Setup 3.6.7.exe"
sh=10D630A9C3A27D99639D6153A94218809FB460D8 ft=1 fh=fd15a48a54979150 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\freedom-20100720-01.exe"
sh=FEB1265AC2EA22660FD05FF4D22DADF51680777E ft=1 fh=45af67055d071609 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\Installer.exe"
sh=4E7EB6A0AD65F3F402B578F9C54310F5EB78B42D ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.E.Gen application" ac=I fn="C:\softs\NortonIS.2011.rar"
sh=2A30D80B0B826629479E7C03594C436B600A2DD0 ft=1 fh=d9db30a0817a09c1 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\utorrent.exe"
sh=AFA6D4CAB6C2A1202891D613282C297F2237ABF5 ft=1 fh=23709429ecf39762 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\idm5193\idm5193.exe"
sh=D3CAFAFA396AFB1B374F8E27F7E924CC0284CDCD ft=1 fh=ae45919d391b2036 vn="Win32/Sality.NBA virus" ac=I fn="C:\softs\NortonIS.2011\NortonIS.2011\NTR2010-v1.7.exe"
sh=A5C5E09103F0B9232404C70C19D0692567F9D4A4 ft=1 fh=295cb9e5db342ff0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Adobe\Setup.exe"
sh=704B4B99A124D7FBF0E303105F819DBE8F0729E0 ft=1 fh=0bc13ccbb290416f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\AIMinst.exe"
sh=CB93424298EBF3295D1D94DABD99D92CB0B54675 ft=1 fh=3c84305a5b78f2c6 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\AIMLang.exe"
sh=07C2DFCD24C23BDE6269E9346F34CC67351A08C7 ft=1 fh=4cea93784088b369 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\aimlang_uk.exe"
sh=60CA2A45DCE181CD04A356C7A5DA3C952C1382FF ft=1 fh=649620b12669989e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\alsetup.exe"
sh=9607135714B97235D2EEF55BD2039D90EC08BEA7 ft=1 fh=2df22e21c57549bb vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\aoldlmgr.exe"
sh=7C4783A88AF6248ACDE59090FA8033DC40763A37 ft=1 fh=1f0d7bc3ff74f758 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\migrator.exe"
sh=D38D998652A7E74FBA16D4FFC4E0C808FA5D2A90 ft=1 fh=f95eed44eb9b6b18 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\ocpinst.exe"
sh=66A7E50670793070D865F4DF8554B8E7FAE61A8B ft=1 fh=c8dc4b27dd104165 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\postproc.exe"
sh=5D3CA9B5E130D3DC43412D9CA389AF8E95B57318 ft=1 fh=4698ea2b19f01d84 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\setup.exe"
sh=D64E388B5E7F17BDC2B544FF4F412D32E00DD96C ft=1 fh=7cf24c5ceee4160f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\tbsetup.exe"
sh=7E5D5BCDB87EDAC27101257241DF86F16BAB436D ft=1 fh=9e4ceac91ed26f4e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\unagi3.exe"
sh=B5F05F5C61BE5511D79999AEF1B10EFA6BE31FE4 ft=1 fh=fc840f9a1bc4398b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\AOLIMS\Vwpt.exe"
sh=D90CB5EBE609EF7423735B595C868B5F2DE9D5B3 ft=1 fh=b5eb28d75f689c73 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Setup.exe"
sh=937D58BEE732CF0EF9FA8C4D5CC21BE47372EB96 ft=1 fh=5efb721b6feca8f3 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\Setup.exe"
sh=80AB08AB92B8BF9195386BF3C54FEA29A8AABC02 ft=1 fh=5efb721b829c05b5 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\LPrint\Setup.exe"
sh=96211F8C178B84D379DA2B0B713414A1DCA9D6DB ft=1 fh=5efb721b2f035ddc vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\P2Go\Setup.exe"
sh=95E227AC64358CBD21F627B1730BF2137905BF05 ft=1 fh=601ce796dafd9282 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\PDIR\setup.exe"
sh=CEECB5F4EC99EF0C95ADE4132D8C62CEBD406BB1 ft=1 fh=6d9e7ab9dd417fc7 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\PDIR\Richvideo\RichVideo.exe"
sh=E7CB5626583D9CE6D7F9474750054D2F8647CDC2 ft=1 fh=73ccb8f83492a48a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\PDIR\Richvideo\RichVideoInstall.exe"
sh=9B9573266ED11E506676E999A7F04CFDBA323C17 ft=1 fh=e791dd48d899482b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\PDIR\Richvideo\RichVideoUnInstall.exe"
sh=FC5428964C6935796D1B24651E3E753FED0018AB ft=1 fh=5efb721b2e00ae40 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage1\PStarter\Setup.exe"
sh=6BBD0E603510A97629A24FA442F14FBFFEFD2361 ft=1 fh=5efb721b6f10f9c3 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\Setup.exe"
sh=67CAEB05ECE782AF4146935910328C258A243891 ft=1 fh=5efb721b1a644a89 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\LPrint\Setup.exe"
sh=AD6DF60C85D60C92F1FC39631A190A51C268E455 ft=1 fh=5efb721bb5db1c05 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\P2Go\Setup.exe"
sh=5FC66384F3E1C34390901DF78B2AA243441C6638 ft=1 fh=601ce796e2d8ebf2 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\PDIR\setup.exe"
sh=AA41453DBE85130CB39A791AA6682A658DD6EAB2 ft=1 fh=5efb721b3a0948fe vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\PhotoNow\Setup.exe"
sh=ABBE8DCC3BBEF48E18296AB3B5CE202344289A70 ft=1 fh=5efb721ba97c34e3 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\CyberDVD\Stage2\PStarter\Setup.exe"
sh=22C0C48DFC70614CEBA8685879116F4A667B3174 ft=1 fh=fbeeec923cf9a018 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\DPFPR\Setup.exe"
sh=7EC0DDC52F265CBC292D797B77FA2A477C3CAA2A ft=1 fh=85e512c454e2edeb vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Setup.exe"
sh=4B07C6137B17312AC796CC33CBB78A2ED9C13B76 ft=1 fh=791411e21bf7d9f5 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\Setup.exe"
sh=F80815A4C6A16D454F10E55A5696BB800E601493 ft=1 fh=791411e29961a96c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V32\Setup.exe"
sh=AFEFC86564554067A03EBE28346F4DD24DEADB5C ft=1 fh=c3ef15900da53be4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V32\UIU32a.exe"
sh=5FB4CD2A5D235CD4396AC1C2A992F3E097E88E54 ft=1 fh=82906c070e49561b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V32\SmAudio\Setup.exe"
sh=79AC633B00E5904BD836E7597F6DEE4A6B9E3D04 ft=1 fh=79f3800ab7381590 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V32\SmAudio\SmAudio\SmAudio.exe"
sh=4ED5A62F07EA0A0F61154DA57407A2C2132790FD ft=1 fh=82906c070bd144c7 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V64\SmAudio\Setup.exe"
sh=70150D810202F8ACFB7C4BF23627FC72BCC03B45 ft=1 fh=79f3800a8e3f931c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Hermosa\V64\SmAudio\SmAudio\SmAudio.exe"
sh=81ABF6EF52C6C7D9AC318586F8E4312C109345F4 ft=1 fh=85e512c4d975812e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Venice\Setup.exe"
sh=3B6E2952B7634D655DA55A0DFCF4C2A21D804E95 ft=1 fh=85e512c4702958ef vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Venice\V32\Setup.exe"
sh=72487DB26124D35931254D2C4DA352527B04F98E ft=1 fh=78135962af7664be vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Audio\Venice\V32\UIU32a.exe"
sh=7DAE728CC4FFDBF5A1EDF888134FE03225860B8D ft=1 fh=85bf693c9cfe1a03 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Setup.exe"
sh=2CC0AF06A698551FF8579074836776CB2ED57EC0 ft=1 fh=640d549b73db6ee3 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\BtwMM.exe"
sh=996A3EFBA191B9FCF190A89D2AF2E983F61BDCB1 ft=1 fh=2ff45b4b61a5d961 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\Inst.exe"
sh=C699108CEEE3F8E965339979C3B7EC19C7EB1601 ft=1 fh=8c422039616af689 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\instmsia.exe"
sh=36CE87BC53DF31D4C1969F543DBB204298BF9A6C ft=1 fh=504faadc1e2bf96b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\instmsiw.exe"
sh=82031C1AAB5B2E43E5D3FCE4D5C3D69F59B75774 ft=1 fh=85bf693cda202cc9 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\Setup.exe"
sh=2E7CAA917ED670F3E55BCA203AA76564C19C409C ft=1 fh=d8bb0c5c61e3da3d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win32\brcm\DPInst.exe"
sh=BF8A9A72BB6AD6FB28523A1B6805EF6964AA914E ft=1 fh=468698ed8906baaf vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win64\BtwMM.exe"
sh=812EB11ED78CD5BABB76965EAC2EA99EC6FA6EFF ft=1 fh=79c6d8d0867ae48f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win64\Inst.exe"
sh=257723C5ED42523B1653881B63C30F1D33D0210F ft=1 fh=8c4220394a725afc vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win64\instmsia.exe"
sh=0F9569386AF51EC2CF733EADCEAEB2A492E3B46B ft=1 fh=504faadcd2681452 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\BTOOTH\Win64\instmsiw.exe"
sh=D45F7D06D6C98BF6C4CA8C36CFE30C61F965F49D ft=1 fh=f252ab3e494550ee vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Chipset\Setup.exe"
sh=D00038AB2BA87D507680631822C09F4FA315A5AE ft=1 fh=3b84fcd356f955c1 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\Misc1\ATMinInstall.exe"
sh=10DA3C68635E5112953C5E90C899443DF1B59978 ft=1 fh=815829e308658329 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\MISC2\setup.exe"
sh=8A10DBB079296031E7257774CA06D779A91273C5 ft=1 fh=079e6e65899dd01b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\modem\Setup.exe"
sh=7CDA094FE654B8FD846F87347399C7BE26BE5391 ft=1 fh=0bd9426520e775cf vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\modem\Netwaiting\setup.exe"
sh=8926DE26CAB106500E07426D48E85A7196090CCF ft=1 fh=079e6e65a34fc887 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\modem\V32\Setup.exe"
sh=27E746316C8BF4AFCDA6676AB18FA56B664B47E8 ft=1 fh=5c72dc26e9fa454b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\modem\V32\UIU32m.exe"
sh=B5338DFD3796EE4BA87151EE22824127A0ED95A1 ft=1 fh=b65d30fd0d3e0288 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\modem\V32\xaudio.exe"
sh=80E68D690E25CE223817800C19CEE2FEABDA3F41 ft=1 fh=d02b3eb6128fd234 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\MSM\setup.exe"
sh=4E64B34A40E44E87871FEB2815BB4E1A4B0C081F ft=1 fh=003366831d0b87bf vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\NETWORK\SetupYukonWinC_5X6N.exe"
sh=A2AAE71A94CA0BCC1DDEAEB5F3D1570444168CF1 ft=1 fh=ce4d1fe4774a634f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Setup.exe"
sh=DA4C30FFF1D3E4341B02FD941F97C1C20624EC68 ft=1 fh=dbc5ebe68f0c30ee vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Vi32\ApMsgFwd.exe"
sh=898376E942A2241D1A2AAF571C442858BF515E4B ft=1 fh=cedc99af009fe7c4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Vi32\ApntEx.exe"
sh=B980BDEE6D3E90CFD1859FE5306CF99614E2F4F7 ft=1 fh=d23f5f72be717bb6 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Vi32\Apoint.exe"
sh=14F3E339940F147482190CA258FED48E4A37B7C3 ft=1 fh=622acf996811ee7d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Vi32\Ezcapt.exe"
sh=FCA49B2E23D0261DFBC2CA66919E58AF316C2B7C ft=1 fh=4003a8dcb9859a56 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TouchPad\Vi32\Uninstap.exe"
sh=4F79B8F06238B519B0007B8867B317FE3A7B4E59 ft=1 fh=c719ef38a8129538 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Setup.exe"
sh=82884E35F6F4F3CD931484A63CE8C06ECBEC198D ft=1 fh=a925106fac9bfe3d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Application\Monitor\IAAnotif.exe"
sh=19138E4E4CAFD4CDCF4BE4F08E2E8A12D01FF281 ft=1 fh=035e3b9de61b6edd vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Application\Monitor\IAANTmon.exe"
sh=6DD92F147363C723EBFB65F7F12D290368E2B751 ft=1 fh=d886861c1c52660c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Application\Robson\ShellEx.exe"
sh=BA8AA4CBA724624338DDB6F7776A7A9AFA31E73F ft=1 fh=4e748c0043523697 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Application\StorageUtility\migrStatus.exe"
sh=228475C18EC6E7C72758C5E65258C187B3EA3687 ft=1 fh=d109cae94df404e1 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\Application\StorageUtility\Shell.exe"
sh=83EBB53C28CAF129AFAF69B370F1EB3D14B86B24 ft=1 fh=75ea36b0d6389c23 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\OROM\IaNvSrv\IaNvSrv.exe"
sh=B3ACF7AF4F13067A0139DFCC9C206B67788D8CC3 ft=1 fh=f4044430257c1c93 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TurboMEM\uninstall\istgun.exe"
sh=755BE60F65A95BD5A54D501A5FA600515D85020F ft=1 fh=41d936b1be12d3a7 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\TVTnr2\HP_Tuner_Installer.EXE"
sh=D724F9847EFE5EFF431D66938CD9DED523C87D71 ft=1 fh=b6a7e1cc569f0a2d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\video\setup.exe"
sh=03333514C61557FF17E232987A5C8AED67136905 ft=1 fh=78fd9613925bc5a5 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\video\WinVista32\nvudisp.exe"
sh=18DC3D0751702D8A882B1722578FE8EF39D0D610 ft=1 fh=9c4049280dd753cd vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\video\WinVista32\NVUninst.exe"
sh=D389C141EA6A3C21926FDD3E8D1B5B3786CD6B89 ft=1 fh=b6a7e1cc351d5e5e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\video\WinVista32\setup.exe"
sh=3A4EF6625A70AF885397DA7551690CF10A342A04 ft=1 fh=b6a7e1ccf201660d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\video\WinVista64\setup.exe"
sh=3F4005D1BB5A6CC9FB93770464B3A10B4731A5D5 ft=1 fh=d8bb0c5cc2c992f0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\WLAN\DPInst32.EXE"
sh=BDBA9BBE540F2540E67E793024807D8628F2128C ft=1 fh=7b2941216831ad76 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Drivers\WLAN\iProdifx.EXE"
sh=11BD92CF462D69CD7988F4D30F34D5BF8F1F3BA8 ft=1 fh=96c7e2eaaba0d59c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\ESUVT\Disk1\Setup.exe"
sh=62E562B54F70F25A1A605087B991C522CFF77A8B ft=1 fh=55c042fa301d8b72 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPASL\setup.exe"
sh=6FC6BBB76CAC6E9174CBCBA04D7912DE3D935D5B ft=1 fh=f32f5ba4e6a828ac vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\setup.exe"
sh=34297065433C50746E6F0EB32E182462977440E8 ft=1 fh=056d29cbe204b8f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\bejeweled2deluxe-oem.exe"
sh=F70DA9598B6044DD43C12B1F5E3308085E1F2F05 ft=1 fh=d02792235f769b55 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\blasterball2drm3-oem.exe"
sh=86310370C732C5FEED441CA38C43E4C50359FE26 ft=1 fh=64994b38e7edb1b0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\blasterball3-oem.exe"
sh=9495473DB5E148ABB9E3D217A0C75A469073DC6B ft=1 fh=7a40006395064a3a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\chuzzledeluxe-oem.exe"
sh=55D4A37429E6BDAD2FB1AA400FDCE262D3B56412 ft=1 fh=b810361d627209b3 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\crystalmaze-oem.exe"
sh=B7250AF8BA56F1500BBB36D57B18D0A19CFBCC33 ft=1 fh=0637dd33d36e3577 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\dinerdash-oem.exe"
sh=D71BA2B0E77E5853177B49C83374598B18BFCE27 ft=1 fh=89e4e9341025c0f5 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\fate-oem.exe"
sh=5ABC9C99DA0889B00259FBFD279F9115D3D578CE ft=1 fh=398e1d8a1e3bbe91 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\finaldrivenitro-oem.exe"
sh=2C3F6E50BB05A57FF666BF8EE179037E9C04A22F ft=1 fh=79dc829b8cc88aab vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\fishtycoon-oem.exe"
sh=E6D84333B904B14C1264D9C73324CB17DDE404B6 ft=1 fh=3f98e1855b949af6 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\insaniquariumdeluxe-oem.exe"
sh=8F1B6F74FF85DBC1E469C3FE7523127ED45F94C3 ft=1 fh=00d7ddf421434476 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\jewelquest-oem.exe"
sh=68F569B354EB19F37A7D177A2963A407973928B6 ft=1 fh=9d35054f4fabf527 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\jewelquestsolitaire-oem.exe"
sh=92E4087C0F011E8BE209ACC30B5A9B5ADAC3AF18 ft=1 fh=cec694c5630dc672 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\magicacademy-oem.exe"
sh=20F3D8241A95826A190D7385120EB695ACB9EE30 ft=1 fh=083a4155d024a0cf vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\mahjongquest-oem.exe"
sh=548D0313C257EEC7C6DD031D7EADA302599B1C36 ft=1 fh=06c5732be5f3ee85 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\otto-oem.exe"
sh=0D8C6230585FB0B254E6D37C535346099CA94EE4 ft=1 fh=6e75a916d40777b1 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\peggle-oem.exe"
sh=7130FF8F6E8BA59ECFA143A6A21AEF5868669AAE ft=1 fh=5095583ce05b7fb2 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\penguins-oem.exe"
sh=532531A9CF88BCC84319EE8970FD8B2EF4653363 ft=1 fh=a1536c73462b74fd vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\polarbowler-oem.exe"
sh=71036D0BC4A95B90043FDA3A8ED8629287C1445C ft=1 fh=ca397fa807bb7884 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\polargolfer-oem.exe"
sh=C106C73290D298DB9163829A82E0712CC28571B3 ft=1 fh=add28ed09ecdbfce vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\polargolferpine-oem.exe"
sh=82E76B85752A5C3FAF7F88DE9C9F2E2D73357082 ft=1 fh=224efa4e89624f32 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\ricochetlostworlds-oem.exe"
sh=D6B97A48002570939730E7FA91A98E2FA095E682 ft=1 fh=825cd664acfb3ed0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\sevenwonders-oem.exe"
sh=F8159227D75380A396A841C725270ACAC4612F2C ft=1 fh=85183b6d9cf27727 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\shootingstarspool-oem.exe"
sh=F53096E924FAAB082F7D1CEDDCF763FEB8871638 ft=1 fh=dc2d1743a9c50199 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\slingodeluxe-oem.exe"
sh=2F0DE4F76C7706B76B022831C793FF30F1702E8C ft=1 fh=c728561ff3018db6 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\supergranny-oem.exe"
sh=A1CBE2DB6E897D3490A9CFFFD5D7AC01565960EB ft=1 fh=ef63033255632422 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\tradewinds-oem.exe"
sh=2BB8E715B2064920F64F3267AE87626239FBC484 ft=1 fh=e278e35dfaa7970e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\virtualvillagerslost-oem.exe"
sh=716910834CBF0E1308209528EE0176F1AB7DA97D ft=1 fh=28182ae2e86fe2ba vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\virtualvillagersnewhome-oem.exe"
sh=9A804B7A3F6D0E5A2AA1A39FCCB55C9024DBEC7E ft=1 fh=d74047c827137d3a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\games\en-us\zuma-oem.exe"
sh=4E5E2CAEB166476D367ED24B0A4CA2BC6F3AA840 ft=1 fh=3b4982a03fd771d0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\other\FullSetupGamesClient-hpdesktop.exe"
sh=65529278BA58B15C96E1781CB3661CBB7898F341 ft=1 fh=304126e5b1b3a4e0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\other\FullSetupGamesClient-hplaptop.exe"
sh=B34E9B780257A4DC6B4FF698A2E4163987D690EC ft=1 fh=015cf01e93ebf33b vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\other\oem-eula-english.exe"
sh=4130FF6ED7D85A928EFB1D3C58D54DA92F1B991C ft=1 fh=ab3cc9c4135387b4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPGames\other\UberUninstallSetup-hp.exe"
sh=6BF10CEEABEA4C258872D9623ECC466451D3931A ft=1 fh=c71c00118a75d06a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\hpImgEnh\DeLink.exe"
sh=76ED74DE04F4E2C792E51C7D5AAD27509C6495EC ft=1 fh=e4847b88eaa80605 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPUG\setup.exe"
sh=7C9511E0008D4094FED531FC704266CEC441E82D ft=1 fh=c1e590e8ab272553 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\HPUpdate\setup.exe"
sh=C82A858C200D88B0D88A112ED1DBC8E1F16945D5 ft=1 fh=f2d550a03d247798 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\NAV\External\CommonFi\COH32\COH32.exe"
sh=77565D79D3A38BE0F8CF0F25B39D146453F6FC14 ft=1 fh=5411c4e7433107d4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe"
sh=5531974744C4E299E0B8ABC4B60D231929C2A020 ft=1 fh=dc6c8ccd78fa6fa1 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\NCO\NCO\APP\COExport.exe"
sh=A62D0D18871071CFF6A38531A265E3FB5D78F961 ft=1 fh=db559b78a2284507 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\NCO\NCO\APP\coVisPrx.exe"
sh=F2B4E28BD5F5FE0001A51854EFFA8832DCE26638 ft=1 fh=a48c0bfed1777cd8 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe"
sh=C970C66CC16D51799A7A9ECFF894E9F35075273B ft=1 fh=a75106454e2b965a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Setup\Setup\sshelper.exe"
sh=BEB9A043A2B8D29F4D3EABE97B2B4080664360E6 ft=1 fh=b3a3a453ad1c32f2 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Setup\Setup\PIF_96E2\PIFSvc.exe"
sh=35046CD39B11A4DB17FD09DA19A5CB356880BE4E ft=1 fh=5411c4e704788164 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Setup\Setup\SYMSHARE\SMNLnch.exe"
sh=9787A36210A815E9DF78E9A9E4A94F83AFC177D4 ft=1 fh=f453091f2fc0f83e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccApp.exe"
sh=CFD2C2AFF7A0F4CDE92E103B5C3E46C1397E4355 ft=1 fh=ba5095fd24afeef5 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccLgView.exe"
sh=EA55D01D87CAEB0C61D2F1E658FCF7BBA7CFB045 ft=1 fh=4187c11a3e9e250f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccSvcHst.exe"
sh=71497309DC3C3ECEF6B456A24A6E86C759D0DE96 ft=1 fh=d7e0b171aaf69af9 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\ALUNOTIF.EXE"
sh=6CB4DD03478608A2B8E47DAEBC4D95FBDF153FDD ft=1 fh=c9853aed0e6f40ee vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\ALUSDSVC.EXE"
sh=C4A4B68C9775B9E1F4688B53F8786A389F06337D ft=1 fh=d74041f909b7eef0 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\AUPDATE.EXE"
sh=534FF7A797685C9811BA32B0A91DAC1868F4586A ft=1 fh=82d049c260576677 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LSETUP.EXE"
sh=2A39F3AD5B50987F411C9EB68A367C9181DB1AC8 ft=1 fh=88fac28c8b698455 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUALL.EXE"
sh=CF5012BBA2E82486BA81A19AC76773E99DB6B161 ft=1 fh=e6867dafc80bceb2 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUCBPRXY.EXE"
sh=4F5AD0BA8B019B305939E7EEDBDBAC1C31527A22 ft=1 fh=82d049c2b420b346 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUCheck.exe"
sh=E76921B48F7AB300244EFB2C1D7383FB7C3D02E5 ft=1 fh=921e48a4270ee02f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUCOMSVR.EXE"
sh=DB4CAF9DA08DA93443C203AABBDFD79E7D410250 ft=1 fh=448193ba86a2e408 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LuConfig.EXE"
sh=AF4E96A7B6D31B918C0D14BCF304D6D9F56460F2 ft=1 fh=4fd6c3838ef1af8f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\NotifyHA.exe"
sh=AFCE3FDB3AB4846CBDA70852537F303C730AE6FA ft=1 fh=1ea2ac9f3e9e1b49 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\MSI\wiupdate.exe"
sh=8720615054E725A5325B98D08725D0C8AB7E7631 ft=1 fh=851a81e2b6aba841 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe"
sh=B6D2911AE869819C8A22F9FEF03F35F536CA625A ft=1 fh=5b73aee6edd896db vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe"
sh=3D0E280720EB8D425C98F80B5F42D51416B6D005 ft=1 fh=d607f411b32ed63d vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\VCRedist\redist32.exe"
sh=F728B8853EB3843C0082DF5003B047B13AA0AD67 ft=1 fh=b474585cc5faa3e7 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Inetsec\Support\VCRedist\redist64.exe"
sh=4F8843122EF876E362C0CAF859100F110854E2CB ft=1 fh=1e55837bcdcfa83e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\MMFlash\Setup.exe"
sh=52DC6BC561B2444C3F3EF37CCAB70EA860F15615 ft=1 fh=c9eca53c23ddf34f vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\MVEDV\muveesetup.exe"
sh=C7EC5F75F1AF61580FA6480732CF7EE4677A9549 ft=1 fh=74baf16c70e8a321 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\MVEDV\setup.exe"
sh=74DD4005E6E90DF7C00FBE73D1A837E2431CA81E ft=1 fh=2126757b5f4a760c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\Office12del\ADDBINRG.EXE"
sh=1F963FA7C390335542733100FC4D04B0C7556CD2 ft=1 fh=4b470118a4e5845e vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeAct\OfficeActivation.exe"
sh=F3A1F1F9097404E78B8E8CE8F100094CDFBE9284 ft=1 fh=d595ea4995aedaa4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\dotnetfx.exe"
sh=9DF26950C89347B937F0A39BD84664677B732311 ft=1 fh=b2f1aaa654c4346c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\InstMsi3.exe"
sh=355E57F9978A238C5B34529B055F17070D04DBDA ft=1 fh=f82d228490ecbb82 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\setup.exe"
sh=675EAED66F1862F66AC6C112097AE64ED4970787 ft=1 fh=2b735c0490936f34 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\OWC11\OSE.EXE"
sh=23ECCDAD3691598A7CD68A4B07687C79189AA195 ft=1 fh=c29c0a4768a3e0ff vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\OWC11\SETUP.EXE"
sh=3062128E3E9AD98D1955BFBB989620759FEB24F9 ft=1 fh=f82d228443e07b7a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\Off12\US\OfficeBCM\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\setup.exe"
sh=8E00FB3EB2FEB16D98FBBB95B4B3142F5B755F53 ft=1 fh=5efb721b4483b334 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\QPW\Setup.exe"
sh=5F24B85273A68C966328E1DB85095CF7E346E141 ft=1 fh=98f30d88942ea009 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\QPW\WMFDist.exe"
sh=62BA666614F71063AE2AEA1EE1FBA1E06D577935 ft=1 fh=d244d3ec46c8acf8 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\QTouch\32\vcredist_x86.exe"
sh=9E65442F834242891F5DCC10D3362F9B13B3CBA8 ft=1 fh=202844a48833226a vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\QTouch\64\setup.exe"
sh=79116F257E159095DF30531360EC02A72955381D ft=1 fh=5522154855c226ab vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\QTouch\64\vcredist_x64.exe"
sh=16186AC63AA200FEBD39DABAD7D5D223D751FB7C ft=1 fh=516899e10ea322a4 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\SUNJAVA\Setup.exe"
sh=E0B22A25E148DA42F9D1F2F4377601B19AB7DF39 ft=1 fh=6130eb2c81d4f7cc vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\support\LSHSI\LsDriveDetect\LsDriveDetect\LSDriveDetect.exe"
sh=42DBDED9F0163DB8F06C7F68BB3241CCEBF6E5CB ft=1 fh=522ef0237e0a1c10 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\WLASST\Disk1\Setup.exe"
sh=01C5D52906C3A913D3B479D1C2E2FF364743E566 ft=1 fh=601ce796719faa67 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\YouCam\setup.exe"
sh=EEDADFCBEC648265DF79DDAA2D919900FC6A6D66 ft=1 fh=98f30d8805f299bd vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\YouCam\WMFDist.exe"
sh=2F1B0E72DCD738CF50453A7F0BBBC441A40DBC38 ft=1 fh=365c9b04e24ff51c vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\YouCam\Dx9\DX9.exe"
sh=B90921D537707675AB75EEB805A1DEFDA47C2405 ft=1 fh=9a134d5af40f4262 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\YouCam\Dx9\DX9NT.exe"
sh=0871D43B69DCA6DB1E49505EB227CC33EF4F8ADD ft=1 fh=a13e7254d9d499c2 vn="Win32/Sality.NBA virus" ac=I fn="C:\SwSetup\YouCam\ShareFiles\Share\EffectExtractor.exe"
sh=D1E0623494D87F39AC0DB99E85E7127C3D835B77 ft=1 fh=0ce3dd84ce71b165 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\NVRES\Setup.exe"
sh=02AFD04AB715586E2D7C7E8748BFF74B54CD2C14 ft=1 fh=c709231815a04417 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\CHKIMAGE.exe"
sh=66BE346DF846C2BDAA396C1F9D9DD7130286529C ft=1 fh=5329d42f3a602a07 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\HDD_DMI.EXE"
sh=C733EFD51302A78FB2CF139862498E8A659EB643 ft=1 fh=5c6dfa4c450454d4 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\ISLOGCHK.EXE"
sh=C51740964E6EA5AFBAD55FC0A676C9E3F7A5E2A6 ft=1 fh=7160fb1a2f885e4c vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\MBRInst.exe"
sh=D668394FB8392507061267ED6F1C8DB41BBD9C86 ft=1 fh=fe19514149565518 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\PININST.exe"
sh=3E3316CE3DBDE05FEB09EE8B8999511CC944CE12 ft=1 fh=723df652fa76e6c2 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\PreINFO2.exe"
sh=EAB432C26BAEFCF29DD10F22EF53BAFBEF138073 ft=1 fh=8f19f6ea36a5bb59 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\REGDEV.EXE"
sh=19E1D7B96CC615F9594011071150AF7F29E4542E ft=1 fh=10364da6f43ca93e vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\RStone.exe"
sh=C3067E538D0264E189EF00B1515E7F82638AD8A2 ft=1 fh=1f9123053601caf4 vn="Win32/Sality.NBA virus" ac=I fn="C:\System.sav\Util\TDC\BlockRinUpd.exe"
sh=43A9749BB4D2B8EE612D9AE1E7BB5C3CD2A85D7D ft=1 fh=73c00ac2f4b81b74 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\ASPEncoder\Uninstaller.exe"
sh=92EC8F15BF704698A57504EDA83D32853B6C1EC4 ft=1 fh=72173b66255bfe75 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\ControlPanel\Uninstaller.exe"
sh=29CF40C0AC2E7F9877C4B91422A5925852347961 ft=1 fh=1ec1215c0dd2064d vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\Converter\Uninstaller.exe"
sh=A313B47D7334AD43CE5C0517EC9E4B51D95A6E1A ft=1 fh=2944a770f1ed7c1c vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DFXPlugin\Uninstaller.exe"
sh=F813ED28F6A7BBE0F28385DB0EFD779AB12D8C86 ft=1 fh=a210deba2d1c532d vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DivXDecoderShortcut\Uninstaller.exe"
sh=D0DFC5E18F72AC57336B90FAB5E375E49D498362 ft=1 fh=fb5d2ec610895791 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DivXPlusShortcuts\Uninstaller.exe"
sh=837017FAA7E2525E4446204482F59B49FB11CEBA ft=1 fh=71259b9ae8357ba1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DSAACDecoder\Uninstaller.exe"
sh=3CEB3AA07E81759F16C0CA3D2B6CEB0BB00DB0B1 ft=1 fh=4b632fbeb87a7c2b vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DSASPDecoder\Uninstaller.exe"
sh=7EB3479EADFD5D888EA754FC831EACAC6145A4FB ft=1 fh=b42ba0163da6200f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DSAVCDecoder\Uninstaller.exe"
sh=52829ABCF1F2E229DC86307E6472519608E0C8C3 ft=1 fh=de9691b22f6988f4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\DSDesktopComponents\Uninstaller.exe"
sh=488A63C2D3E6DBD2B30392C16AE001A304F7287A ft=1 fh=06a875fec7ed4268 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\MPEG2Plugin\Uninstaller.exe"
sh=110EB539B81F44B664C969350C5B77E41A0D7C52 ft=1 fh=91644a572cfa9d1e vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\MSVC80CRTRedist\Uninstaller.exe"
sh=CAF12C721CF12BFF887F8163EAB271900926E941 ft=1 fh=b8d2fb572ded1c31 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\Player\Uninstaller.exe"
sh=F8D53E729F1A05CCA0DB350E2D932901EDC4EB9B ft=1 fh=3bcc380aab4e9c99 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\Qt4.5\Uninstaller.exe"
sh=22865BF8F784AE657F10E66FFF6B652A7A8715C8 ft=1 fh=86f09488d2c3ea0e vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\TranscodeEngine\Uninstaller.exe"
sh=C96050C5DA8B119EE71F0AD2835ACAA81AD42051 ft=1 fh=03ec2d30b7c4981a vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\TransferWizard\Uninstaller.exe"
sh=104ADB6CD31590A0F3A2C138A6E28ECBF3D47123 ft=1 fh=9c246f9ff74de8b5 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\Update\Uninstaller.exe"
sh=55EAE83815374BB8A43CDEEB359148462C626FEC ft=1 fh=538505372fed3dae vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\DivX\WebPlayer\Uninstaller.exe"
sh=A2F12CF4CD980E7AA4DF90DB2B43C6BF51313E9E ft=1 fh=0e96da13fbbf4fec vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\Macrovision\FLEXnet Connect\6\agent.exe"
sh=A97E44AFCE6D257A9B59FBC1F8A121623AFA9C0B ft=1 fh=7db21ecd3ae68964 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\Macrovision\FLEXnet Connect\6\dwusplay.exe"
sh=DB0ED2AB05ABBE6C7D30B91B7D53203E020CB436 ft=1 fh=79357389b6fa13fd vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\Macrovision\FLEXnet Connect\6\ISDM.exe"
sh=D1673114CB61069860D19488FC46DF6650E1B0E1 ft=1 fh=531350d47f1fb215 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\Macrovision\FLEXnet Connect\6\issch.exe"
sh=B3443BBAE17A150AF3A39EF88D541A260C1C1F7D ft=1 fh=4c7b95570a3f6ccb vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\Macrovision\FLEXnet Connect\6\ISUSPM.exe"
sh=C392EB9DC49A2FE7583F077E002F501D1575EEEB ft=1 fh=42350fc6bd17639b vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\MCShield\MCShield-Setup.exe"
sh=BD23B3D50FC2B8B383F71EFBFC05410F649200D9 ft=1 fh=5382d624de846e65 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\10dbb1bc-ef1b-4c2e-9bea-aaba3f42532c-extr.exe"
sh=F6753BDCCE0617FCEBF610DC2BD772F5137F8298 ft=1 fh=ac400163d906ee08 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\12629730-a7ef-4776-90c2-15bd80aebe01-extr.exe"
sh=E3C0B2CE30B5501B3534903C093C1FD3EF81AA8E ft=1 fh=9b7fae60e31ba9d2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\134726E5-0682-43C5-8AA2-DD4D6A866DD4-extr.exe"
sh=3E92DF4FD96C417FA618448190A265EAC055211B ft=1 fh=2ff9c37f3cfcf1c2 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\2698CE7D-5E0F-45A5-B451-557D8A56C3B9-extr.exe"
sh=F1465846A84105199DF3E13DC0885A600EAF8813 ft=1 fh=bfa95e703fdeae4b vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\360A3A90-895C-469D-A2F9-1B9ED1DB7F7C-extr.exe"
sh=A50A0EF3B99B32C04FFEC82CD0B5DDCE0A0C6E0D ft=1 fh=957b6efbcf548c6d vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\3C448D22-AD49-43EC-85C5-A6020A10E823-extr.exe"
sh=698A0BCF27952430D3CAC3B2E881F49578286176 ft=1 fh=882aaed6ff703d9b vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\49edfae8-e0cc-45fb-96e6-d60571dd122d-extr.exe"
sh=A4C89D50EE56078D43B87AF5A48E4B7CF778E234 ft=1 fh=dd39152e331e7f79 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\53E95F38-82F7-4304-8E82-B6993C2A9FCA-extr.exe"
sh=19BC596E88BA1D60EB48EF3C29DC6BCC2D5A3E93 ft=1 fh=0769d86728708a8a vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\5efc38bb-2dab-4442-8e97-38975fa121af-extr.exe"
sh=9140D9719AFA38EC522224E1C06332B7DA294CE4 ft=1 fh=32bd2dcd591fcddf vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\6B2E06FE-9D3B-476F-A58A-28CD98C654B5-extr.exe"
sh=6BE9BAC68EC5D389884FB5210201C92AD1253D02 ft=1 fh=811fd9a319bf6303 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\6c94658d-56c8-489d-b890-742d98d7367e-extr.exe"
sh=784CFAB3238D2A1443418441F8B022AEA5B7CA36 ft=1 fh=0412d0bdc311914f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\6E7DD52D-205E-4D6D-AF6A-0C34703DFA61-extr.exe"
sh=86903E01CC3BC2CAF0945E61637B4A441E1318A9 ft=1 fh=258c77004cf18704 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\735D55C1-EA16-4128-8762-43E626AC0FC5-extr.exe"
sh=7E6DB6E402B40D5C1B437A6C7E2127E0B0070B8E ft=1 fh=8a72825cad7b52ab vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\81401A6B-F2DF-4140-8D06-68F5238D9796-extr.exe"
sh=0F39149E4B2FB011AA16B4D9ECB70FE0ADAECF3F ft=1 fh=8796b0762a3a0a1f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\951226E3-26FC-40BC-8085-3677B1128F59-extr.exe"
sh=A259AEEBB3CB838A572BF602267C8B087376470C ft=1 fh=ad5bf7ebbb2814db vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\a382b548-99a3-4dca-9a58-62b8e08af23d-extr.exe"
sh=1F9BCFA74EE1C0728CAED7CBE05541639B398BFF ft=1 fh=384cfc1a1ca2a982 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\A4B598D2-9BFF-456F-A667-D3B8A0849286-extr.exe"
sh=3F9A8965DCDD666247458FD282065F8307C7A139 ft=1 fh=484a1d6b0d6f94b8 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\BC3D43F7-BC64-490D-92B5-D2AABEC7FA85-extr.exe"
sh=2F20DE9ED9862FC94BE85BB901FDDEF606C2A3CD ft=1 fh=30a893ff1e2ef2ed vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\C8DEFEB5-AFE9-48D0-A9E6-355F537F0BAD-extr.exe"
sh=68FE762E1F629BC28879BC0B513B1C8CE07A8764 ft=1 fh=e17e9ac9a2ee66cf vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\D019FD02-0A27-49B6-903B-4BA3E04F568F-extr.exe"
sh=DC1B9226F78539AAF70946DE56D9D10412765C09 ft=1 fh=ef99941424276e5e vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\D3FA6542-CA31-4ADB-89A0-837D4136F8F8-extr.exe"
sh=E874337B1F1A3A8919ABD8C86B18595E6D77291C ft=1 fh=f31ebff02667fe43 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\E1C0210F-E01D-446A-8A15-9E2C938199DD-extr.exe"
sh=319DB86A7C4EF0BE1C2EBA7DD9CE206B1C727334 ft=1 fh=cf4a35e796fda49e vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\e2b97a3a-abc8-4666-a349-e68f8db02613-extr.exe"
sh=F43767F4FE2ABBD2F8AA6F98D2CC03A7D891501C ft=1 fh=4122635fb172cf24 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\F97B8890-7DD9-4E9B-ABD9-772FE25169FC-extr.exe"
sh=A25A48CC7A5594C5BB73A3B624F9AECF3354CBB4 ft=1 fh=18f7aaec8eda5f0c vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\FA9E2D68-8707-44C8-B93D-2FF048183749-extr.exe"
sh=A62454E42FB0647AB99C33157C5817263220013F ft=1 fh=015cf01e92d9ab49 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\All Users\WildTangent\oem-eula.exe"
sh=EBC60930E8F589116CC34C08000D7CEE79496942 ft=1 fh=aac040a8ebe07b09 vn="probably a variant of Win32/Agent.HLU trojan" ac=I fn="C:\Users\phani\AppData\Local\temp\gamt.exe"
sh=C76EAE53A2D07CC8263B0189D50FCE18E3B6002F ft=1 fh=1bdc65d0e852ebeb vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe"
sh=C6AF13D4B94AA622426CFFFC503DDD3A75E2A381 ft=1 fh=b3c5819d3c543405 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\cpp\Untitled1.exe"
sh=CBD914EF15BC98886A8ECCB727092A490C069488 ft=1 fh=8580b72ebf78941f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Compressed\eclipse\eclipse.exe"
sh=74F0FE5D79F9F32475F86712C0A0B495A9955B22 ft=1 fh=01b7890336fa8c03 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Compressed\eclipse\eclipsec.exe"
sh=9AE5D5A3E09A86D59AE3E95FE381CCC75D6F9C26 ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.OFK trojan" ac=I fn="C:\Users\phani\Documents\Downloads\Documents\84a7cd.pdf"
sh=602FF9E37F213B7A693791A9CAB8A029A1DE385F ft=1 fh=20c4e7e0763b6b6c vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\1118_1119_hpqsrmon_hpcom_fix_v7.exe"
sh=7806F770C710A956AA6AE702F2BDE104E0369B9A ft=1 fh=70f2756a19d8cdff vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\4kvideodownloader_2.7.exe"
sh=C2D69C114DE525468375FFB75FC2A9F6533A9F18 ft=1 fh=c5d4e98bf554416f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\51a720de67609.exe"
sh=114DAED4244498D276ED6FD5080BBB33D1F35C68 ft=1 fh=6251743fd2045f4c vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\51a720ed2aa4e.exe"
sh=95A9E626A51114671531E7170E38DBA92B99F414 ft=1 fh=3e84de5b1463678f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\ChromeSetup.exe"
sh=6C1E0AFABB69E0DCB21F6B901EE6DEF3927C9679 ft=1 fh=8485e3d958c504db vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\DHDemo.exe"
sh=6B463F9E67CC2FA1A913E22AA5A53AC66C34B8D7 ft=1 fh=202a19be2940a638 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\DivXWebPlayerInstaller.exe"
sh=8C88CF9185FE77D9143812F1C09C4EB4AC8D031E ft=1 fh=f767f9423b1daae1 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\Dropbox 2.0.22.exe"
sh=C128A006093E9194E723B30C2E260657B772BC70 ft=1 fh=cfdfe0830c95f2e6 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\emule0.49c_setup.exe"
sh=3C965E667D7AB82D4866FFE279458F7F9FD0938F ft=1 fh=2da0fb5933717222 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\FreeYouTubeDownload.exe"
sh=DF8F91B7C867D190FE1A7361CDCAF96E1FA6B790 ft=1 fh=fe69d73baaab4766 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\ICS_Dv32.exe"
sh=BB86DFE9E486F9753CC5F94323C7EBEB6FA85FFC ft=1 fh=919a72a75ce25847 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\Intel_NCIDT_306.exe"
sh=0835E9B796600B7ED7BA773729E77B65365EE380 ft=1 fh=75047fb3927c395c vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\MSReaderSetup.exe"
sh=3699806A00C46AC30737E6E2058EB8C5FF0495AD ft=1 fh=edd7ec5907b4ae3f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\NetFx20SP2_x86.exe"
sh=7226046666CC1DFEA2B94FC1A20EF5550EC2944B ft=1 fh=995dea8b191acede vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\QuickTimeInstaller.exe"
sh=00E3ED5C24316B4663CC8CEFE1D034181007836A ft=1 fh=6bff0731d568fd34 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\rcpsetup_26117.exe"
sh=63F8B10703523916783D30C63317CB7B057571BD ft=1 fh=b9e34cebcfee5c4f vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\search_defender_166.exe"
sh=8257C42B6D903061458DD456D8470B5AFC4DF88E ft=1 fh=b2218a45acf8b480 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\search_defender_alternate_166.exe"
sh=FD91AD873AADFB8D9FCB590B0E4CAC26FDFC40E5 ft=1 fh=dc2ab64108b37f60 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\SecurityScan_Release.exe"
sh=5935B151E0B1BFB6FF840D7D0A0BC5EEDC56C202 ft=1 fh=4487d5056e0af47b vn="Win32/InstalleRex.J application" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\sHaRewbb_ltalttscri1570new.rar.exe"
sh=8AE6877D3DA678E05DA2EE1FF1601BDDBFDC85E1 ft=1 fh=1dbf7062e5d6c2b4 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\Shockwave_Installer_Slim.exe"
sh=4671017E5B48EFE5D9B147B0C4F17D51C022CCCF ft=1 fh=91bf7b496a7ff12d vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\SkypeSetup.exe"
sh=3D19B04D8DDF8E2CAE21DD1BD078DE1AD74AEB1F ft=1 fh=1bfc11b657ec7cae vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\SoftonicDownloader_for_hjsplit.exe"
sh=69BD9C0DCA5B9EA40ED0F6543420154E6B7DE9FC ft=1 fh=43b6ab23428915ac vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\Sony_ Ericsson_ PC_ Suite_6.011.00_Web_ENG.exe"
sh=E128EE01EAE614E164D54242D4327CAABB83F79D ft=1 fh=f6e38269dda1b620 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\vlc-1.1.4-win32.exe"
sh=D815DD9F14F31D2A7BAEB9D25A2D55CA192267B4 ft=1 fh=f6e3826943294760 vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\vlc-1.1.4-win32_2.exe"
sh=610684B0E79BC590E6390135E16ADF55CAC9B30C ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Widgi application" ac=I fn="C:\Users\phani\Documents\Downloads\Programs\youtubedownloaderToolbar.msi"
sh=BB471BFD3BB51005F4E075AB9339807E14F11977 ft=1 fh=7ca1e3d999ac24bc vn="Win32/Sality.NBA virus" ac=I fn="C:\Users\phani\Downloads\anki-2.0.8.exe"
sh=5A391B71884FB1B64BEDB118755F76DDCC210483 ft=1 fh=f6b6e062e1c05c2a vn="Win32/Sality.NBA virus" ac=I fn="C:\WINDOWS\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\ACECNFLT.EXE"
sh=A1CCDFB39BA1F535823ADAB6168390D7E29A9853 ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="C:\_OTL\MovedFiles\06032013_101501\C_\autorun.inf"
sh=A45D78AF11AD2225B28B69A44DE2B0B9998BF64F ft=1 fh=076921f1ea98c01c vn="Win32/Sality virus" ac=I fn="C:\_OTL\MovedFiles\06032013_101501\C_\bymyvu.pif"
sh=97B30512C79FAD6FA926AC2DC7B3E7D8E1085BBD ft=1 fh=99d3d99169312527 vn="Win32/Packed.Autoit.E.Gen application" ac=I fn="C:\_OTL\MovedFiles\06032013_101501\C_Program Files\1221189441\phani1221189441L.exe"
sh=AAB695CB3F1E9F9B41690E16740C64EE05100D40 ft=1 fh=c71c0011e6bdfdd0 vn="Win32/Sality virus" ac=I fn="C:\_OTL\MovedFiles\06032013_101501\F_\rnjxri.exe"
sh=2CADEDEF55C02D42EA8108148FE2F25B112D1266 ft=1 fh=c157128a3b3e2b64 vn="Win32/Sality.NBA virus" ac=I fn="D:\HP\RECOVERY\RestoreWiz.exe"
sh=60F2BE34CE064AFC02613EF6D438B5E67619D581 ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="F:\autorun.inf"
sh=EDEED933E7CCC1A80DEC5601D62D6F41D6E06DEC ft=1 fh=c71c0011873e4558 vn="Win32/Sality virus" ac=I fn="F:\pdiy.pif"
sh=12A898431AD5551BD9989254367FBB2EA2AF71F8 ft=1 fh=bb83f8f16e8b1523 vn="Win32/Sality virus" ac=I fn="F:\rnjxri.exe.vir"
sh=BCC591BFDF6C1180C9FC04C076185977E490DC28 ft=1 fh=8df21f5a8605aafc vn="Win32/Sality.NBA virus" ac=I fn="F:\CS 007\00_QuestionsAndTests\QuestionBank\Gre Subject Cs Practice Gter Net\cs.exe"
sh=2EB8C8650B5E1596B9C01F7DCBED1017D08B5355 ft=1 fh=c069ee53ff66171b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\setup.exe"
sh=1F07B7B934D1A77FC3E66E275EEB14DACAC794BA ft=1 fh=c069ee533ae6672c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\setup.exe"
sh=7901990B02782D006A29FB18D0C159C12C4A44D9 ft=1 fh=901d9817de57678d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\bin\win32\vcredist_x86.exe"
sh=F5CA7A571E37E1A5B79A8ABA46FA4EFD8DD1E8F2 ft=1 fh=0de4382543696a71 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\bin\win32\VCRT_check.exe"
sh=A33F9CCF8A0B64B67F1B30A0CFF55A8172D219D7 ft=1 fh=b04c3c270f90b3a9 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\java\jre\win32\jre\bin\java-rmi.exe"
sh=49CB29C8C630476BBB41B7F27978E8F8D19FA59B ft=1 fh=15ee3de80ca5bb82 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\java\jre\win32\jre\bin\jureg.exe"
sh=4456D03D19DB0447C5B956BBDBD740F693B6FD64 ft=1 fh=fa93760ef9f59114 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\java\jre\win32\jre\bin\pack200.exe"
sh=0214D8C8CFD8CC6D784138A24CA771A888841E47 ft=1 fh=44e6415a75259d34 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\java\jre\win32\jre\bin\unpack200.exe"
sh=D9408DB0077BAD330EE4FB5D93FC3F0313E5D45E ft=1 fh=20119f41bd354c1f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\uninstall\deactivate_matlab.exe"
sh=9186DA27CBA4F4C6FC389F5248490025AF545F30 ft=1 fh=a1e4f06f34a5feaf vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\utils\lm\win32\lmgrd.exe"
sh=FFE55DB9146D5459622296B6FD600546EF6399E8 ft=1 fh=e596664ab1fe1e7a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\utils\lm\win32\lmtools.exe"
sh=6BFCB2B5DDD769311BE2EEADF85A84DDD13172EC ft=1 fh=ed9be5b537770fd1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\utils\lm\win32\lmutil.exe"
sh=87718CD662C47368DB18869226D4462C5DD6A61E ft=1 fh=372f56f2dc0ed10b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\matlab2009a\win32\utils\lm\win32\MLM.exe"
sh=2666D1AD1493C4C59F4256DE869CF58724B4DBE9 ft=1 fh=56895918bae35952 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\more stuff\Science\Videos\Theory of Everything (Stephen Hawking)\Folder Lock Portable.exe"
sh=BB4FA20FFB0E38A50FC0A260759F38C244B4DB98 ft=1 fh=b3c5819d5ec64fbe vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\beep.exe"
sh=66653BDD19A4E8C944D94185703A0253EA181CA1 ft=1 fh=eb0c410a0ed24320 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\digit rotation.exe"
sh=740F6DCC5B7CFA12B07BF44BC425C9966D7A560E ft=1 fh=d043f1399b506d71 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\elephants and bombs.exe"
sh=CB2889779C31AC83F832CA47D15ACD6D388F6487 ft=1 fh=b3c5819d2deb4047 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\flames.exe"
sh=97761FEC5EF66314D8D008DF07D8DB4074520E89 ft=1 fh=eb0c410a42343a0b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\garden squares.exe"
sh=27B291E4021CA4200D971C453194F9868354B937 ft=1 fh=eb0c410aba0498fb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\gift rift.exe"
sh=9DA131132621F5C620D608C5F27B891917A6D07C ft=1 fh=eb0c410a891426d2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\hexagon.exe"
sh=E951692E25BD7E7308D2E681BB072CF4BA600918 ft=1 fh=eb0c410a9b283c79 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\next leap day.exe"
sh=2D4C3F034BF8D5667EBDEDB26FF2AAE494C8C302 ft=1 fh=b3c5819dbdf39c3b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\pair sum.exe"
sh=11D8882AB8510533F09A9B21DDBAA19E83002559 ft=1 fh=b3c5819d06545851 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\path in a matrix.exe"
sh=7063880822FA0CE31EBE4C9A88462ECC80312658 ft=1 fh=b3c5819dfda3c1c2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\phone numbers.exe"
sh=417095A6729DA3C7F4881DA9392627F0A21B627A ft=1 fh=b3c5819dca0d7d36 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac1.exe"
sh=A2AAB3E1609BABE49B718D9A837FA31CA5BC5C74 ft=1 fh=b3c5819ddd49d06a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac10.exe"
sh=55F6E8BF521BC25D5315933DD3C90D2B1F84C1C5 ft=1 fh=b3c5819d977c86d3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac11.exe"
sh=48924B41B89FEA3AEAC45FD76157E7376D574179 ft=1 fh=dff6fac763deac43 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac13.exe"
sh=E7A5C0F257A80AFA93BB8130E5BBFDBAA4511670 ft=1 fh=b3c5819d1b1579fe vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac14.exe"
sh=E99AEA62FCF8F687744F375395F66F52BEA8344F ft=1 fh=b3c5819dc8611cb3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac15.exe"
sh=A0880A781DD65E2012FA572DA75C835CB8C6E3BB ft=1 fh=b3c5819d99415fef vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac16.exe"
sh=DD34E8C68563D27D673C188DC9629F967CD1E85E ft=1 fh=b3c5819d1c77e729 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac17.exe"
sh=967A53E6853E1C0BD4FEDE073C91F5C6FD578E53 ft=1 fh=b3c5819d5969f153 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac18.exe"
sh=F16824563D311244F9BCE25E2E05FB7F5C147E8B ft=1 fh=b3c5819da075f5a9 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac2.exe"
sh=82798BD10438E5A989A5D5D8ECFDB1C2A513C0AA ft=1 fh=b3c5819d820c0025 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac20.exe"
sh=5DD66ED0A579F4F213723097C0F18ED446DBEEA0 ft=1 fh=b3c5819dfa1d4d38 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac21.exe"
sh=A776490F5D61459427AD104BB4E02692B9B151ED ft=1 fh=b3c5819d002e57a3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac22.exe"
sh=F90A2B4D7E86DEFAA6493A63AF88808C2E21B05A ft=1 fh=b3c5819dffc759d6 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac23.exe"
sh=D05551227D1840ACB0756A00496B96BA64AEEEA6 ft=1 fh=b3c5819dd2db4654 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac24.exe"
sh=6C8E4D17F9957EAA5690F34FD952B993E9524303 ft=1 fh=72d69b35c12ce7cb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac25.exe"
sh=40E14CE8A621F4A44AE263022B445A003FF66DB9 ft=1 fh=b3c5819d4a115fdf vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac26.exe"
sh=7D96EDC7AA057C56955C0A29EF8816500D3F4ABD ft=1 fh=b3c5819d729514a5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac27.exe"
sh=2ED874F9CA4CB602D994B97CA0D5EE90CAA973CF ft=1 fh=b3c5819d3c1d07db vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac28.exe"
sh=14C3E8115EC6CE0907E2AB7713AB3384EA31E9D4 ft=1 fh=b3c5819dceed4f5c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac29.exe"
sh=EA07DE191CB9156A922B27786875026618956AC4 ft=1 fh=b3c5819d6432230a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac3.exe"
sh=F9D6953990BA466178C53D50C4181C8AEB0BCD7D ft=1 fh=b3c5819d8448c3e4 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac30.exe"
sh=4767E00E7796576BAD2604A0ADEF1941B88A251D ft=1 fh=b3c5819dcb6f8948 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac31.exe"
sh=D53FC148831E3FE3A96552FF78B2E3A7A67E47A6 ft=1 fh=b3c5819d53a5a2d7 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac32.exe"
sh=5FBB5DE345802CCB59AB174328AC7AC00F2B4A5C ft=1 fh=b3c5819d57dccb3b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac34.exe"
sh=F67A5214B680692B71C6B9389811111AEF3CA66A ft=1 fh=eb0c410af7418146 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac35.exe"
sh=581289E362D13D8F1DEFC161B41C93C9819DFC21 ft=1 fh=b3c5819da16733a5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac4.exe"
sh=2950F725669230988B553FF28D9F915FC4D95160 ft=1 fh=b3c5819d0accacf4 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac6.exe"
sh=51A35AAF6BCAA96C6864AA832C99D77C4A35DEEC ft=1 fh=b3c5819d0780a169 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac7.exe"
sh=A005A0F5FA8FB5D9D058F97A90F06C7B05EA196D ft=1 fh=b3c5819dc1b42ba1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac8.exe"
sh=13F1D73DEA39F10664BA9D3D5B8F913C165AF165 ft=1 fh=b3c5819da994f5c5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\prac9.exe"
sh=CA2211CE2D0A8A2E87A4EB061C8B07973AD01EF5 ft=1 fh=eb0c410a77dd7e2a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\range of data.exe"
sh=E9FBA4357225BA7C0905B9169EA2668AD04D2980 ft=1 fh=b3c5819d2e0f1d03 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\spoon in matrix.exe"
sh=3FDBFBEEA9567319951CBE2ED3D845F112B8F5F4 ft=1 fh=eb0c410aea71edfb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\sum in a triangle.exe"
sh=FD7DA3C0D16C9FB9E7D1AEF455E41E9F0F3A98B8 ft=1 fh=b3c5819d37c11601 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\sum of pairs.exe"
sh=21B756307457651743603030408BE0EE31D1B178 ft=1 fh=b3c5819dff574f61 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\testpointer.exe"
sh=FD7F8F220D368FAD342E377F05751A1C180100DC ft=1 fh=eb0c410a78493592 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\trailing zeroes.exe"
sh=61FC7DA1808725BDCF527945D309880A08423093 ft=1 fh=b3c5819ddf62ec15 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\triangle triplets.exe"
sh=491C5200915C0241FD468465A8117BAE32B3CC37 ft=1 fh=b3c5819d9799c2b3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\ambiguous permutation.exe"
sh=A269F8B4C43F994A1B0E81D2871FF4E6FCF3F197 ft=1 fh=c21c4a87efd32319 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\appetizer.exe"
sh=51C1EC7D449C502A445087F3C27CE3B521E53B02 ft=1 fh=eb0c410a27b5aee4 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\bfs.exe"
sh=4740A7F7AD2A82601E3AF11E52D51AC15BB4F86A ft=1 fh=eb0c410a0daeb904 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\bfs2.exe"
sh=A80C55272EDA12EB315871C9B634ED4B06ACF725 ft=1 fh=5b1e2eac27b8c518 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\birthday candles.exe"
sh=272850F634FFC0E98213DC91C617C8832B60B87C ft=1 fh=b3c5819d2d281347 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\checking.exe"
sh=18DDFF6449088F1748A790C421B3C4B0C49B12CF ft=1 fh=c21c4a871db80366 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\cleaning up.exe"
sh=2931098A67B986725120BC9CDA3E027E3656F1A0 ft=1 fh=5b1e2eac55147d4a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\cooling pies.exe"
sh=D033225835EF090B9D86330405FD213227BAE640 ft=1 fh=eb0c410a797658da vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\cupcakes.exe"
sh=6AFB6FA7208B4CB5EFE043E55077A9E7F2CEB070 ft=1 fh=5b1e2eace1b03910 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\cutting recipes.exe"
sh=78F234AE017C4D90B989C276745443A4E194DBF3 ft=1 fh=eb0c410a3e6e1010 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\daily train.exe"
sh=17B30595839AC885AB40A4DA45D3223A56EB76BE ft=1 fh=b3c5819d1329ea66 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\dfs2.exe"
sh=86B38232CAD75948592B9241F3F4FA15EE8D6BB7 ft=1 fh=b3c5819d112dfdef vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\distribute idlis.exe"
sh=E5A3BB0015916656ABBB0F95EC793B8A5BE1285E ft=1 fh=b3c5819d87fb54a2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\elephant string.exe"
sh=C7C5654E7BC96645B4838EE9257199A826A3B679 ft=1 fh=eb0c410ab64c624c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\enormous input.exe"
sh=ACB8E6067BB5E6CA7D933FB410369191A87D9D5B ft=1 fh=eb0c410a856b9678 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\fit to play.exe"
sh=5EA1455C7CB7D64DF647B06B32C4BDECDEA11F16 ft=1 fh=eb0c410ab3b1522b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\grid.exe"
sh=D40D093EBD4AD5AE102852FC12F8A573B427B094 ft=1 fh=eb0c410a95b46882 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\holes in text.exe"
sh=7171893E984F588341E9308CEE7D049DB73C4F4B ft=1 fh=2e88572fe433bc4c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\jewels and stones.exe"
sh=521F7BCDDB2AA227E4473E0296071C072DD029DB ft=1 fh=b3c5819d90882ecc vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\knight move.exe"
sh=83DAA90434C8987D2DCA82AF773864DF0A7AD7F0 ft=1 fh=eb0c410a396cc032 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\lead game.exe"
sh=A8BB65BFDC543BC67ED27B06182C6241E620762A ft=1 fh=b3c5819dc07b4006 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\lucky lucky number.exe"
sh=D32FA1DDF2BD93774495116BC3A106B1AD68B54E ft=1 fh=b3c5819d5f252418 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\matrix spiralling.exe"
sh=A6CAC055D034BA6EC87A7243776AB86A4589B2FC ft=1 fh=684dd63ed7c92ee5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\misinterpret.exe"
sh=87AB5798DFF34372373D49390A62CE5150929773 ft=1 fh=c21c4a872b013033 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\need more diamonds.exe"
sh=F030ACE1136B654E5A864D7C754699EA8A18CA3F ft=1 fh=eb0c410a3d2ebea2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\nice quad 2.exe"
sh=9F4C82B423C8EF4D332C48B2FC7832024750D26E ft=1 fh=668e9440566f7b2e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\nice quadrangle.exe"
sh=7C6A9B9ABB7058052098FE140D11BE861F2C6120 ft=1 fh=5b1e2eacb7cda238 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\nuclear reactors.exe"
sh=442D74DE64B6521540965BEFE7634003D7BAC6D1 ft=1 fh=c21c4a87b9cd9719 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\Odd.exe"
sh=340FADB707E039020448C0C6883270C2DD5EB595 ft=1 fh=eb0c410af7b22352 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\pairing chef.exe"
sh=FFF5A7A6FF1B4495652D98519AAAFDC73F6A9782 ft=1 fh=eb0c410ab26ba003 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\paying up.exe"
sh=58885264B5CFD300CE8CC7DD1C9EF84C1DD341C1 ft=1 fh=b3c5819da19593ac vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\product divisors.exe"
sh=02E2A9634FB4F4A6C4D21ABACB7984AA58C8E9DB ft=1 fh=eb0c410a5c39431f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\racing horse.exe"
sh=DA56602F9193B1F9B4C2D0EC77792CEFC7FE0383 ft=1 fh=684dd63e43e87842 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\reversing sentence.exe"
sh=5F74226C7C4DC3C8734AF262D5CA6B93E7BEFA91 ft=1 fh=b3c5819daeaf1af7 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\shortest path 2.exe"
sh=407FB84460FCC7620BC48F0735E20189865EEF42 ft=1 fh=b3c5819daa396354 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\simpleEquation.exe"
sh=65F668C2234B3299F86E32434943D7A237F30A18 ft=1 fh=b3c5819dac431845 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\small fact 2.exe"
sh=485FFBED5A0AE0ECD9B920BE5FABA957AB98F08C ft=1 fh=b3c5819db330eb37 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\small factorial.exe"
sh=8D987B0ABBB12143CB888084F4DD500E508EE8A6 ft=1 fh=b3c5819d9a4b5535 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\stone game.exe"
sh=760CE9E3FF4E4244054B7DFC0E31D79FC675530D ft=1 fh=b3c5819d1460a287 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\subanagram.exe"
sh=29D0266899B8E559B1478AADAD20A940FCE9FAE6 ft=1 fh=b3c5819dda98b9c8 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\sum digits.exe"
sh=D01550935278FD995AF306D42EDDF48A6E8C5BC3 ft=1 fh=b3c5819d0a1ad349 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\transform expression.exe"
sh=1CEF94DE8F328D8061AAA478FB4AC07AF947CF09 ft=1 fh=b3c5819de44734e9 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\trial.exe"
sh=A468B15ED742A9700C7B68DD01BB5964DFA983B2 ft=1 fh=eb0c410ab8fa1c48 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\C++\coding practice\CC\voter list.exe"
sh=27FB7ABD68B9A14690C4C23768F91D09EA0B4769 ft=1 fh=550b322e239a611f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jre-6u25-windows-i586 (2).exe"
sh=5512DD55021D64FFFE195CAC6B7B441F56D872C3 ft=1 fh=b5d48a807bae77c5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jre-6u25-windows-i586-iftw (2).exe"
sh=B896C4B2FE8E74C0B0E518C2D33CC65F40A0ADA2 ft=1 fh=b5d48a8007690917 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jre-6u25-windows-i586-iftw.exe"
sh=F32241630C4EA30688BA96DF64E500A54A24351F ft=1 fh=550b322eae3e8c17 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jre-6u25-windows-i586.exe"
sh=8FDD4DFF7BAB18A92FD4241FA460A4525FAD6594 ft=1 fh=dd8dca434471e4fc vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jxpiinstall (2).exe"
sh=707016F7643CF9880B25F4538B4FF6D16E5A9FE1 ft=1 fh=dd8dca437e162ca6 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\CYTOLOGY\jxpiinstall.exe"
sh=81CD77DD8BA9FFCA7B8A955F82D8372E9ECEEDDE ft=1 fh=263577ab9a5db488 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\ECLIPSE\eclipse.exe"
sh=69D8F50E7D4CE28C8505F769FDC56C83E20EEC43 ft=1 fh=d8a87cf8ee8654b3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads+\T&P\PROJECTS\NZP\ECLIPSE\eclipsec.exe"
sh=150688E0EB3548E34B099604428781B86089FC9E ft=1 fh=ab00910a9ea85865 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Acads2+\novelz\enovelss\IBRR\ICE Book Reader Retail.exe"
sh=003F8869336E22BEEDA7F35F648F8E1FDE12FE22 ft=1 fh=1495d88f5d8fc7bd vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\cpp codes\WinTut.exe"
sh=01CBFD3ABB4D1CD3C996BACCB3EA634498566BF0 ft=1 fh=e89b385abf024a88 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\amazing.exe"
sh=8BFCDB4ADF598D8E88A935B8A2B247CFCE192D31 ft=1 fh=a03cd03fe39ceb95 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\cccccc (2).exe"
sh=6154043AEACDF3F815EAF3557DC51B62C908F30F ft=1 fh=a03cd03f215f0867 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\cccccc.exe"
sh=71DCD44812EBDDDC00CC77073E8D7DA372751E77 ft=1 fh=b7c34ea0f6e93bb3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function 3 (2).exe"
sh=8CC2B543679B1F5957C32452F1522233CD3950F7 ft=1 fh=b7c34ea0df2a3d10 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function 3.exe"
sh=4DBDE23737E4E927C6DA50E8D0EC2678597BC9A4 ft=1 fh=1094bda478effcb6 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function 4 (2).exe"
sh=5857EAC491861D3769F9DE9EEC4CBB3F81473A0F ft=1 fh=1094bda4837de3ce vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function 4.exe"
sh=20AEB332490072BB2140871FDD0BB3DB51E2C955 ft=1 fh=4e805ee0759aeeb2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function display (2).exe"
sh=7BAE866E91441777FDEBC954DFBCFF06AC2693D5 ft=1 fh=4e805ee0e4328f61 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function display.exe"
sh=EDBA7E7751AE7C4B3157EAD1273C2D251D29C551 ft=1 fh=1051765e23f880f4 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function factorial (2).exe"
sh=A357927C3ED9C47732DD064AA960EC2A2F9E9194 ft=1 fh=1051765ee1ec84f0 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function factorial.exe"
sh=C14BCE943C99804554ECC4A12C1BE7A9C2108F6B ft=1 fh=c18ba7c29e4df140 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function sum (2).exe"
sh=5363B29CC55E833DE1E6B7D65A29C52EEC2587B1 ft=1 fh=c18ba7c2539adca3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function sum.exe"
sh=0C431BAF074B9E670E722BCA36D34B2080D91A33 ft=1 fh=c81b68e30d3422f5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function1 (2).exe"
sh=2BF3E0524971B16152FCC1900F1E2697E0490B95 ft=1 fh=c81b68e34a1342af vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function1.exe"
sh=60902CF8336502F97BB08D5DE11A87346212DDCF ft=1 fh=cbc36f2a3a274536 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function2 (2).exe"
sh=2547E22478B9A2947AFE965357FC7E43B7D5708F ft=1 fh=cbc36f2a9abf6adb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\function2.exe"
sh=A3E53D280D727F6999585584A4BB1E2675DC14EE ft=1 fh=0953be0a8b6b6cba vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer1 (2).exe"
sh=6E98F920CAA855F9A5DE6032E57AB8BF524DEE8E ft=1 fh=0953be0a106e026d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer1.exe"
sh=7E44DF2A2E45AE434BBBB7FE12CDC9ADC69CF656 ft=1 fh=7e98757f3a97be6d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer2 (2).exe"
sh=493A30C9EC2A79FE23EBEE3BC2EB338C2565E8DE ft=1 fh=7e98757f518af5a1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer2.exe"
sh=84005976521F5286B848678F0F3FD24E2F80AD8B ft=1 fh=0abe2035dabaacef vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer3 (2).exe"
sh=0040FEA2DFB038DD54B81D28F75D82108120D3C6 ft=1 fh=0abe20351c310c0b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer3.exe"
sh=F8DF56F6159EF4BA5C5BC412D56B24B87AA5740D ft=1 fh=f91e7eade4fa2142 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer4 (2).exe"
sh=54852C2A145D15CB41703F9471B684F5C753D4A7 ft=1 fh=f91e7eaddaa9235f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer4.exe"
sh=41F4A8EFEA2AAEBF4741990DEC67CE12DCDEEF61 ft=1 fh=82ca009e38508c39 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer5 (2).exe"
sh=30043E2FF04A385CD3B676CF857FAA7F69B172F7 ft=1 fh=82ca009e5d3f044f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer5.exe"
sh=5C0704FEC6819542C3F85A24D734F4B9C436AFB6 ft=1 fh=0f6e631be5fb206d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer6 (2).exe"
sh=EA4F087DDF3227BEA6277A1DFF0AE38F253A05D3 ft=1 fh=0f6e631b2a351430 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\programs\rahul\c programs\pointer6.exe"
sh=60AB4AF4B5B78F4385320B1400EF099E51A447A2 ft=1 fh=e89b385afb7e175f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\amazing.exe"
sh=AFFD7E5D69462D1B44D21499915A63D517E19765 ft=1 fh=a03cd03f9209b1ed vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\cccccc (2).exe"
sh=F5310097379AF1C96F9AC3DC5840AD2997BE2FD5 ft=1 fh=a03cd03f2f9907a7 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\cccccc.exe"
sh=A1565F0AAD63143D7344AC878CE9E27CF4F3DD14 ft=1 fh=b7c34ea0ec5826f3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function 3 (2).exe"
sh=E7938BBD689FCEF7CB7895CDB04E0458CA4ECE8D ft=1 fh=b7c34ea08ffaef0e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function 3.exe"
sh=AE518BE588AA5B1F7A102E4D4F986D9B66389BC9 ft=1 fh=1094bda40206d028 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function 4 (2).exe"
sh=BE8233162462ADDE4598F742155DA367C98CE436 ft=1 fh=1094bda4a2d3f2cf vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function 4.exe"
sh=484C7EBF882CD452A43C772E1D22A2E3E6C54EDB ft=1 fh=4e805ee010db8256 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function display (2).exe"
sh=B8E6B4F6A8BD5B970C6A8132F6DD0AEE3DA27873 ft=1 fh=4e805ee01b9f6d78 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function display.exe"
sh=2AFAA7A0D81D4239284C205171204F4A105A89DE ft=1 fh=1051765e3e49592e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function factorial (2).exe"
sh=5D16DA9485231F0DFE831DE76274B8664C2345C6 ft=1 fh=1051765e6fabc7c3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function factorial.exe"
sh=0305C0D791E0054AB07D710875E1E6D72BAF4025 ft=1 fh=c18ba7c2c078e356 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function sum (2).exe"
sh=7915BCD4C0989645A1918CF1C3BA8EFF62EAECE7 ft=1 fh=c18ba7c2dc453d14 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function sum.exe"
sh=C9A2228CD95D44292EAB71B61F7E041C4461AA2D ft=1 fh=c81b68e38749c3ca vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function1 (2).exe"
sh=EC886F4C114950B38714CB8D85C194A0738E131D ft=1 fh=c81b68e3e758dc1c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function1.exe"
sh=98D95A64C6E2A035B17D2D9BF3331EA6C6DAAF97 ft=1 fh=cbc36f2a9f1705ba vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function2 (2).exe"
sh=ADC68D8A7FEE70AFFC35C52A6229E8EBEB57C52B ft=1 fh=cbc36f2a6924a0b1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\function2.exe"
sh=7756E0C17CB6E8EBB6E861BA4DF7936838D91193 ft=1 fh=0953be0af8cbb0fe vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer1 (2).exe"
sh=1683BBF1938C01BF9AE30B1FF27025F45979F363 ft=1 fh=0953be0a6cab3bd7 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer1.exe"
sh=E858E3FE754861F8E9602B587BDFD653E7D33177 ft=1 fh=7e98757f66183702 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer2 (2).exe"
sh=CCB53E116F3B56DDF7ADAEAD07377DCC59233E62 ft=1 fh=7e98757f92271343 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer2.exe"
sh=F978F03B244038BDD9DD46817A151B7FBAB4F94B ft=1 fh=0abe2035e2099cdf vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer3 (2).exe"
sh=C606BFD2B0511C87B85E0A514DAE5A6A927F84CB ft=1 fh=0abe20352ea9075f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer3.exe"
sh=2C83CE174FC2F055710F0C7A6ACBF72B9832CF48 ft=1 fh=f91e7eade18e5235 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer4 (2).exe"
sh=6B4880CD2FD77E35321E1EAE6A5559A9633026F1 ft=1 fh=f91e7eade544ee10 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer4.exe"
sh=98AC73D748BFC9A5066F2DC293452EACB276026F ft=1 fh=82ca009eda80bad2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer5 (2).exe"
sh=946899AEF4610871CE5F01ECA264E0AB122EE47C ft=1 fh=82ca009e97e210d1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer5.exe"
sh=6393D4B331189F1C7EC9822C1EAE4A256437E96A ft=1 fh=0f6e631bfdd01681 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer6 (2).exe"
sh=B918B4ECC9975AF52D1169063E8E247669DD428E ft=1 fh=0f6e631b8be3d9c8 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Computer Science & Stuff\Ishan Sir's Collection\c++\rahul\c programs\pointer6.exe"
sh=934F4B18406C1331CE2B0A74D713598D394662E1 ft=1 fh=23c3997a843af824 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\E-Books\Umberto Eco - The Name Of The Rose.exe"
sh=DBD99A41F658C826423B90518C71E04115EBE6CF ft=1 fh=f1e07e7ca5dce841 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\E-Books\Banned books and other great literature\Okult books\Faust_-_The_Black_Raven.exe"
sh=A92ED28072283F97E78FA991F62C2B4C9DB60AB5 ft=1 fh=3bce5965d6fa6de6 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\E-Books\Comics\Comic Reader Setup.exe"
sh=925DA981424EBB5D7CC5A7F030B2C425B47D1F0B ft=1 fh=11860cbb93967f36 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GRE SOFTWARE WITH WORDLISTS AND TESTS [anirudhshumi]\GRE SOFTWARE WITH WORDLISTS AND TESTS [anirudhshumi].exe"
sh=80868B2DDE547119DB3E64EA316E7AE86760454A ft=1 fh=db70a1388bce2e66 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\PPGRE31.exe"
sh=C184304E8BC9717CA785A3A34BFB196A3D3B7066 ft=1 fh=11860cbbf796967d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\TEST Software_Mahavir Jain.exe"
sh=A467D9F1DE80B1620C4EB1770A1EAE9EB1F2164C ft=1 fh=3982b7c9a9ed2f3f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\wordweb5.exe"
sh=41AB9617967616296A80A2B0E1ECF6C72CA3AB20 ft=1 fh=0a71a58c9763de10 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\gigapedia_prgret6\GRE Updater.exe"
sh=4F75964A0014AAC0E9D53A4C9BF62017BA9367D8 ft=1 fh=764f0265626fd334 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\gigapedia_prgret6\movegreupdater.exe"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\gre_bible\New Folder\GreBible1.1\GreBible1.1\GreBible.CAB"
sh=AD89F1DCF3CCF2AA0D12F67AF17DBA08D0CDEB9A ft=1 fh=6d5204b55aead345 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\gre_bible\New Folder\GreBible1.1\GreBible1.1\setup.exe"
sh=0B8657BD7A996FAE7A8B8C6D84881BFCA630D8B5 ft=1 fh=e9674a0245028f35 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\GRE_TOOL.zip\Package\setup.exe"
sh=870FF0B27B8F95C0DD00FE3D7FF3491D90BCA56D ft=1 fh=480b305fd3aef94d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\GRE_TOOL.zip\Package\Support\GRE_Tool.exe"
sh=95244F2EC722FE1EE697A0C5CF7A8332405139CA ft=1 fh=9922a5da842d0c01 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\GRE_TOOL.zip\Package\Support\SETUP.EXE"
sh=43E58789F62E8E1EBE7625BDBE89DD5D0C575018 ft=1 fh=499c213a74a856fb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\GRE_TOOL.zip\Package\Support\SETUP1.EXE"
sh=7D81A05808938A797F32470FED0E31547431255B ft=1 fh=8a4f15ec5c52fddc vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\NovaCD\gre.exe"
sh=A68A22C2C00B3340253783CFB3DE6712F279B38A ft=1 fh=11860cbbdc13c03a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\TEST Software_Mahavir Jain\TEST Software_Mahavir Jain.exe"
sh=41B166B31E36E2C4DCB57171614245324F572B45 ft=1 fh=9b940c8a8e3fd0f3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Free-GRE-Practice-Tests.exe"
sh=A682CE91EE225B5DC434F475197E6DF97439C760 ft=1 fh=2dfd8be99d30c54a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\gretest.exe"
sh=0CBAC2561E1DE11B120741C79842FBB02F857072 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\800test.coms_5_verbal_tests\gre_bible.rar"
sh=623264F2C8B2883765BBEDFBC4A445412994C354 ft=1 fh=0a71a58cedfe4a2c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\GRE Updater.exe"
sh=140A33654F641EFD5E1D346069F7D1567D807BEC ft=1 fh=764f026533d7b7f2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\movegreupdater.exe"
sh=0B8BBDF6CA139A4001885FA73E0449E892526CEA ft=1 fh=9b940c8ad5af0d4e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\free tests\Free-GRE-Practice-Tests.exe"
sh=947CCB6B8437D0E912DEC4C3133D1E5844842D5A ft=1 fh=9188adb0081a95b8 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\GRE STUDY MATERIAL\Powerprep.exe"
sh=00F9AA47DFA00AEB8589642C6917C7964E0B6A25 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible.rar"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible\GRE Bible\GreBible.CAB"
sh=4F828CD145F1D9AC3B8C0B2027039621653A5636 ft=1 fh=d66ebc1d98df8c16 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible\GRE Bible\setup.exe"
sh=EAC703FEF16A6A7446FEBF5B29E15C745A392A7B ft=1 fh=f73beb8031caa2d0 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\picdic\PicDic\PicDic.exe"
sh=2BB669C262CF434CEA9CE08894458C3ED6BDDD0C ft=1 fh=a80e15a0211860ba vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\grediag.exe"
sh=0CBAC2561E1DE11B120741C79842FBB02F857072 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible.rar"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible\New Folder\GreBible1.1\GreBible1.1\GreBible.CAB"
sh=E2659F99FA20715B600852E15ECF5CEADF71EB8C ft=1 fh=dc39c708362f469d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible\New Folder\GreBible1.1\GreBible1.1\setup.exe"
sh=2DF0C2276ED2964C3AC25BE95BB54391480A88BD ft=1 fh=0a71a58cf86efb6f vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\GRE Updater.exe"
sh=DC0DFE9BB389ACF0575E6102F78F5FC9CD24BB42 ft=1 fh=764f0265b71ad7e2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Practice Tests\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\movegreupdater.exe"
sh=14AF7EF300C23C1727279AB5398FDAD1071E3DAF ft=1 fh=afffb8b3a8825306 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE\GREShakey\WisdomMart\Vocaboly\VocabolySetup.exe"
sh=857CA621E000095C65017EB33E273FC90D455145 ft=1 fh=208c1d4f8ffa971a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE big book\dmr_demo.exe"
sh=517263978A6EEEE8841624910157324CA0434DA8 ft=1 fh=9188adb064f06c6c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\PPGRE31.exe"
sh=B316ACAB1FDDABE1AE2A0C4E6D9DEC0A4886729C ft=1 fh=9188adb0b473e5bf vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\EngStuffForGRE\PPGRE31.exe"
sh=3A251B39DAD8690EF26163A8A633BFFEA9F3371A ft=1 fh=9b940c8ad066c06e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\EngStuffForGRE\Free-GRE-Practice-Tests\Free-GRE-Practice-Tests.exe"
sh=597A921A6624B519AA574A7FBF80D8352B4F87A9 ft=1 fh=9b940c8ae8a51580 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\Free-GRE-Practice-Tests\Free-GRE-Practice-Tests.exe"
sh=DC8BDBA741D45004062561FA060A42B9111BFA3B ft=1 fh=001dd1746700ad32 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\G R E\GurusGRE\unins000.exe"
sh=FC8789AEA3B72F670FAC3E694D8F084956F486C2 ft=1 fh=d0358a58a37201e5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\G R E\GurusGRE\WordPower.exe"
sh=11327C66D804A0F86D2802C57BB404124E1ACA09 ft=1 fh=fe9ba749d3cbe232 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATM1f.exe"
sh=001F10A08388D0FFAC7C312AB3B424E7BA7D6CC9 ft=1 fh=3b62c54d2ae1892c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATM2f.exe"
sh=A3072FABD00DB5D684D857BD47FE7355F680D000 ft=1 fh=57b2d41f083eb0c7 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATM3f.exe"
sh=BB5DE053739D931D21DE04FB2122B030B76AA5A1 ft=1 fh=e6f2cc5dfad30e6b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATM4f.exe"
sh=47043D825763226B531AE875A43340F57C4CAB7C ft=1 fh=f79bb73ae8039397 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATM5f.exe"
sh=06FAE7C4BF2A581FEF38163FCA0A0BFC7E5664A1 ft=1 fh=4e195e9b707ca023 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATV1f.exe"
sh=5845745B9CEEBBAEAB24190B89F1FE0394E675E3 ft=1 fh=4c75a6b3ee655f46 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATV2f.exe"
sh=0B20D259D65F8C1CF9AFA7651EF043E3B224B38D ft=1 fh=4857bd78d7dbc677 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATV3f.exe"
sh=BB4C47150AF95BFCEB9347CB99E5E25DA4733E5C ft=1 fh=cd7b3e91eb20c2b4 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATV4f.exe"
sh=653AB685A777B937BB5F2AF88E6592DF44633AE7 ft=1 fh=d4338a7787306a7d vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GMAT\GMATV5f.exe"
sh=20EDE8E7DB95C58C80BD09BE7AB9918E2DC2A856 ft=1 fh=11860cbb0e55d760 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GRE SOFTWARE WITH WORDLISTS AND TESTS [anirudhshumi]\GRE SOFTWARE WITH WORDLISTS AND TESTS [anirudhshumi].exe"
sh=21DF208259C7E6A5E9B13E9C0382A30FFB797A36 ft=1 fh=db70a1388bce2e66 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\PPGRE31.exe"
sh=E84D6BF2D1CF61558C04116D634A9B0843B0D760 ft=1 fh=11860cbb08b31e3e vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\TEST Software_Mahavir Jain.exe"
sh=497F03A5EB8DDFB4FD3D9277824759C9F93BBC2E ft=1 fh=3982b7c945332e76 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\wordweb5.exe"
sh=DE70D1D1ACE3E188C90BB6221346F4EECF7C8A4E ft=1 fh=0a71a58c39c82bd5 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\gigapedia_prgret6\GRE Updater.exe"
sh=7F3A8BED9C18CA1A69C818349D190042FB31F88A ft=1 fh=764f02651a635c58 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\gigapedia_prgret6\movegreupdater.exe"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\gre_bible\New Folder\GreBible1.1\GreBible1.1\GreBible.CAB"
sh=6A1830CA070AB6EDC887937C09E35161B7E91D01 ft=1 fh=c45993ebb1b9ea74 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\gre_bible\New Folder\GreBible1.1\GreBible1.1\setup.exe"
sh=E1292B86DC8972B6AEF955E1D79F2AA8AB8AD89E ft=1 fh=80d558c6006e6dbd vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\GRE_TOOL.zip\Package\setup.exe"
sh=1E369B22149FC0CDCC7F9B54E62076230B48CBBE ft=1 fh=60fcdfa5317aedfe vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\GRE_TOOL.zip\Package\Support\GRE_Tool.exe"
sh=513B1096D612AB4D32D03F622483C62FF7F765EC ft=1 fh=c71c0011c843c48a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\GRE_TOOL.zip\Package\Support\SETUP.EXE"
sh=032B5BA0E192980C2D6E51BCCF422E47D62EBA83 ft=1 fh=087a823427d99f27 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\GRE_TOOL.zip\Package\Support\SETUP1.EXE"
sh=B50375904CFC849C461DD3F60A30DA77865DBCC6 ft=1 fh=8a4f15ec42f258c1 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\NovaCD\gre.exe"
sh=9A4336BF6F063B30D8901C483B2AC49364AADBE3 ft=1 fh=11860cbbe9503e0c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\TEST Software_Mahavir Jain\TEST Software_Mahavir Jain.exe"
sh=5B56F83CB30C18492CFD3E4D1CA8E873044AD661 ft=1 fh=9b940c8aa9ed86f2 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Free-GRE-Practice-Tests.exe"
sh=B84C47FA38A745B30D46E83B04D95B83D184DA11 ft=1 fh=2dfd8be9c6be1866 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\gretest.exe"
sh=0CBAC2561E1DE11B120741C79842FBB02F857072 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\800test.coms_5_verbal_tests\gre_bible.rar"
sh=C595ECDB4D5EC32F3D028FE42D6E8B9BE8F714B9 ft=1 fh=0a71a58ca05d5bf8 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\GRE Updater.exe"
sh=A9409A65756C2708F8A5FFAB520A9BEEEB6BE3E6 ft=1 fh=764f02652faa9f27 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\movegreupdater.exe"
sh=7A9E11185AE44DC858AB27C9843C8A9E2F0AF41C ft=1 fh=9b940c8a6cd4e154 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\free tests\Free-GRE-Practice-Tests.exe"
sh=F95DA0202EA58E94C5FA833FEE39CBAC95684FD5 ft=1 fh=9188adb07cef07a6 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\GRE STUDY MATERIAL\Powerprep.exe"
sh=00F9AA47DFA00AEB8589642C6917C7964E0B6A25 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible.rar"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible\GRE Bible\GreBible.CAB"
sh=B03DA8CC1F0D5CF88BB153D3672C4891D29981B4 ft=1 fh=dfede602425ee764 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\GRE_Bible_v2.1\GRE Bible v2.1\GRE Bible\GRE Bible\setup.exe"
sh=11B3441DD640CA6BB17CC04758BDF54086940D31 ft=1 fh=c4e3a8c87862faa3 vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\picdic\PicDic\PicDic.exe"
sh=2B3881B7CEA7C9D3867A209C93FA1D79B344CCEC ft=1 fh=a80e15a0397e467c vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\grediag.exe"
sh=0CBAC2561E1DE11B120741C79842FBB02F857072 ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible.rar"
sh=45C9EFC0A3D7909A225640854DD0D8EC7478DECD ft=0 fh=0000000000000000 vn="probably a variant of Win32/TrojanDownloader.Agent.LERQPFC trojan" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible\New Folder\GreBible1.1\GreBible1.1\GreBible.CAB"
sh=D80C1140E9D6B42B29D4E09074A20314699C57D1 ft=1 fh=df257359c977fabe vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\800test.coms_5_verbal_tests\gre_bible\New Folder\GreBible1.1\GreBible1.1\setup.exe"
sh=C5450532311E872BBDEFAEA6D966EE1DC1C773D5 ft=1 fh=0a71a58cb004279b vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\GRE Updater.exe"
sh=505CC2348DB328710074DFC3FBB67EE5459CDDF2 ft=1 fh=764f0265cb69f42a vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Practice Tests\Cracking_the_GRE_with_CD-ROM_2006\Cracking the GRE with CD-ROM 2006\movegreupdater.exe"
sh=8ECDB52FAEB1E1FCFFB6422C171613D2F5C69E25 ft=1 fh=afffb8b349bdc7bb vn="Win32/Sality.NBA virus" ac=I fn="F:\Knowl\Prep for Higher\Assorted GRE GMAT TOEFL stuff\GRE TOEFL CAT Placement\GRE\GREShakey\WisdomMart\Vocaboly\VocabolySetup.exe"
sh=387E075BC8CAFC7AEC8D3D3FA43E0B38B27F0DDC ft=1 fh=56895918a9c1a7b1 vn="Win32/Sality.NBA virus" ac=I fn="F:\MISC\Folder Lock Portable.exe"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\The Rolling Stones - Beggars Banquet\Rolling Stones - Beggars Banquet.exe"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\The Rolling Stones - Exile on Main Street\Rolling Stones - Exile on Main Street.exe"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\The Velvet Underground & Nico - The Velvet Underground\Velvet Underground & Nico - The Velvet Underground.pif"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\The Who - Who's Next\Who - Who's Next.scr"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\Trout Mass Replica - Captain Beefheart and his Magic Band\Mass Replica - Captain Beefheart and his Magic Band.scr"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\RSA\Van Morrison - Astral Weeks\Morrison - Astral Weeks.exe"
sh=3394E8ECBC3C92773ECAF8B73F04AF5C59790BA9 ft=1 fh=ba11d34cda28cddd vn="probably a variant of Win32/AutoRun.Agent.UD worm" ac=I fn="F:\MUSIC\Eng Music\Sample Music\Music.scr"
sh=ECC25597E2591DB2BDE0CE726BDF7B7275B36471 ft=1 fh=747ed76772a22a40 vn="Win32/Sality.NBA virus" ac=I fn="F:\MUSIC\Eng Music\Threshold - Wounded Land [2006]\10_Enhanced Element\run.exe"
sh=AFE17027E28ED923591EFF8FFB270964294D7215 ft=1 fh=8a0ba8383d471de2 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\adr.exe"
sh=973E1C7D690437FC13FB6E12A5ED9FE124ECF5B6 ft=1 fh=b74b2d90d999ea71 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\aTube_Catcher_Setup.exe"
sh=DBA6563835E3309A0E5170DFD2B21E9042171B38 ft=1 fh=1826e62ce8196ac7 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\chrome_installer.exe"
sh=D71557E7A3257DB672F6D31454087BF962FB9662 ft=1 fh=a30c12f9cb40817e vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\DellDock16a_setup_ENG.exe"
sh=83A0196E0E31B72F430E9986DBA57C57A78B87BD ft=1 fh=19c240f9abedf667 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\devcpp-4.9.9.2_setup.exe"
sh=23D85E30417BE41C9ABA47792E4F73B7808D0D9E ft=1 fh=38d5c71120d7e2cc vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\FacebookVideoCallSetup_v1.2.203.0.exe"
sh=E1CC17352B9AB50FFC724226BB64F088EE319C36 ft=1 fh=0da4dbb7be31bf9c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\fences.exe"
sh=63B426F3D657288BB89DA4E0A061EA91E8A2EF61 ft=1 fh=3c3b209c6cd2a858 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Firefox Setup 14.0.1.exe"
sh=B97172E149F63A1D66A48AEFB206D435BEA83A88 ft=1 fh=cb60296c441fcbcb vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\googletalk-setup.exe"
sh=FEC10176BDA2B47A6E9D377BE682FC58CB708ED7 ft=1 fh=2bfe1eacc937e1aa vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\kmp.exe"
sh=932C44497F8AB0F9FBBC7C6BD4A2E978E050D5F9 ft=1 fh=f25681611c01043b vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Nokia_PC_Suite_rel_7_0_8_2_eng_web.exe"
sh=05A8B11DCF4303972AAC7E340A2580E2160B24F9 ft=1 fh=67388246eabd2780 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Portable FormatFactory 1.48.exe"
sh=39D031203B7C525A33DBBE6754437569F592946E ft=1 fh=20b11a562f95df33 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\PureSudokuSetup.exe"
sh=39F733A865EC32519931A45A60F9369B9054598C ft=1 fh=5b5f5aa6957d8fab vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\vlc-2.0.5-win32.exe"
sh=C26F432B5A65DB3D96E0A97FB708D85D749665F1 ft=1 fh=668600f9400ad69a vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\WinRAR v3.61 (Registered).exe"
sh=8F2CD94B29DAB46EB876BDC8D11C33B2F908B04F ft=1 fh=d22f010f10824440 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\winzip112.exe"
sh=A469275BE322D636B49DF556999C178358F07D4A ft=1 fh=4923c257a398b642 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\YouTubeDownloaderSetup35.exe"
sh=09CFD7AD228AF0B551691C6A0B301D9A1A04ECD1 ft=1 fh=9648d9653c590568 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Batman.Arkham.Asylum.GOTY-GGn\Batman Arkham Asylum GOTY.exe"
sh=205DE4437D47A8ADA7A8AB9FE3E237157D3A487E ft=1 fh=bf14d917ca8d083a vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\R314952.exe"
sh=5931A106021D8DF9A2A4FB3678E79132EFB415DB ft=1 fh=331c52140c24e33c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\AUTORCD.EXE"
sh=ADE4AF2A739E4487E475FE5129B55A299A017D42 ft=1 fh=f31ad173ba143f20 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\RCDMENU.EXE"
sh=01A73C0E007288D318EC77A9040498FE66633B19 ft=1 fh=f991685419be055a vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\SUPPORT\KL_GETID.EXE"
sh=B86395711C26CDE5DAA1ACAA2B235D01FF15D449 ft=1 fh=bbd7f808b55e5655 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R156778.exe"
sh=4A785DF98660CE39319B9752B5F4D86E83D0DC0B ft=1 fh=abb039c1db7a8e62 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R220357.exe"
sh=3EF24E88792CC57EB6A4F426407993082072D8ED ft=1 fh=dd049c8665431583 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R220368.exe"
sh=31AD472DFF280CDD5FD2F27DA47F73207DC6F89C ft=1 fh=bf15aac283fdd08b vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R220371.exe"
sh=8D146BD751F947FACE0755762B3DA8130816BF75 ft=1 fh=69767d66b65f97e0 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R232494.exe"
sh=06A6F45C9C1B4BF22FD6C66D55D87F71A7ACFCF2 ft=1 fh=189d3db2cd808a2e vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R232499.exe"
sh=9609257DDF1E55D6EE440C91D0F8DA3A3DF4F31D ft=1 fh=d110eea3172c1658 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R282235.exe"
sh=0363FE192F5A6184821DD5F37E9BF3946B2CE37D ft=1 fh=92ea638a33091428 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R282236.exe"
sh=51963EC95BCFEBACAA129EC71103F2A441BDA998 ft=1 fh=7a4c7a81f9568337 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R282538.exe"
sh=34FE651E7C5E4CCDA6EF8F05AD4B1ECC2D2AAEBF ft=1 fh=fd564e09dbe89167 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R282539.exe"
sh=BB7C01E08DF435E75A7FADB1A6E8744927875946 ft=1 fh=51133b59e628bfdb vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R291942.exe"
sh=DB288FB1048B325CA566A593754FADF410C7A0D5 ft=1 fh=378dca4aa7990b98 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R291975.exe"
sh=77A119138096D5B24A152A1D3EEAEC06EAB1FF1E ft=1 fh=47d6a9c5ffe39f8e vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292140.exe"
sh=DF53041954AF5E988005AE94DF02959840126125 ft=1 fh=f537edac0e59632d vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292249.EXE"
sh=481ADBB53DAE6B49B6919840BF6AB064691C93CD ft=1 fh=cf92321688fc40fe vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292605.exe"
sh=861B9E32B7FABB38FE4DEA30798A256290D73759 ft=1 fh=aed5c937eb58d9c6 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292672.exe"
sh=F363A970C943BB2D570663793F3C6FA6AEBADB17 ft=1 fh=82037b1ffb8cce61 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292681.exe"
sh=4E1A2569B421298A11A5BDC8D4C95497629AB6C8 ft=1 fh=d6f074b2c56f6b2c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292684.exe"
sh=3F9905FE2F5566DC12ABE847A5F58FD8BCFC253A ft=1 fh=0a1736fb1b785ff5 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292686.exe"
sh=EA9DB576AD88C58820B7526600F220E52D233D8D ft=1 fh=1fbd3c929a023c14 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292734.exe"
sh=47F0568250ADD6DFECE53629A5E6382AFF3059C4 ft=1 fh=c9f8f4d6ee3f98d3 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292736.exe"
sh=391FB8D565E56BA8D65E58F45798EE54927313C2 ft=1 fh=c0373afb50de908f vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292738.exe"
sh=FF00FA94F9C56366C2040520B2C5D303F1B9783F ft=1 fh=db463643a4f1762c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292744.exe"
sh=D5A4DC5221923573984D50A2EA1192B32DBC3EB1 ft=1 fh=fd215fc66193903b vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R292797.exe"
sh=FA735B3B49C69C2B25D085A3D810B099386F72BC ft=1 fh=78f5d725fa86fe21 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R293670.exe"
sh=B40965C2BCCC247927A169480F4C4F9557DBF369 ft=1 fh=41c7a550e3048e01 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R294157.exe"
sh=BF8ED4AC4190C702E2C13322979950FA6885C8BF ft=1 fh=0967efede766ff61 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R294380.exe"
sh=19515BFFB19FE98A0AE91CAC68891DF87060D8FC ft=1 fh=c0aa9a77fd875ef7 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R294875.exe"
sh=D087124C70D932423E4C828BA8B15A819E8EECBF ft=1 fh=3f55fbe9b7bcb7a4 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\drivers\RESOURCE_CD\ZIPFILES\R295130.exe"
sh=AE130FBB090B4E4925F158375E4E36B77CD142BD ft=1 fh=29a7101ad8b1cb27 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Everything - Must Use\Everything-1.2.1.451a.exe"
sh=D9442296752B4F8CFEE35CF00AD1F0777728FF9E ft=1 fh=7fb4fe667d70fb3d vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Folder Lock 7.0.5\Crack Folder Lock 7\FL.Reg-XP.exe"
sh=53886E7ED5AC5DF5801C27584AA187C036823FED ft=1 fh=48d6204ee6cbabd0 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\hacking\Password Cracker.exe"
sh=C93B95912BA1BCD921E5C1EBCAB55CF503B5FA48 ft=1 fh=39659580b65692be vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\icon pacager\Crack IconPackager 5\IconPackager.exe"
sh=7616961E8DCF5B9196409AC8467CBBD5B09CB7A9 ft=1 fh=0f4efcfad651bc1c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\idman607 15 Final incl_Full\idman607.exe"
sh=0302362D0C989BFA4CAD4C2ECAE26542F7E84322 ft=1 fh=aac7fc5d8e15df8d vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\idman607 15 Final incl_Full\crack\IDMan.exe"
sh=32CC1AA8C4FEBF2B6879D6D4F8DB45A97F08FCC5 ft=1 fh=11d5bf6ca24c9fa5 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Media player Classic\codec.exe"
sh=B8A4727758572DD1A6D676267C2D8854E8A3DB50 ft=1 fh=f9b5d60fec5b5251 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Media player Classic\mplayerc.exe"
sh=62D7FE88BAA75C724CC74649022DFAB2130214A3 ft=1 fh=faabb19319b6db6c vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Picasa.3.90.135.81.Portable\Picasa.3.90.135.81.Portable\PicasaPortable.exe"
sh=5545FB01667F0C5ACB6660C9323F227DD78664EE ft=1 fh=be6656e64bedcf1b vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Picasa.3.90.135.81.Portable\Picasa.3.90.135.81.Portable\App\Picasa\moviethumb.exe"
sh=334F46C60D7706509FBEFE6A310B0734E2B690A9 ft=1 fh=2e7429153dd308df vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Picasa.3.90.135.81.Portable\Picasa.3.90.135.81.Portable\App\Picasa\Picasa3.exe"
sh=ABD7E152730211F188130B248F58EBC6F3607F01 ft=1 fh=6dc0093cd5227eed vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Picasa.3.90.135.81.Portable\Picasa.3.90.135.81.Portable\App\Picasa\cdautorun\PicasaCD.exe"
sh=DEBF171ACEAFF0227C21119D2B44A1E6C6EBE930 ft=1 fh=cf37ebb2f3196a6b vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Picasa.3.90.135.81.Portable\Picasa.3.90.135.81.Portable\App\Picasa\cdautorun\PicasaRestore.exe"
sh=2DC8825C51464EB6E0913614D0114ED9F95AB518 ft=1 fh=56379a371df23807 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\Portable Windows XP Live USB Edition\HPUSBFW.EXE"
sh=9A581E5E81E925EC2E46FDC8CE4923DD196CDC54 ft=1 fh=3494fb89697aa95a vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\power iso\PowerISO48.exe"
sh=2C2F266A4A527B83632B3500EE0103DD45A610BD ft=1 fh=3dbf0a0f3d27c760 vn="Win32/Sality.NBA virus" ac=I fn="F:\System Software\tune up\TuneUp Utilities 2012 v12.0\TuneUp Utilities 2012 v12.0.2160.13 + Serials.exe"
sh=80EEF54F3F8D8977D9799B237DC3CF924939D646 ft=1 fh=d964a447e0622a48 vn="Win32/Sality.NBA virus" ac=I fn="F:\WD\WD Apps for Windows\XP64\wic_x64_enu.exe"

[tekkanphan]

security check up

Results of screen317's Security Check version 0.99.64
Windows Vista x86
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java™ 6 Update 2
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.1.85.3 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (3.6.12) Firefox out of Date!
Google Chrome 27.0.1453.94
````````Process Check: objlist.exe by Laurent````````
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 8 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

[tekkanphan]

and the computer is working fine and pretty quick.. but whenever these programmes try to restart the computer,it comes upto hp screen and freezes there. so i have to shut down it forcefully and start again. well otherwise not much problem.

[Jasmyne]

The ESET online scan confirmed that you have been infected by the Sality virus. It is very difficult infection to remove. The following program will need to be run several times and there is no guarantee that the system will be usable after the runs. If even one file is missed in the disinfection, the virus will come back, so it is recommended to reformat your computer and reinstall windows. With either choice it is recommended that you backup any important files that you do not want to loose. Do NOT save any program executables, as they carry a copy of the virus and will just reinfect your new system.

Here are the instructions if wish to attempt to remove the infection, if you would like to reformat and need assistance please let me know.

The following programme may need to be run several times and no guarantee can be given

Download Sality Killer zip to your desktop and extract SalityKiller.exe

Run the utility SalityKiller.exe on the infected computer
A reboot might require after disinfection.

Download the file Sality_RegKeys.zip
unpack the file Sality_RegKeys.zip
run the file Disable_autorun.reg from the archive Sality_RegKeys.zip

Once the scan is over, from the archive Sality_RegKeys.zip run the file of the registry key:

under Windows 2000 run the registry file SafeBootWin200.reg
under Windows XP run the registry file SafeBootWinXP.reg
under Windows 2003 run the registry file SafeBootWinServer2003.reg
under Windows Vista / 2008 run the registry file SafebootVista.reg
under Windows 7 / 2008 R2 run the registry file SafebootWin7.reg

[tekkanphan]

i have some questions.

1) what do you mean that there is no guarantee that computer will be usable after running the programme. will the computer start or not?
can i format the laptop after first trying the above fix?

2) what does the salinity virus do? can i keep using the laptop without removing the virus? as i did until now.

3) i am using an external hard disk continuously with my laptop. are the files in there infected too?i keep all my suff in the hard disk. i hav nowhere else to back up ,except that.

[Jasmyne]

i have some questions.

1) what do you mean that there is no guarantee that computer will be usable after running the programme. will the computer start or not?
can i format the laptop after first trying the above fix?

2) what does the salinity virus do? can i keep using the laptop without removing the virus? as i did until now.

3) i am using an external hard disk continuously with my laptop. are the files in there infected too?i keep all my suff in the hard disk. i hav nowhere else to back up ,except that.

I'll try to answer these as best I can for you. The Sality virus infects executable file, any files with the extension .scr or .exe. All of the USB drives you scanned previously had infection on them. Anytime you connect any external drive this virus will spread to it and then to any other computers they are used on. Files such as pictures, videos or text documents are not infected by this and are safe to keep.

This virus can spread rapidly, ESET showed 1040 files already infected with it. If it has infected system files, after the fix it is likely the computer may not boot. If you have your Windows CD if the computer fails to boot after the fix you will be able to boot from the CD and reinstall.

It is highly NOT recommended that you keep using the laptop as it is now and if you share any information with others with removable drives or email you will have the potential of spreading the virus to others. Once the infection spreads to a certain point is likely your laptop will be unusable because of the infection.

I hope that helped answer some of your questions. If you have any more feel free to ask.

[tekkanphan]

so my external hard disk is infected too. so how can i back up the files in this external hard disk. i dont have any other backup source.
can i use the above fix on the hard disk first and clean it? then i will remove it and can reformat the laptop.
by the way i dont have windows cd. i have to reformat from laptop hp recovery drive:(